Expose port in docker-compose or configure second letsencrypt certificateExposing a port on a live Docker containerParsing error on salt docker-formula while using composeng“nginx-proxy” docker image socket volume not mountedWhat is the difference between docker-compose ports vs exposeLetsEncrypt in a Docker (docker-compose) app container not workingGitlab Docker container behind reverse ProxyDocker multisite SSL certificates all have same emailNginx Reverse Proxy with Docker LetsEncryptUnderstanding Docker Compose Nginx-Proxy with Docker-Alpine-Python-Flasknginx docker compose redirect delay

Where is Jon going?

Job Market: should one hide their (young) age?

Why isn't Tyrion mentioned in the in-universe book "A Song of Ice and Fire"?

Which European Languages are not Indo-European?

What could a self-sustaining lunar colony slowly lose that would ultimately prove fatal?

What's difference between "depends on" and "is blocked by" relations between issues in Jira next-gen board?

How to deal with a colleague who is being aggressive?

Why are Stein manifolds/spaces the analog of affine varieties/schemes in algebraic geometry?

SFDX: where can set Field-level security and accessibility?

How to melt snow without fire or body heat?

Security vulnerabilities of POST over SSL

Why do Russians almost not use verbs of possession akin to "have"?

Translation of “with that”

Can a person survive on blood in place of water?

Why haven't we yet tried accelerating a space station with people inside to a near light speed?

Why did Jon Snow do this immoral act if he is so honorable?

Is there a simple example that empirical evidence is misleading?

Is it possible to prohibit all prohibitable schools of magic with a single character?

How can I tell if I'm being too picky as a referee?

What does kpsewhich stand for?

How to patch glass cuts in a bicycle tire?

Writing style before Elements of Style

Does French have the English "short i" vowel?

What Armor Optimization applies to a Mithral full plate?



Expose port in docker-compose or configure second letsencrypt certificate


Exposing a port on a live Docker containerParsing error on salt docker-formula while using composeng“nginx-proxy” docker image socket volume not mountedWhat is the difference between docker-compose ports vs exposeLetsEncrypt in a Docker (docker-compose) app container not workingGitlab Docker container behind reverse ProxyDocker multisite SSL certificates all have same emailNginx Reverse Proxy with Docker LetsEncryptUnderstanding Docker Compose Nginx-Proxy with Docker-Alpine-Python-Flasknginx docker compose redirect delay






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








2















I'm running a selfhosted gitlab docker instance, but I'm facing some problems configuring the registry as I do get the error



Error response from daemon: Get https://example.com:4567/v2/: dial tcp <IP>:4567: connect: connection refused


for doing docker login example.com:4567.



  1. So it seems that I have to expose the port 4567 somehow.


  2. An (better) alternative would be to configure a second domain for the registry - like registry.example.com. As you can see below I'm using letsencrypt certificates for my gitlab instance. But how do I get a second certificate for the registry?


This is how my docker-compose looks like - I'm using jwilder/nginx-proxy for my reverse proxy.



docker-compose.yml



gitlab:
 image: gitlab/gitlab-ce:11.9.0-ce.0
 container_name: gitlab
 networks:
 - reverse-proxy
 restart: unless-stopped
 ports:
 - '50022:22'
 volumes:
 - /opt/gitlab/config:/etc/gitlab
 - /opt/gitlab/logs:/var/log/gitlab
 - /opt/gitlab/data:/var/opt/gitlab
 - /opt/nginx/conf.d:/etc/nginx/conf.d
 - /opt/nginx/certs:/etc/nginx/certs:ro
 environment:
 VIRTUAL_HOST: example.com
 VIRTUAL_PROTO: https
 VIRTUAL_PORT: 443
 LETSENCRYPT_HOST: example.com
 LETSENCRYPT_EMAIL: certs@example.com


gitlab.rb



external_url 'https://example.com'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = '/etc/nginx/certs/example.com/fullchain.pem'
nginx['ssl_certificate_key'] = '/etc/nginx/certs/example.com/key.pem'
gitlab_rails['backup_keep_time'] = 604800
gitlab_rails['backup_path'] = '/backups'
gitlab_rails['registry_enabled'] = true

registry_external_url 'https://example.com:4567'
registry_nginx['ssl_certificate'] = "/etc/nginx/certs/example.com/fullchain.pem"
registry_nginx['ssl_certificate_key'] = "/etc/nginx/certs/example.com/key.pem"


For the second alternative it would look like:



registry_external_url 'https://registry.example.com'
registry_nginx['ssl_certificate'] = "/etc/nginx/certs/registry.example.com/fullchain.pem"
registry_nginx['ssl_certificate_key'] = "/etc/nginx/certs/registry.example.com/key.pem"


But how do I set this up in my docker-compose?



