I get an error by certbot, that the connection has been refused while trying to create a certificate. I checked the DNS entry and it has the correct server IP.
When I try to call up the domain, the browser also shows a connection refused. At least nginx should be running correctly and show wordpress I would guess? Why is my connecting being refused?
MPORTANT NOTES:
certbot | - The following errors were reported by the server:
certbot |
certbot | Domain: retronexus.net
certbot | Type: connection
certbot | Detail: Fetching
certbot | http://retronexus.net/.well-known/acme-challenge/YQzSQsdAAhqG45A5xAL3tJ4dMrsmTVfcKQVGNzT1lvs:
certbot | Connection refused
certbot |
certbot | Domain: www.retronexus.net
certbot | Type: connection
certbot | Detail: Fetching
certbot | http://www.retronexus.net/.well-known/acme-challenge/K-KuvzQCJWC-k_2VyJJoeSmP1HQcZE71g6giBvWSCJs:
certbot | Connection refused
certbot |
certbot | To fix these errors, please make sure that your domain name was
certbot | entered correctly and the DNS A/AAAA record(s) for that domain
certbot | contain(s) the right IP address. Additionally, please check that
certbot | your computer has a publicly routable IP address and that no
certbot | firewalls are preventing the server from communicating with the
certbot | client. If you're using the webroot plugin, you should also verify
certbot | that you are serving files from the webroot path you provided.
also when I ping the domain, I get the correct IP displayed. Is there any other configuration to be made?
The DockerCompose file:
version: '3'
services:
db:
image: mysql:8.0
container_name: db
restart: unless-stopped
env_file: .env
volumes:
- dbdata:/var/lib/mysql
command: '--default-authentication-plugin=mysql_native_password'
networks:
- rn-network
wordpress:
depends_on:
- db
image: wordpress:5.5.3-fpm-alpine
container_name: wordpress
restart: unless-stopped
env_file: .env
environment:
- WORDPRESS_DB_HOST=db:3306
- WORDPRESS_DB_USER=$MYSQL_USER
- WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
- WORDPRESS_DB_NAME=$MYSQL_DATABASE
volumes:
- wordpress:/var/www/html
- ./wordpress/wp-content:/var/www/html/wp-content
- ./wordpress/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
networks:
- rn-network
webserver:
depends_on:
- wordpress
image: nginx:1.15.12-alpine
container_name: webserver
restart: unless-stopped
ports:
- "80:80"
volumes:
- wordpress:/var/www/html
- ./wordpress/wp-content:/var/www/html/wp-content
- ./wordpress/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
- ./nginx-conf:/etc/nginx/conf.d
- certbot-etc:/etc/letsencrypt
networks:
- rn-network
certbot:
depends_on:
- webserver
image: certbot/certbot
container_name: certbot
volumes:
- certbot-etc:/etc/letsencrypt
- wordpress:/var/www/html
command: certonly --webroot --webroot-path=/var/www/html --email EMAIL --agree-tos --no-eff-email --staging -d retronexus.net -d www.retronexus.net
volumes:
certbot-etc:
wordpress:
dbdata:
networks:
rn-network:
driver: bridge
The nginx config
server {
listen 80;
listen [::]:80;
server_name retronexus.net www.retronexus.net;
index index.php index.html index.htm;
root /var/www/html;
location ~ /.well-known/acme-challenge {
allow all;
root /var/www/html;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off; access_log off;
}
location = /robots.txt {
log_not_found off; access_log off; allow all;
}
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
}
