Dokku: HTTP vs. HTTPS urls

Created on 29 Mar 2016  路  5Comments  路  Source: dokku/dokku

Description of problem: when I upgraded dokku from 0.4.14 to 0.5.2, my app url changed from http://dbinbox.dokku01.gen.co to https://dbinbox.dokku02.gen.co and I can't figure out how to change it back.

ie: dokku urls dbinbox used to output:

https://dbinbox.com
http://dbinbox.dokku02.gen.co

but now it outputs:

https://dbinbox.com
https://dbinbox.dokku02.gen.co

Running dokku domains:add dbinbox http://dbinbox.dokku02.gen.co added a domain https://http://dbinbox.dokku02.gen.co that I can't remove (dokku domains:remove dbinbox http://dbinbox.dokku02.gen.co -> sed: -e expression #1, char 9: unknown command:/'`)

How can I change https://dbinbox.dokku02.gen.co to use HTTP?

Alternatively: can I merge a new SSL certificate for *.dokku02.gen.co with my existing one for dbinbox.com?

Output of the following commands

  • uname -a: Linux dokku02 3.13.0-71-generic #114-Ubuntu SMP Tue Dec 1 02:34:22 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
  • free -m:
total       used       free     shared    buffers     cached
Mem:          2001       1511        490          1        138        718
-/+ buffers/cache:        653       1348
Swap:            0          0          0
  • docker version:
Client:
 Version:      1.10.3
 API version:  1.22
 Go version:   go1.5.3
 Git commit:   20f81dd
 Built:        Thu Mar 10 15:54:52 2016
 OS/Arch:      linux/amd64

Server:
 Version:      1.10.3
 API version:  1.22
 Go version:   go1.5.3
 Git commit:   20f81dd
 Built:        Thu Mar 10 15:54:52 2016
 OS/Arch:      linux/amd64
  • docker -D info:
Containers: 10
 Running: 2
 Paused: 0
 Stopped: 8
Images: 24
Server Version: 1.10.3
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 44
 Dirperm1 Supported: false
Execution Driver: native-0.2
Logging Driver: json-file
Plugins:
 Volume: local
 Network: bridge null host
Kernel Version: 3.13.0-71-generic
Operating System: Ubuntu 14.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.955 GiB
Name: dokku02
ID: NJBI:6DH5:AK22:BZYN:2ZOA:2B3Q:7XLL:7QOX:DFDT:WKQF:3BS6:LOW2
WARNING: No swap limit support
  • sigil -v: 0.4.0
  • docker run -ti gliderlabs/herokuish:latest herokuish version:
herokuish: 0.3.9
buildpacks:
  heroku-buildpack-clojure   v75
  heroku-buildpack-erlang    fa17af9
  heroku-buildpack-go        v31
  heroku-buildpack-gradle    v17
  heroku-buildpack-grails    v20
  heroku-buildpack-java      v44
  heroku-buildpack-multi     v1.0.0
  heroku-buildpack-nodejs    v88
  heroku-buildpack-php       v95
  heroku-buildpack-play      v26
  heroku-buildpack-python    v77
  heroku-buildpack-ruby      v145
  heroku-buildpack-scala     v66
  buildpack-nginx            v5
  • dokku version: 0.5.2
  • dokku plugin:
plugn: dev
  00_dokku-standard    0.5.2 enabled    dokku core standard plugin
  20_events            0.5.2 enabled    dokku core events logging plugin
  apps                 0.5.2 enabled    dokku core apps plugin
  build-env            0.5.2 enabled    dokku core build-env plugin
  certs                0.5.2 enabled    dokku core certificate management plugin
  checks               0.5.2 enabled    dokku core checks plugin
  common               0.5.2 enabled    dokku core common plugin
  config               0.5.2 enabled    dokku core config plugin
  docker-options       0.5.2 enabled    dokku core docker-options plugin
  domains              0.5.2 enabled    dokku core domains plugin
  enter                0.5.2 enabled    dokku core enter plugin
  git                  0.5.2 enabled    dokku core git plugin
  letsencrypt          0.6.1 enabled    Automated installation of let's encrypt TLS certificates
  logs                 0.5.2 enabled    dokku core logs plugin
  named-containers     0.5.2 enabled    dokku core named containers plugin
  nginx-vhosts         0.5.2 enabled    dokku core nginx-vhosts plugin
  plugin               0.5.2 enabled    dokku core plugin plugin
  proxy                0.5.2 enabled    dokku core proxy plugin
  ps                   0.5.2 enabled    dokku core ps plugin
  shell                0.5.2 enabled    dokku core shell plugin
  storage              0.5.2 enabled    dokku core storage plugin
  tags                 0.5.2 enabled    dokku core tags plugin
  tar                  0.5.2 enabled    dokku core tar plugin