Update



Im configuring nginx just via jwilder package, without changing anyhting. So this part of my docker-compose.yml file just looks like this:



services:
 nginx-proxy:
 image: jwilder/nginx-proxy
 container_name: nginx-proxy
 networks:
 - reverse-proxy
 ports:
 - "80:80"
 - "443:443"
 volumes:
 - /opt/nginx-proxy/vhost.d:/etc/nginx/vhost.d:rw
 - /opt/nginx/certs:/etc/nginx/certs:ro
 - html:/usr/share/nginx/html
 - /var/run/docker.sock:/tmp/docker.sock:ro

 nginx-letsencrypt:
 image: jrcs/letsencrypt-nginx-proxy-companion
 container_name: nginx-letsencrypt
 networks:
 - reverse-proxy
 depends_on:
 - nginx-proxy
 volumes:
 - /opt/nginx-proxy/vhost.d:/etc/nginx/vhost.d:rw
 - html:/usr/share/nginx/html
 - /opt/nginx/certs:/etc/nginx/certs:rw
 - /var/run/docker.sock:/var/run/docker.sock:rw
 environment:
 NGINX_PROXY_CONTAINER: "nginx-proxy"





docker docker-compose gitlab lets-encrypt







share|improve this question
























  • I understand that you have a domain example.com configured to point on your machine hosting Gitlab in Docker and a reverse proxy with nginx, is that correct? If so, can you upload the related nginx config?

    – Pierre B.
    Mar 26 at 11:07











  • @PierreB. I'm using the jwilder package which configures nginx. I don't have to change anything...

    – user3142695
    Mar 26 at 12:40











  • What's your jwilder/nginx-proxy config then? (which host do you configure?) it may be an issue with the proxy config which does not expose the port properly

    – Pierre B.
    Mar 26 at 13:46











  • @PierreB. Just updated the post to show how I'm running nginx proxy. I don't configure anything else. Just running the docker-compose on my ubuntu server and that's it. Everything is working beside the registry stuff...

    – user3142695
    Mar 26 at 13:58











  • Thanks for the details, I tried to provide some leads in my answer

    – Pierre B.
    Mar 26 at 17:34

















2















I'm running a selfhosted gitlab docker instance, but I'm facing some problems configuring the registry as I do get the error



Error response from daemon: Get https://example.com:4567/v2/: dial tcp <IP>:4567: connect: connection refused


for doing docker login example.com:4567.



  1. So it seems that I have to expose the port 4567 somehow.


  2. An (better) alternative would be to configure a second domain for the registry - like registry.example.com. As you can see below I'm using letsencrypt certificates for my gitlab instance. But how do I get a second certificate for the registry?


This is how my docker-compose looks like - I'm using jwilder/nginx-proxy for my reverse proxy.



docker-compose.yml



gitlab:
 image: gitlab/gitlab-ce:11.9.0-ce.0
 container_name: gitlab
 networks:
 - reverse-proxy
 restart: unless-stopped
 ports:
 - '50022:22'
 volumes:
 - /opt/gitlab/config:/etc/gitlab
 - /opt/gitlab/logs:/var/log/gitlab
 - /opt/gitlab/data:/var/opt/gitlab
 - /opt/nginx/conf.d:/etc/nginx/conf.d
 - /opt/nginx/certs:/etc/nginx/certs:ro
 environment:
 VIRTUAL_HOST: example.com
 VIRTUAL_PROTO: https
 VIRTUAL_PORT: 443
 LETSENCRYPT_HOST: example.com
 LETSENCRYPT_EMAIL: certs@example.com


gitlab.rb



external_url 'https://example.com'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = '/etc/nginx/certs/example.com/fullchain.pem'
nginx['ssl_certificate_key'] = '/etc/nginx/certs/example.com/key.pem'
gitlab_rails['backup_keep_time'] = 604800
gitlab_rails['backup_path'] = '/backups'
gitlab_rails['registry_enabled'] = true

registry_external_url 'https://example.com:4567'
registry_nginx['ssl_certificate'] = "/etc/nginx/certs/example.com/fullchain.pem"
registry_nginx['ssl_certificate_key'] = "/etc/nginx/certs/example.com/key.pem"


For the second alternative it would look like:



registry_external_url 'https://registry.example.com'
registry_nginx['ssl_certificate'] = "/etc/nginx/certs/registry.example.com/fullchain.pem"
registry_nginx['ssl_certificate_key'] = "/etc/nginx/certs/registry.example.com/key.pem"


But how do I set this up in my docker-compose?



