Learning Locker in a Docker container

Owen Williams with guest appearances

Learning Locker in a Docker container

A list to help install Learning Locker:

  • Apache on the host supports TLS and SNI:

<VirtualHost *:80>
  ServerAdmin email@somedomain.com
  ServerName lrs.somedomain.com
  ErrorLog /path/to/my/error_log
  CustomLog /path/to/access_log common

  Redirect / https://lrs.somedomain.com/
</VirtualHost>

<VirtualHost *:443>
  Protocols h2 http/1.1
  ServerAdmin email@somedomain.com
  ServerName lrs.somedomain.com
  ErrorLog /path/to/error_log
  CustomLog /path/to/access_log common

  AddType application/x-httpd-php .php

  ProxyRequests On
  <Location "/">
    ProxyPass http://localhost:8001/
    ProxyPassReverse http://localhost:8001/
#    AllowMethods GET POST OPTIONS
    AllowOverride All
    Require all granted
  </Location>

  SSLEngine on
  #SSLProtocol -ALL +TLSv1.1 +TLSv1.2
  SSLProtocol -ALL +TLSv1.2
  SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!RC4:!DES:!3DES:+HIGH:+MEDIUM
  SSLCertificateKeyFile /etc/letsencrypt/live/c3iq.co.uk/privkey.pem
  SSLCertificateFile /etc/letsencrypt/live/c3iq.co.uk/fullchain.pem

  <Files ~ "\.(cgi|shtml|phtml|php?)$">
     SSLOptions +StdEnvVars
  </Files>
</VirtualHost>

Let’s Encrypt is a beautiful thing.

  • I use a user called docker to corral configs for my docker containers:
  • git clone https://github.com/michzimny/learninglocker2-docker
  • mv learninglocker2-docker LRS
  • In LRS, mkdir volumes
  • edit .env
  • edit app/Dockerfile to use the latest version of Learning Locker
  • edit nginx.conf.template to reflect that Apache on the host does the redirect from 80 to 443

./build-dev.sh and docker-compose up -d.

While a default of HTTPS is a good thing it took me a while to find the redirect in NGINX.  That’s my job. 🙂  I assumed there was an issue with versions when the server reported Service Not Available.  It took several iterations and some debugging to get right.

 

No Comments

Add your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.