VHost
Overview
- Create the DNS Name
- Configure HAProxy
- Attach to certbot, edit the renewal script in daily, and run the script
- Edit the haproxy config to use the new keyfile
Create the DNS Name
Login to the DNS server and create a CNAME to the proxy02 server
vi some file
some entry
Configure HAProxy
sudo vi /var/lib/docker/volumes/haproxy/_data/haproxy.cfg
frontend https
...
...
acl SOMESERVER-acl hdr(host) SOMESERVER.marietta.edu
use_backend SOMESERVER-backend if SOMESERVER-acl
...
...
backend SOMESERVER-backend
mode http
server SOMESERVER 10.40.1.216:8080 check
Test and reload the config
(see below)
Configure certbot and request a cert
Login to your proxy server and attach to the running certbot
docker exec -it certbot sh
vi /etc/periodic/daily/cert_request
# add to the variable at top
/etc/periodic/daily/cert_request
Configure haproxy to use the new cert
vi /var/lib/docker/volumes/haproxy/_data/haproxy.cfg
# add 'cert path/certname.pem' along with the others
docker kill -s HUP haproxy
Troubleshooting
You can check the config by attaching and running the test parameter
docker exec -it haproxy bash
haproxy -c -V -f /usr/local/etc/haproxy/haproxy.cfg
The below does a graceful restart. This is preferred over the hard stop and start
docker kill -s HUP haproxy
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.