Update



Im configuring nginx just via jwilder package, without changing anyhting. So this part of my docker-compose.yml file just looks like this:



services:
 nginx-proxy:
 image: jwilder/nginx-proxy
 container_name: nginx-proxy
 networks:
 - reverse-proxy
 ports:
 - "80:80"
 - "443:443"
 volumes:
 - /opt/nginx-proxy/vhost.d:/etc/nginx/vhost.d:rw
 - /opt/nginx/certs:/etc/nginx/certs:ro
 - html:/usr/share/nginx/html
 - /var/run/docker.sock:/tmp/docker.sock:ro

 nginx-letsencrypt:
 image: jrcs/letsencrypt-nginx-proxy-companion
 container_name: nginx-letsencrypt
 networks:
 - reverse-proxy
 depends_on:
 - nginx-proxy
 volumes:
 - /opt/nginx-proxy/vhost.d:/etc/nginx/vhost.d:rw
 - html:/usr/share/nginx/html
 - /opt/nginx/certs:/etc/nginx/certs:rw
 - /var/run/docker.sock:/var/run/docker.sock:rw
 environment:
 NGINX_PROXY_CONTAINER: "nginx-proxy"





docker docker-compose gitlab lets-encrypt







share|improve this question
























  • I understand that you have a domain example.com configured to point on your machine hosting Gitlab in Docker and a reverse proxy with nginx, is that correct? If so, can you upload the related nginx config?

    – Pierre B.
    Mar 26 at 11:07











  • @PierreB. I'm using the jwilder package which configures nginx. I don't have to change anything...

    – user3142695
    Mar 26 at 12:40











  • What's your jwilder/nginx-proxy config then? (which host do you configure?) it may be an issue with the proxy config which does not expose the port properly

    – Pierre B.
    Mar 26 at 13:46











  • @PierreB. Just updated the post to show how I'm running nginx proxy. I don't configure anything else. Just running the docker-compose on my ubuntu server and that's it. Everything is working beside the registry stuff...

    – user3142695
    Mar 26 at 13:58











  • Thanks for the details, I tried to provide some leads in my answer

    – Pierre B.
    Mar 26 at 17:34













2












2








2


1






I'm running a selfhosted gitlab docker instance, but I'm facing some problems configuring the registry as I do get the error



Error response from daemon: Get https://example.com:4567/v2/: dial tcp <IP>:4567: connect: connection refused


for doing docker login example.com:4567.



  1. So it seems that I have to expose the port 4567 somehow.


  2. An (better) alternative would be to configure a second domain for the registry - like registry.example.com. As you can see below I'm using letsencrypt certificates for my gitlab instance. But how do I get a second certificate for the registry?


This is how my docker-compose looks like - I'm using jwilder/nginx-proxy for my reverse proxy.



docker-compose.yml



gitlab:
 image: gitlab/gitlab-ce:11.9.0-ce.0
 container_name: gitlab
 networks:
 - reverse-proxy
 restart: unless-stopped
 ports:
 - '50022:22'
 volumes:
 - /opt/gitlab/config:/etc/gitlab
 - /opt/gitlab/logs:/var/log/gitlab
 - /opt/gitlab/data:/var/opt/gitlab
 - /opt/nginx/conf.d:/etc/nginx/conf.d
 - /opt/nginx/certs:/etc/nginx/certs:ro
 environment:
 VIRTUAL_HOST: example.com
 VIRTUAL_PROTO: https
 VIRTUAL_PORT: 443
 LETSENCRYPT_HOST: example.com
 LETSENCRYPT_EMAIL: certs@example.com


gitlab.rb



external_url 'https://example.com'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = '/etc/nginx/certs/example.com/fullchain.pem'
nginx['ssl_certificate_key'] = '/etc/nginx/certs/example.com/key.pem'
gitlab_rails['backup_keep_time'] = 604800
gitlab_rails['backup_path'] = '/backups'
gitlab_rails['registry_enabled'] = true

registry_external_url 'https://example.com:4567'
registry_nginx['ssl_certificate'] = "/etc/nginx/certs/example.com/fullchain.pem"
registry_nginx['ssl_certificate_key'] = "/etc/nginx/certs/example.com/key.pem"


For the second alternative it would look like:



registry_external_url 'https://registry.example.com'
registry_nginx['ssl_certificate'] = "/etc/nginx/certs/registry.example.com/fullchain.pem"
registry_nginx['ssl_certificate_key'] = "/etc/nginx/certs/registry.example.com/key.pem"


But how do I set this up in my docker-compose?



