I am running nginx with letsencrypt behind a NAT. The nginx is generally not accessible from the outside but for getting the certificate I have to open port 80 forwarded to nginx. To automate this the letsencrypt_service should open a port in the nat.
I wrote a simple server&client to do this
- the server has to run on the docker host which runs nginx (since dockers can't send the required packets to the router). The server itself opens ports in the NAT mapping
- the client calls the server via RPC from inside the docker container
The source for the server & client can be found on flo80/portmapper.
Included in portmapping.zip
- a patch file for
letsencrypt_service
- a simple Dockerfile to implement a patch and copy over the required files is attached
- a multi-stage Dockerfile to also build the client
In creating the container, one additional environment variable is set PORTMAPPER=${IP_ADDRESS}:7777 (port 7777 needs to be adapted to actual port the server is running)
I am running nginx with letsencrypt behind a NAT. The nginx is generally not accessible from the outside but for getting the certificate I have to open port 80 forwarded to nginx. To automate this the letsencrypt_service should open a port in the nat.
I wrote a simple server&client to do this
The source for the server & client can be found on flo80/portmapper.
Included in portmapping.zip
letsencrypt_serviceIn creating the container, one additional environment variable is set
PORTMAPPER=${IP_ADDRESS}:7777(port 7777 needs to be adapted to actual port the server is running)