Environment details (AWS, VirtualBox, physical, etc.): VPS
How was dokku installed?: manually
How reproducible: not sure

invalid
Source
picture christiangenco

All 5 comments

Check the migration guide. We now SSL all urls on an app with SSL enabled. If that's not the desired behavior you'll have to provide a custom nginx template.

michaelshobbs picture michaelshobbs on 29 Mar 2016
👍1

https://github.com/dokku/dokku/blob/master/docs/appendices/0.5.0-migration-guide.md

michaelshobbs picture michaelshobbs on 29 Mar 2016
👍1

@josegonzalez this should probably be included in the docs site. Not sure how best to do that though.

michaelshobbs picture michaelshobbs on 29 Mar 2016

For posterity, here's the nginx.conf.sigil file that worked for me (I just needed to check it into the root of my repository).

This is to run a domain on SSL called "dbinbox.com" and two non-SSL domains called "dbinbox.dokku01.gen.co" and "dbinbox.dokku02.gen.co" (because I'm deploying to two servers; each server only pays attention to one of those).

server {
  listen      [::]:{{ .NGINX_PORT }};
  listen      {{ .NGINX_PORT }};
  server_name dbinbox.com;
  access_log  /var/log/nginx/{{ .APP }}-access.log;
  error_log   /var/log/nginx/{{ .APP }}-error.log;
  return 301 https://$host:{{ .NGINX_SSL_PORT }}$request_uri;
}

server {
  listen      [::]:{{ .NGINX_SSL_PORT }} ssl spdy;
  listen      {{ .NGINX_SSL_PORT }} ssl spdy;
  server_name dbinbox.com;
  access_log  /var/log/nginx/{{ .APP }}-access.log;
  error_log   /var/log/nginx/{{ .APP }}-error.log;
  ssl_certificate     {{ .APP_SSL_PATH }}/server.crt;
  ssl_certificate_key {{ .APP_SSL_PATH }}/server.key;

  keepalive_timeout   70;
  add_header          Alternate-Protocol  {{ .NGINX_SSL_PORT }}:npn-spdy/2;
  location    / {

    gzip on;
    gzip_min_length  1100;
    gzip_buffers  4 32k;
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml;
    gzip_vary on;
    gzip_comp_level  6;

    proxy_pass  http://{{ .APP }};
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection upgrade;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Request-Start $msec;
  }
  include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf;
}

server {
  listen      [::]:{{ .NGINX_PORT }};
  listen      {{ .NGINX_PORT }};
  server_name dbinbox.dokku01.gen.co ;
  access_log  /var/log/nginx/{{ .APP }}-access.log;
  error_log   /var/log/nginx/{{ .APP }}-error.log;

  location    / {

    gzip on;
    gzip_min_length  1100;
    gzip_buffers  4 32k;
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml;
    gzip_vary on;
    gzip_comp_level  6;

    proxy_pass  http://{{ .APP }};
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection upgrade;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Request-Start $msec;
  }
  include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf;
}

server {
  listen      [::]:{{ .NGINX_PORT }};
  listen      {{ .NGINX_PORT }};
  server_name dbinbox.dokku02.gen.co ;
  access_log  /var/log/nginx/{{ .APP }}-access.log;
  error_log   /var/log/nginx/{{ .APP }}-error.log;

  location    / {

    gzip on;
    gzip_min_length  1100;
    gzip_buffers  4 32k;
    gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml;
    gzip_vary on;
    gzip_comp_level  6;

    proxy_pass  http://{{ .APP }};
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection upgrade;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Request-Start $msec;
  }
  include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf;
}

{{ if .DOKKU_APP_LISTENERS }}
upstream {{ .APP }} {
{{ range .DOKKU_APP_LISTENERS | split " " }}  server {{ . }};
{{ end }}}
{{ else if .PASSED_LISTEN_IP_PORT }}
upstream {{ .APP }} {
  server {{ .DOKKU_APP_LISTEN_IP }}:{{ .DOKKU_APP_LISTEN_PORT }};
}
{{ end }}
christiangenco picture christiangenco on 20 Apr 2016

Thank you sir!

michaelshobbs picture michaelshobbs on 20 Apr 2016
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

josegonzalez picture josegonzalez  路  3Comments
internetstyle picture internetstyle  路  3Comments
benwilkins picture benwilkins  路  4Comments
dilame picture dilame  路  4Comments
knzudgt picture knzudgt  路  4Comments