Update



Im configuring nginx just via jwilder package, without changing anyhting. So this part of my docker-compose.yml file just looks like this:



services:
 nginx-proxy:
 image: jwilder/nginx-proxy
 container_name: nginx-proxy
 networks:
 - reverse-proxy
 ports:
 - "80:80"
 - "443:443"
 volumes:
 - /opt/nginx-proxy/vhost.d:/etc/nginx/vhost.d:rw
 - /opt/nginx/certs:/etc/nginx/certs:ro
 - html:/usr/share/nginx/html
 - /var/run/docker.sock:/tmp/docker.sock:ro

 nginx-letsencrypt:
 image: jrcs/letsencrypt-nginx-proxy-companion
 container_name: nginx-letsencrypt
 networks:
 - reverse-proxy
 depends_on:
 - nginx-proxy
 volumes:
 - /opt/nginx-proxy/vhost.d:/etc/nginx/vhost.d:rw
 - html:/usr/share/nginx/html
 - /opt/nginx/certs:/etc/nginx/certs:rw
 - /var/run/docker.sock:/var/run/docker.sock:rw
 environment:
 NGINX_PROXY_CONTAINER: "nginx-proxy"





docker docker-compose gitlab lets-encrypt







share|improve this question
















I'm running a selfhosted gitlab docker instance, but I'm facing some problems configuring the registry as I do get the error



Error response from daemon: Get https://example.com:4567/v2/: dial tcp <IP>:4567: connect: connection refused


for doing docker login example.com:4567.



  1. So it seems that I have to expose the port 4567 somehow.


  2. An (better) alternative would be to configure a second domain for the registry - like registry.example.com. As you can see below I'm using letsencrypt certificates for my gitlab instance. But how do I get a second certificate for the registry?


This is how my docker-compose looks like - I'm using jwilder/nginx-proxy for my reverse proxy.



docker-compose.yml



gitlab:
 image: gitlab/gitlab-ce:11.9.0-ce.0
 container_name: gitlab
 networks:
 - reverse-proxy
 restart: unless-stopped
 ports:
 - '50022:22'
 volumes:
 - /opt/gitlab/config:/etc/gitlab
 - /opt/gitlab/logs:/var/log/gitlab
 - /opt/gitlab/data:/var/opt/gitlab
 - /opt/nginx/conf.d:/etc/nginx/conf.d
 - /opt/nginx/certs:/etc/nginx/certs:ro
 environment:
 VIRTUAL_HOST: example.com
 VIRTUAL_PROTO: https
 VIRTUAL_PORT: 443
 LETSENCRYPT_HOST: example.com
 LETSENCRYPT_EMAIL: certs@example.com


gitlab.rb



external_url 'https://example.com'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = '/etc/nginx/certs/example.com/fullchain.pem'
nginx['ssl_certificate_key'] = '/etc/nginx/certs/example.com/key.pem'
gitlab_rails['backup_keep_time'] = 604800
gitlab_rails['backup_path'] = '/backups'
gitlab_rails['registry_enabled'] = true

registry_external_url 'https://example.com:4567'
registry_nginx['ssl_certificate'] = "/etc/nginx/certs/example.com/fullchain.pem"
registry_nginx['ssl_certificate_key'] = "/etc/nginx/certs/example.com/key.pem"


For the second alternative it would look like:



registry_external_url 'https://registry.example.com'
registry_nginx['ssl_certificate'] = "/etc/nginx/certs/registry.example.com/fullchain.pem"
registry_nginx['ssl_certificate_key'] = "/etc/nginx/certs/registry.example.com/key.pem"


But how do I set this up in my docker-compose?



