Dockerfile:尝试创建 openssl 证书。没有错误但没有创建文件
Dockerfile: Trying to create openssl certs. No errors but no files created
我有以下 Dockerfile:
FROM nginx:latest
RUN apt-get update \
&& apt-get -y install openssl \
&& apt-get -y install vim
RUN mkdir -p /etc/nginx/snippets
RUN mkdir -p /etc/openssl
RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/openssl/nginx-selfsigned.key -out /etc/openssl/nginx-selfsigned.crt -subj "/C=US/ST=NY/L=NY/O=ACME/OU=CD/CN=AcmeWPDeveloper"
我没有收到错误,但是当我登录容器时,openssl 目录是空的。
我检查过的内容:
- 我尝试创建的所有目录都存在于新容器中。
- 已安装 openssl。
测试 /etc/openssl 文件夹是否存在:
PS C:\Users\me\src\tests\nginx\wordpress-nginx-docker> docker exec -it --user="root" nginx bash
root@59ab746371ba:/# ls -lah /etc/openssl/
total 4.0K
drwxrwxrwx 1 root root 4.0K Oct 27 14:30 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:30 ..
root@59ab746371ba:/# exit
检查片段文件夹:
root@6ee5da5f4b16:/# ls -lah /etc/nginx/
total 36K
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 ..
drwxrwxrwx 1 root root 4.0K Oct 27 14:18 conf.d
-rw-r--r-- 1 root root 1007 Sep 7 15:21 fastcgi_params
-rw-r--r-- 1 root root 5.2K Sep 7 15:21 mime.types
lrwxrwxrwx 1 root root 22 Sep 7 15:38 modules -> /usr/lib/nginx/modules
-rw-r--r-- 1 root root 648 Sep 7 15:38 nginx.conf
-rw-r--r-- 1 root root 636 Sep 7 15:21 scgi_params
drwxr-xr-x 2 root root 4.0K Oct 27 14:31 snippets
-rw-r--r-- 1 root root 664 Sep 7 15:21 uwsgi_params
检查以确保安装了 openssl 包:
root@6ee5da5f4b16:/# openssl
OpenSSL> ^C
root@6ee5da5f4b16:/#
当我在容器上手动 运行 命令时,它有效:
root@6ee5da5f4b16:/# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/openssl/nginx-selfsigned.key -out /etc/openssl/nginx-selfsigned.crt -subj "/C=US/ST=NY/L=NY/O=ACME/OU=CD/CN=AcmeWPDeveloper"
Generating a RSA private key
..........................................+++++
.......+++++
writing new private key to '/etc/openssl/nginx-selfsigned.key'
-----
root@6ee5da5f4b16:/# ls -lah /etc/openssl/
total 12K
drwxrwxrwx 1 root root 4.0K Oct 27 14:36 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 ..
-rw-r--r-- 1 root root 1.3K Oct 27 14:36 nginx-selfsigned.crt
-rw------- 1 root root 1.7K Oct 27 14:36 nginx-selfsigned.key
root@6ee5da5f4b16:/#
编辑 1
这是使用 Dockerfile 的 docker-compose 文件:
(仅显示 nginx 节)
nginx:
#image: nginx:${NGINX_VERSION:-latest}
container_name: nginx
ports:
- '8085:8085'
- '443:443'
build: .
