Rasa + nginx reverse proxy setup

Rasa Open Source
1

Hey guys! I followed http://forum.rasa.com/t/rasa-server-running-as-https-not-working/33293 to set up HTTPS, but I can only access it using HTTP and not HTTPS. On a post request, I get the following error -

*SSLError: HTTPSConnectionPool(host=‘mydomain.com’, port=5005): Max retries exceeded with url: /webhooks/rest/webhook (Caused by SSLError(SSLError(1, ‘[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1123)’)))*

Here’s my docker-compose.yml

version: '3.8'
services:
  bot:
    env_file:
      - env_bot.env
    image: ${DOCKER_HUB}/${DOCKER_REPO}/${DOCKER_IMAGE}:${DOCKER_TAG}
    container_name: application_chatbot
    build:
      context: ./build
      dockerfile: Dockerfile
    #volumes:
    #  - ./out:/out
    command: bash -c "python conversational_bot/start_script/launch_v2.py && /bin/sh"
    tty: true
    ulimits:
      memlock: -1
    networks:
      - organic_network
    ports:
      - 5005:5005
  mongo:
    container_name: organic_mongo_b
    image: library/mongo:latest
    volumes:
      - /tmp/mongodb:/data/db:Z
    networks:
      - organic_network
    # this should just expose this port to internal services, not to outside
    expose:
      - 27017
  nginx:
    container_name: nginx
    image: nginx
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./nginx:/etc/nginx/conf.d
      #I kept my SSL certs in a certs folder in project directory (Make sure to include this in .gitignore)
      - ./certs:/etc/letsencrypt/live/mydomain.com
    depends_on:
      - bot
    networks:
      - organic_network

networks:
  organic_network:
   name: global_organic_network

and here is my nginx default conf file -

upstream application_chatbot {
    server application_chatbot:5005;
}

#change your domain name to localhost if testing locally
#listen on port 80 (default port for non-encrypted messages)
#if testing locally, <your_domain_name> is localhost
server {
    listen	 80;
    server_name  mydomain.com ;

#reverse proxy to rasa container
    location / {
        proxy_pass  http://application_chatbot;
    }
}

#comment out this block if you are testing locally
#listen to port 443 (default port for encrypted messages)
server {
      listen 443 ssl;
      server_name mydomain.com ;

  #points to ssl certificates that we will move to nginx docker container in docker compose
      ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
      ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;

  #reverse proxy to rasa container
      location / {
          proxy_pass  http://application_chatbot;
      }
}

Wondering if you have any thoughts/inputs on what I’m doing wrong. New to both docker and rasa so, some help would be really appreciated.

Thanks!

2

Turns out, the nginx container wasn’t getting access to the certificates. I missed the :Z in the volume in the docker-compose.yml file.