Update



Im configuring nginx just via jwilder package, without changing anyhting. So this part of my docker-compose.yml file just looks like this:



services:
 nginx-proxy:
 image: jwilder/nginx-proxy
 container_name: nginx-proxy
 networks:
 - reverse-proxy
 ports:
 - "80:80"
 - "443:443"
 volumes:
 - /opt/nginx-proxy/vhost.d:/etc/nginx/vhost.d:rw
 - /opt/nginx/certs:/etc/nginx/certs:ro
 - html:/usr/share/nginx/html
 - /var/run/docker.sock:/tmp/docker.sock:ro

 nginx-letsencrypt:
 image: jrcs/letsencrypt-nginx-proxy-companion
 container_name: nginx-letsencrypt
 networks:
 - reverse-proxy
 depends_on:
 - nginx-proxy
 volumes:
 - /opt/nginx-proxy/vhost.d:/etc/nginx/vhost.d:rw
 - html:/usr/share/nginx/html
 - /opt/nginx/certs:/etc/nginx/certs:rw
 - /var/run/docker.sock:/var/run/docker.sock:rw
 environment:
 NGINX_PROXY_CONTAINER: "nginx-proxy"





docker docker-compose gitlab lets-encrypt




docker docker-compose gitlab lets-encrypt






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Mar 26 at 13:56







user3142695

















asked Mar 24 at 0:59









user3142695user3142695

1,9901249140




1,9901249140












  • I understand that you have a domain example.com configured to point on your machine hosting Gitlab in Docker and a reverse proxy with nginx, is that correct? If so, can you upload the related nginx config?

    – Pierre B.
    Mar 26 at 11:07











  • @PierreB. I'm using the jwilder package which configures nginx. I don't have to change anything...

    – user3142695
    Mar 26 at 12:40











  • What's your jwilder/nginx-proxy config then? (which host do you configure?) it may be an issue with the proxy config which does not expose the port properly

    – Pierre B.
    Mar 26 at 13:46











  • @PierreB. Just updated the post to show how I'm running nginx proxy. I don't configure anything else. Just running the docker-compose on my ubuntu server and that's it. Everything is working beside the registry stuff...

    – user3142695
    Mar 26 at 13:58











  • Thanks for the details, I tried to provide some leads in my answer

    – Pierre B.
    Mar 26 at 17:34

















  • I understand that you have a domain example.com configured to point on your machine hosting Gitlab in Docker and a reverse proxy with nginx, is that correct? If so, can you upload the related nginx config?

    – Pierre B.
    Mar 26 at 11:07











  • @PierreB. I'm using the jwilder package which configures nginx. I don't have to change anything...

    – user3142695
    Mar 26 at 12:40











  • What's your jwilder/nginx-proxy config then? (which host do you configure?) it may be an issue with the proxy config which does not expose the port properly

    – Pierre B.
    Mar 26 at 13:46











  • @PierreB. Just updated the post to show how I'm running nginx proxy. I don't configure anything else. Just running the docker-compose on my ubuntu server and that's it. Everything is working beside the registry stuff...

    – user3142695
    Mar 26 at 13:58











  • Thanks for the details, I tried to provide some leads in my answer

    – Pierre B.
    Mar 26 at 17:34
















I understand that you have a domain example.com configured to point on your machine hosting Gitlab in Docker and a reverse proxy with nginx, is that correct? If so, can you upload the related nginx config?

– Pierre B.
Mar 26 at 11:07





I understand that you have a domain example.com configured to point on your machine hosting Gitlab in Docker and a reverse proxy with nginx, is that correct? If so, can you upload the related nginx config?

– Pierre B.
Mar 26 at 11:07













@PierreB. I'm using the jwilder package which configures nginx. I don't have to change anything...

– user3142695
Mar 26 at 12:40





@PierreB. I'm using the jwilder package which configures nginx. I don't have to change anything...

– user3142695
Mar 26 at 12:40













What's your jwilder/nginx-proxy config then? (which host do you configure?) it may be an issue with the proxy config which does not expose the port properly

– Pierre B.
Mar 26 at 13:46





What's your jwilder/nginx-proxy config then? (which host do you configure?) it may be an issue with the proxy config which does not expose the port properly

– Pierre B.
Mar 26 at 13:46













@PierreB. Just updated the post to show how I'm running nginx proxy. I don't configure anything else. Just running the docker-compose on my ubuntu server and that's it. Everything is working beside the registry stuff...

– user3142695
Mar 26 at 13:58





@PierreB. Just updated the post to show how I'm running nginx proxy. I don't configure anything else. Just running the docker-compose on my ubuntu server and that's it. Everything is working beside the registry stuff...

– user3142695
Mar 26 at 13:58













Thanks for the details, I tried to provide some leads in my answer

– Pierre B.
Mar 26 at 17:34





Thanks for the details, I tried to provide some leads in my answer

– Pierre B.
Mar 26 at 17:34












1 Answer
1






active

oldest

votes


















3





+25









TL; DR:




So it seems that I have to expose the port 4567 somehow.