volumes:
- ${NGINX_CONF_DIR:-./nginx}:/etc/nginx/conf.d
- ${NGINX_LOG_DIR:-./logs/nginx}:/var/log/nginx
- ${WORDPRESS_DATA_DIR:-./wordpress}:/var/www/html
- ${SSL_CERTS_DIR:-./certs}:/etc/openssl
- ${SSL_CERTS_DATA_DIR:-./certs-data}:/data/openssl
有了这条指令…
volumes:
- ${SSL_CERTS_DIR:-./certs}:/etc/openssl
…启动容器时,您正在使用您的(空)卷“覆盖”已经存在的 /etc/openssl 图像(包含文件)。
我有以下 Dockerfile:
FROM nginx:latest
RUN apt-get update \
&& apt-get -y install openssl \
&& apt-get -y install vim
RUN mkdir -p /etc/nginx/snippets
RUN mkdir -p /etc/openssl
RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/openssl/nginx-selfsigned.key -out /etc/openssl/nginx-selfsigned.crt -subj "/C=US/ST=NY/L=NY/O=ACME/OU=CD/CN=AcmeWPDeveloper"
我没有收到错误,但是当我登录容器时,openssl 目录是空的。
我检查过的内容:
- 我尝试创建的所有目录都存在于新容器中。
- 已安装 openssl。
测试 /etc/openssl 文件夹是否存在:
PS C:\Users\me\src\tests\nginx\wordpress-nginx-docker> docker exec -it --user="root" nginx bash
root@59ab746371ba:/# ls -lah /etc/openssl/
total 4.0K
drwxrwxrwx 1 root root 4.0K Oct 27 14:30 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:30 ..
root@59ab746371ba:/# exit
检查片段文件夹:
root@6ee5da5f4b16:/# ls -lah /etc/nginx/
total 36K
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 ..
drwxrwxrwx 1 root root 4.0K Oct 27 14:18 conf.d
-rw-r--r-- 1 root root 1007 Sep 7 15:21 fastcgi_params
-rw-r--r-- 1 root root 5.2K Sep 7 15:21 mime.types
lrwxrwxrwx 1 root root 22 Sep 7 15:38 modules -> /usr/lib/nginx/modules
-rw-r--r-- 1 root root 648 Sep 7 15:38 nginx.conf
-rw-r--r-- 1 root root 636 Sep 7 15:21 scgi_params
drwxr-xr-x 2 root root 4.0K Oct 27 14:31 snippets
-rw-r--r-- 1 root root 664 Sep 7 15:21 uwsgi_params
检查以确保安装了 openssl 包:
root@6ee5da5f4b16:/# openssl
OpenSSL> ^C
root@6ee5da5f4b16:/#
当我在容器上手动 运行 命令时,它有效:
root@6ee5da5f4b16:/# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/openssl/nginx-selfsigned.key -out /etc/openssl/nginx-selfsigned.crt -subj "/C=US/ST=NY/L=NY/O=ACME/OU=CD/CN=AcmeWPDeveloper"
Generating a RSA private key
..........................................+++++
.......+++++
writing new private key to '/etc/openssl/nginx-selfsigned.key'
-----
root@6ee5da5f4b16:/# ls -lah /etc/openssl/
total 12K
drwxrwxrwx 1 root root 4.0K Oct 27 14:36 .
drwxr-xr-x 1 root root 4.0K Oct 27 14:31 ..
-rw-r--r-- 1 root root 1.3K Oct 27 14:36 nginx-selfsigned.crt
-rw------- 1 root root 1.7K Oct 27 14:36 nginx-selfsigned.key
root@6ee5da5f4b16:/#
编辑 1
这是使用 Dockerfile 的 docker-compose 文件: (仅显示 nginx 节)
nginx:
#image: nginx:${NGINX_VERSION:-latest}
container_name: nginx
ports:
- '8085:8085'
- '443:443'
build: .
volumes:
- ${NGINX_CONF_DIR:-./nginx}:/etc/nginx/conf.d
- ${NGINX_LOG_DIR:-./logs/nginx}:/var/log/nginx
- ${WORDPRESS_DATA_DIR:-./wordpress}:/var/www/html
- ${SSL_CERTS_DIR:-./certs}:/etc/openssl
- ${SSL_CERTS_DATA_DIR:-./certs-data}:/data/openssl
有了这条指令…
volumes:
- ${SSL_CERTS_DIR:-./certs}:/etc/openssl
…启动容器时,您正在使用您的(空)卷“覆盖”已经存在的 /etc/openssl 图像(包含文件)。