unable to load SSL private key
Created by: rijvirajib
This was working a while ago, so there has been no code changes, it just won't run properly now:
I have the piwik server running with this docker-compose (note, updates to expose 80 for haproxy):
version: '2'
networks:
lb_web:
external: true
back:
driver: bridge
services:
db:
image: mysql
volumes:
- ./mysql/runtime:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD
networks:
- back
app:
image: piwik:fpm
links:
- db
volumes:
- ./config:/var/www/html/config
networks:
- back
web:
image: nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
links:
- app
volumes_from:
- app
environment:
- VIRTUAL_HOST
networks:
- back
- lb_web
expose:
- 80
cron:
image: piwik:fpm
links:
- db
volumes_from:
- app
entrypoint: |
bash -c 'bash -s <<EOF
trap "break;exit" SIGHUP SIGINT SIGTERM
while /bin/true; do
su -s "/bin/bash" -c "/usr/local/bin/php /var/www/html/console core:archive" www-data
sleep 3600
done
EOF'
networks:
- back
docker ps
:
ubuntu@ip-10-0-0-37:~/haproxy$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a20afa6bdee0 nginx "nginx -g 'daemon ..." 4 minutes ago Up About a minute 80/tcp dockerpiwik_web_1
75d981dd0344 indiehosters/ocsp "cron -f" 12 minutes ago Up 8 minutes haproxy_ocsp_1
e47547839d86 jwilder/docker-gen "/usr/local/bin/do..." 12 minutes ago Up 8 minutes haproxy_discovery_1
7b6fce04d70c nginx "nginx -g 'daemon ..." 12 minutes ago Up 8 minutes 80/tcp haproxy_letsencrypt-web_1
da0b94fdaf24 piwik:fpm "bash -c 'bash -s ..." 13 minutes ago Up About a minute 9000/tcp dockerpiwik_cron_1
b066571afa57 piwik:fpm "/entrypoint.sh ph..." 13 minutes ago Up About a minute 9000/tcp dockerpiwik_app_1
c9d078314cfa mysql "docker-entrypoint..." 13 minutes ago Up About a minute 3306/tcp dockerpiwik_db_1
Commands to run:
First run haproxy: VIRTUAL_HOST=special.rij.co docker-compose up -d
The run docker-piwik: MYSQL_ROOT_PASSWORD=mysqlpasswqord docker-compose up -d
Errors on haproxy:
haproxy_1 | ./certs/ MODIFY special.rij.co.pem
haproxy_1 | ++ cat /var/run/haproxy.pid
haproxy_1 | + haproxy -f /etc/haproxy/haproxy.cfg -D -p /var/run/haproxy.pid -sf 14
haproxy_1 | [ALERT] 317/172631 (17) : parsing [/etc/haproxy/haproxy.cfg:26] : 'bind *:443' : unable to load SSL private key from PEM file '/etc/haproxy/certs/special.rij.co.pem'.
haproxy_1 | [ALERT] 317/172631 (17) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
haproxy_1 | [ALERT] 317/172631 (17) : Fatal errors found in configuration.
letsencrypt_1 | [Tue Nov 14 17:26:31 UTC 2017] Reload success
letsencrypt_1 | [Tue Nov 14 17:26:31 UTC 2017] ===End cron===
letsencrypt_1 | + inotifywait .
discovery_1 | 2017/11/14 17:26:31 Received event die for container 756bec2566af
letsencrypt_1 | Setting up watches.
letsencrypt_1 | Watches established.
haproxy_haproxy_1 exited with code 1