Yes, however jwilder/nginx-proxy does not support more than one port per virtual host and port 443 is already exposed. There is a pull request for that feature but it has not been merged yet. You'll need to expose this port another way (see below)



You are using jwilder/nginx-proxy as reverse proxy to access a Gitlab instance in a container but with your current configuration onlyport 443 is exposed:



environment:
 VIRTUAL_HOST: example.com
 VIRTUAL_PROTO: https
 VIRTUAL_PORT: 443


All other Gitlab services (including the registry on port 4567) are not proxied and therefore not reachable through example.com.



Unfortunately it is not possible yet to expose multiple port on a single hostname with jwilder/nginx-proxy. There is a pull request open for that use case but it had not been merged yet (you are not the only one with this kind of issue).




An (better) alternative would be to configure a second domain for the registry




This won't work if you keep using jwilder/nginx-proxy as even if you changed registry_external_url, you'll still be stuck with the port issue, and you cannot allocate the same port to two different services.



What you can do:



  • vote and comment for mentioned PR to be merged :)

  • try to build the Docker image from mentionned pull request's fork and configure your compose with something like VIRTUAL_HOST=example.com:443,example.com:4567

  • configure a reverse proxy manually fort port 4567 - you may wind-up a plain nginx container in addition with your current configuration which would specifically do this, or re-configure your entire proxying scheme without using jwilder images

  • update your configuration to expose example.com:4567 instead of example.com:443 but you'll lose HTTPS access. (though it's probably not what you are looking for)

I am aware this does not provide a finite solution but I hope it helps.






share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function ()
    StackExchange.using("externalEditor", function ()
    StackExchange.using("snippets", function ()
    StackExchange.snippets.init();
    );
    );
    , "code-snippets");

    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "1"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55319812%2fexpose-port-in-docker-compose-or-configure-second-letsencrypt-certificate%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    3





    +25









    TL; DR:




    So it seems that I have to expose the port 4567 somehow.




    Yes, however jwilder/nginx-proxy does not support more than one port per virtual host and port 443 is already exposed. There is a pull request for that feature but it has not been merged yet. You'll need to expose this port another way (see below)



    You are using jwilder/nginx-proxy as reverse proxy to access a Gitlab instance in a container but with your current configuration onlyport 443 is exposed:



    environment:
     VIRTUAL_HOST: example.com
     VIRTUAL_PROTO: https
     VIRTUAL_PORT: 443


    All other Gitlab services (including the registry on port 4567) are not proxied and therefore not reachable through example.com.



    Unfortunately it is not possible yet to expose multiple port on a single hostname with jwilder/nginx-proxy. There is a pull request open for that use case but it had not been merged yet (you are not the only one with this kind of issue).




    An (better) alternative would be to configure a second domain for the registry




    This won't work if you keep using jwilder/nginx-proxy as even if you changed registry_external_url, you'll still be stuck with the port issue, and you cannot allocate the same port to two different services.



    What you can do:



    • vote and comment for mentioned PR to be merged :)

    • try to build the Docker image from mentionned pull request's fork and configure your compose with something like VIRTUAL_HOST=example.com:443,example.com:4567

    • configure a reverse proxy manually fort port 4567 - you may wind-up a plain nginx container in addition with your current configuration which would specifically do this, or re-configure your entire proxying scheme without using jwilder images

    • update your configuration to expose example.com:4567 instead of example.com:443 but you'll lose HTTPS access. (though it's probably not what you are looking for)

    I am aware this does not provide a finite solution but I hope it helps.






    share|improve this answer



























      3





      +25









      TL; DR:




      So it seems that I have to expose the port 4567 somehow.




      Yes, however jwilder/nginx-proxy does not support more than one port per virtual host and port 443 is already exposed. There is a pull request for that feature but it has not been merged yet. You'll need to expose this port another way (see below)



      You are using jwilder/nginx-proxy as reverse proxy to access a Gitlab instance in a container but with your current configuration onlyport 443 is exposed:



      environment:
       VIRTUAL_HOST: example.com
       VIRTUAL_PROTO: https
       VIRTUAL_PORT: 443


      All other Gitlab services (including the registry on port 4567) are not proxied and therefore not reachable through example.com.



      Unfortunately it is not possible yet to expose multiple port on a single hostname with jwilder/nginx-proxy. There is a pull request open for that use case but it had not been merged yet (you are not the only one with this kind of issue).




