Hi all, I don’t know if this is a off-topic question, but we are trying to set-up SSL certificate on our kobo installation which is based on a private domain.
We can use Certbot’s plugin dns-dnsmadeeasy to validate the private domain, and we have done on our one such project.
Just wanted to know if there are any ways we can use SSL on our kobo-installation using letsencrypt if we are on the private domain. Any help regarding this is always appreciated.
Thanks.
Hi @ryanend
Thanks for this query. I have asked our developers and also edited your topic to reside within KoBo On Your Own Server to allow for more discussions among advanced users.
Stephane
Hi,
Just confirm whether you have a public domain that resolves to a private IP address. In essence, the domain has to be public for it to work.
Regardless, you should do the following:
set up your own NGINX instance using your SSL certificate (it doesn’t matter how you obtain it)
look at https://github.com/kobotoolbox/kobo-install/blob/master/templates/nginx-certbot/data/nginx/app.conf.tpl * using that file as an example, configure a similar proxy_pass on your own NGINX instance
set up kobo-install, and when it asks Auto-install HTTPS certificates with Let's Encrypt?, respond No - Use my own reverse-proxy/load-balancer
when asked about Internal port used by reverse proxy, input the port used in the NGINX proxy_pass configuration, i.e. whatever they filled in for ${NGINX_EXPOSED_PORT}: proxy_pass http://${LOCAL_INTERFACE_IP}:${NGINX_EXPOSED_PORT};
Stephane
Thanks a lot @stephanealoo for the prompt response, I’ve now got the SSL cert up and running.
Hi @stephanealoo After adding SSL certificate (using reverse proxy) when I try to expose the backend containers but the kobo-install keeps getting stuck at Creating network “kobofe_kobo-fe-network” with driver "bridge"
Also there is nothing mentioned about this in the logs.
The kobo-install completes when I chose not to expose the containers, any help regarding this?
Thanks.
I’ve also tried by changing password for postgres, yet it did not work.
Okay, I couldn’t find the issue but I found a workaround for this.
I had to manually edit the file docker-compose.backend.template.yml to add the ports for mongo and postgres images, and then it worked as expected.
Hi @ryanend
I am glad to know that you found a workaround. I am sure when @jnm has a look he would be able to add in anything on your earlier query.
Stephane
Jambo Stephan,
Just as a confirmation, the nginx instance to be set up is it the one on kobo-install?
Hi @urbanus
See below
Regards,
Stephane
That is the base of my question exactly… Kindly expound in it, if you don’t mind…
Alright lemme ask this way, do I need to set up the nginx instances in /etc/nginx? or just use the set up one… cos I have tried using the set up one and it is not working
Hi @urbanus, if you are using the kobo-install script, it should take care of the nginx configuration. Have you tried changing the port to something other than 80? Sometimes port 80 might already be in use, so changing it to something else might solve your issue — I use port 8080 for example when running kobo locally.
Hello Josh,
Thanks for the feedback. I used port 8080 in the install procedure, but I still couldn’t access it.
Interesting. Have you managed to get kobo-install to start up successfully? (ie it gave you a print out of the super_admin credentials after starting up all the services)