      An (better) alternative would be to configure a second domain for the registry




      This won't work if you keep using jwilder/nginx-proxy as even if you changed registry_external_url, you'll still be stuck with the port issue, and you cannot allocate the same port to two different services.



      What you can do:



      • vote and comment for mentioned PR to be merged :)

      • try to build the Docker image from mentionned pull request's fork and configure your compose with something like VIRTUAL_HOST=example.com:443,example.com:4567

      • configure a reverse proxy manually fort port 4567 - you may wind-up a plain nginx container in addition with your current configuration which would specifically do this, or re-configure your entire proxying scheme without using jwilder images

      • update your configuration to expose example.com:4567 instead of example.com:443 but you'll lose HTTPS access. (though it's probably not what you are looking for)

      I am aware this does not provide a finite solution but I hope it helps.






      share|improve this answer

























        3





        +25







        3





        +25



        3




        +25





        TL; DR:




        So it seems that I have to expose the port 4567 somehow.




        Yes, however jwilder/nginx-proxy does not support more than one port per virtual host and port 443 is already exposed. There is a pull request for that feature but it has not been merged yet. You'll need to expose this port another way (see below)



        You are using jwilder/nginx-proxy as reverse proxy to access a Gitlab instance in a container but with your current configuration onlyport 443 is exposed:



        environment:
         VIRTUAL_HOST: example.com
         VIRTUAL_PROTO: https
         VIRTUAL_PORT: 443


        All other Gitlab services (including the registry on port 4567) are not proxied and therefore not reachable through example.com.



        Unfortunately it is not possible yet to expose multiple port on a single hostname with jwilder/nginx-proxy. There is a pull request open for that use case but it had not been merged yet (you are not the only one with this kind of issue).




        An (better) alternative would be to configure a second domain for the registry




        This won't work if you keep using jwilder/nginx-proxy as even if you changed registry_external_url, you'll still be stuck with the port issue, and you cannot allocate the same port to two different services.



        What you can do:



        • vote and comment for mentioned PR to be merged :)

        • try to build the Docker image from mentionned pull request's fork and configure your compose with something like VIRTUAL_HOST=example.com:443,example.com:4567

        • configure a reverse proxy manually fort port 4567 - you may wind-up a plain nginx container in addition with your current configuration which would specifically do this, or re-configure your entire proxying scheme without using jwilder images

        • update your configuration to expose example.com:4567 instead of example.com:443 but you'll lose HTTPS access. (though it's probably not what you are looking for)

        I am aware this does not provide a finite solution but I hope it helps.






        share|improve this answer













        TL; DR:




        So it seems that I have to expose the port 4567 somehow.




        Yes, however jwilder/nginx-proxy does not support more than one port per virtual host and port 443 is already exposed. There is a pull request for that feature but it has not been merged yet. You'll need to expose this port another way (see below)



        You are using jwilder/nginx-proxy as reverse proxy to access a Gitlab instance in a container but with your current configuration onlyport 443 is exposed:



        environment:
         VIRTUAL_HOST: example.com
         VIRTUAL_PROTO: https
         VIRTUAL_PORT: 443


        All other Gitlab services (including the registry on port 4567) are not proxied and therefore not reachable through example.com.



        Unfortunately it is not possible yet to expose multiple port on a single hostname with jwilder/nginx-proxy. There is a pull request open for that use case but it had not been merged yet (you are not the only one with this kind of issue).




        An (better) alternative would be to configure a second domain for the registry




        This won't work if you keep using jwilder/nginx-proxy as even if you changed registry_external_url, you'll still be stuck with the port issue, and you cannot allocate the same port to two different services.



        What you can do:



        • vote and comment for mentioned PR to be merged :)

        • try to build the Docker image from mentionned pull request's fork and configure your compose with something like VIRTUAL_HOST=example.com:443,example.com:4567

        • configure a reverse proxy manually fort port 4567 - you may wind-up a plain nginx container in addition with your current configuration which would specifically do this, or re-configure your entire proxying scheme without using jwilder images

        • update your configuration to expose example.com:4567 instead of example.com:443 but you'll lose HTTPS access. (though it's probably not what you are looking for)

        I am aware this does not provide a finite solution but I hope it helps.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Mar 26 at 17:33









        Pierre B.Pierre B.

        2,40011127




        2,40011127





























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55319812%2fexpose-port-in-docker-compose-or-configure-second-letsencrypt-certificate%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Kamusi Yaliyomo Aina za kamusi | Muundo wa kamusi | Faida za kamusi | Dhima ya picha katika kamusi | Marejeo | Tazama pia | Viungo vya nje | UrambazajiKuhusu kamusiGo-SwahiliWiki-KamusiKamusi ya Kiswahili na Kiingerezakuihariri na kuongeza habari

            Image
            Pages using ISBN magic linksMbegu za lughaKamusiIsimu nenoKiarabukitabulughaKiswahilialfabetimaanaufafanuzimanenomuhtasarisarufividahizoalfabeti Kamusi Kutoka Wikipedia, kamusi elezo huru Jump to navigation Jump to search Kamusi za Kiswahili Kamusi ya Kiswahili-Kiswahili (kamusi wahidiya) Kamusi ya Kiswahili - Kiingereza (kamusi thania) Kamusi (kutoka neno la Kiarabu قاموس qamus ) ni kitabu ambacho kinaorodhesha maneno ya lugha yaliyokusanywa kutoka kwa watumiaji wa lugha fulani, kwa mfano lugha ya Kiswahili. Maneno hupangwa kwa mtindo wa alfabeti, hutoa maana, asili na ufafanuzi wa utumizi wa maneno na jinsi yanavyotumika au yanavyotamkwa. [1] Yaliyomo 1 Aina za kamusi 2 Muundo wa kamusi 2.1 1. Utangulizi wa kamusi 2.2 2. Matini ya kamusi 2.3 3. Sherehe ya kamusi 3 Faida za kamusi 4 Dhima ya picha katika kamusi 5 Marejeo 6 Tazama pia 7 Viungo vya nje Aina za kamusi | Kuna aina mbalimbali za kamusi ambazo ni: Kamusi wahidiya yaani ya l
            Read more

            Swift 4 - func physicsWorld not invoked on collision? The Next CEO of Stack OverflowHow to call Objective-C code from Swift#ifdef replacement in the Swift language@selector() in Swift?#pragma mark in Swift?Swift for loop: for index, element in array?dispatch_after - GCD in Swift?Swift Beta performance: sorting arraysSplit a String into an array in Swift?The use of Swift 3 @objc inference in Swift 4 mode is deprecated?How to optimize UITableViewCell, because my UITableView lags

            Image
            Strange use of "whether ... than ..." in official text Could a dragon use its wings to swim? Car headlights in a world without electricity How to avoid supervisors with prejudiced views? Is the offspring between a demon and a celestial possible? If so what is it called and is it in a book somewhere? Can I board the first leg of the flight without having final country's PR card? subequations: How to continue numbering within subequation? How do you define an element with an ID attribute using LWC? Relevant Part for a Badminton Serve What CSS properties can the br tag have? What are the unusually-enlarged wing sections on this P-38 Lightning? Why did early computer designers eschew integers? Is it a bad idea to plug the other end of ESD strap to wall ground? Magento 1.9 observer on only new product added ( no updated product ) Airplane gently rocking its wings during whole flight It is correct to match light sources with the same color temperat
            Read more

            Access current req object everywhere in Node.js ExpressWhy are global variables considered bad practice? (node.js)Using req & res across functionsHow do I get the path to the current script with Node.js?What is Node.js' Connect, Express and “middleware”?Node.js w/ express error handling in callbackHow to access the GET parameters after “?” in Express?Modify Node.js req object parametersAccess “app” variable inside of ExpressJS/ConnectJS middleware?Node.js Express app - request objectAngular Http Module considered middleware?Session variables in ExpressJSAdd properties to the req object in expressjs with Typescript

            Image
            What steps should I take to lawfully visit the United States as a tourist immediately after visiting on a B-1 visa? Would dual wielding daggers be a viable choice for a covert bodyguard? For a hashing function like MD5, how similar can two plaintext strings be and still generate the same hash? Using Newton's shell theorem to accelerate a spaceship Why doesn't sea level show seasonality? What prevents someone from claiming to be the murderer in order to get the real murderer off? Has anyone in space seen or photographed a simple laser pointer from Earth? What does (void *)1 mean Why does the U.S. tolerate foreign influence from Saudi Arabia and Israel on its domestic policies while not tolerating that from China or Russia? Modulus Operandi What's the point of having a RAID 1 configuration over incremental backups to a secondary drive? How to ask for a LinkedIn endorsement? Good resources for solving techniques (Metaheuristics, MILP, CP etc) How woul
            Read more