fatk / docker-letsencrypt-nginx-proxy-companion-examples Goto Github PK
View Code? Open in Web Editor NEWExamples for combining docker-gen and letsencrypt-nginx-proxy-companion
License: MIT License
Examples for combining docker-gen and letsencrypt-nginx-proxy-companion
License: MIT License
The nginx-compose-v2.tmpl seems to have an issue. See nginx-proxy/nginx-proxy#304 (comment)
nginx-proxy v0.4.0 fixed the issues with Docker Compose 2. README.md
talks about them as a current issue. It's not clear whether changes to the Compose 2 example are necessary. Please update the README, and if necessary the Compose v2 example.
Hello ;)
Sometimes nginx is executed first and then have no configuration from nginx-gen.
Also its not possible to use "depends_on" directive cause it have volumes_from and then we have:
ERROR: Circular dependency between nginx and nginx-gen
Starting simple-site Starting nginx Starting nginx-gen Starting letsencrypt-nginx-proxy-companion Attaching to simple-site, nginx, nginx-gen, letsencrypt-nginx-proxy-companion nginx | 2016/07/20 14:19:34 [emerg] 1#1: open() "/etc/nginx/vhost.d/default" failed (2: No such file or directory) in /etc/nginx/conf.d/default.conf:56 nginx | nginx: [emerg] open() "/etc/nginx/vhost.d/default" failed (2: No such file or directory) in /etc/nginx/conf.d/default.conf:56 nginx-gen | 2016/07/20 14:19:34 Generated '/etc/nginx/conf.d/default.conf' from 2 containers nginx-gen | 2016/07/20 14:19:34 Sending container 'nginx' signal '1' nginx-gen | 2016/07/20 14:19:34 Error sending signal to container: API error (500): Cannot kill container nginx: Container 2c79e66156352b697fd5020efd2147484783f234a477da238741bea3477ef117 is not running nginx-gen | 2016/07/20 14:19:34 Watching docker events nginx exited with code 1 nginx-gen | 2016/07/20 14:19:34 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '' nginx-gen | 2016/07/20 14:19:34 Received event start for container 147eda37160f letsencrypt-nginx-proxy-companion | 2016/07/20 14:19:34 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/update_certs' letsencrypt-nginx-proxy-companion | 2016/07/20 14:19:34 Watching docker events letsencrypt-nginx-proxy-companion | 2016/07/20 14:19:34 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/update_certs' letsencrypt-nginx-proxy-companion | Reloading nginx proxy (using separate container nginx-gen)... nginx-gen | 2016/07/20 14:19:35 Received signal: hangup nginx-gen | 2016/07/20 14:19:35 Received signal: hangup letsencrypt-nginx-proxy-companion | Creating/renewal mysite.com certificates... (mysite.com) nginx-gen | 2016/07/20 14:19:35 Generated '/etc/nginx/conf.d/default.conf' from 2 containers nginx-gen | 2016/07/20 14:19:35 Sending container 'nginx' signal '1' nginx-gen | 2016/07/20 14:19:35 Error sending signal to container: API error (500): Cannot kill container nginx: Container 2c79e66156352b697fd5020efd2147484783f234a477da238741bea3477ef117 is not running letsencrypt-nginx-proxy-companion | 2016-07-20 14:19:35,291:INFO:simp_le:1383: Certificates already exist and renewal is not necessary, exiting with status code 1. letsencrypt-nginx-proxy-companion | Sleep for 3600s nginx-gen | 2016/07/20 14:19:39 Debounce minTimer fired nginx-gen | 2016/07/20 14:19:39 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
Hi, I'm following this tutorial https://rancher.com/create-a-private-docker-registry-to-integrate-with-rancher/ so I change the server name and admin email in docker-run.sh and volumes/volumes/examples/simple-site/conf.d/site.example.com.conf. When I run docker-run.sh 4 containers start (not 5?) and I get nothing generated in volumes/proxy/certs except 2 symbolic links.
Did I forget something?
ls -la volumes/proxy/certs/ect-dev-reg.domain.fr/
total 16
drwxr-xr-x 2 root root 4096 févr. 26 10:51 .
drwxr-xr-x 4 root root 4096 févr. 26 10:52 ..
lrwxrwxrwx 1 root root 67 févr. 26 10:51 account_key.json -> ../accounts/acme-v02.api.letsencrypt.org/directory/default_key.json
lrwxrwxrwx 1 root root 67 févr. 26 10:51 account_reg.json -> ../accounts/acme-v02.api.letsencrypt.org/directory/default_reg.json
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
81bb146fabf6 nginx "nginx -g 'daemon of…" 14 minutes ago Up 14 minutes 80/tcp simple-site
b49762f0be25 jrcs/letsencrypt-nginx-proxy-companion "/bin/bash /app/entr…" 14 minutes ago Up 14 minutes vigilant_euclid
6e2735d7c79b jwilder/docker-gen "/usr/local/bin/dock…" 14 minutes ago Up 14 minutes nginx-gen
3c88869c8b86 nginx "nginx -g 'daemon of…" 15 minutes ago Up 14 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx
Add support for proxy destinations are "off-box" and not in docker containers. For example, It would be great to be able to have an Encrypted connection land on the nginx-proxy docker container, and then travel unencrypted to the destination server.
nginx-proxy support adding a configuration file to achieve this end, but nginx-letsencrypt has no method to handle generating/managing the certificates for this sort of situation.
Perhaps permit allowing some environment variables for passing in additional hostnames/emails for certificates that should be managed, regardless of container existence?
estou executando um teste, porém está retornando error 503. Preciso fazer algum redirecionamento, já que estou rodando em localhost?
quando dou um curl -H "Host:teste.local" localhost
funciona.
I discovered that if a container has only one port exposed no IPs is generated in conf.d/default, consequently I believe that this part is at fault:
{{/* If only 1 port exposed, use that */}} {{ if eq $addrLen 1 }} {{ with $address := index $value.Addresses 0 }} # {{$value.Name}} server {{ $address.IP }}:{{ $address.Port }}; {{ end }}
The debian nginx does not support ALPN, and alpine supports ALPN.
When trying to start nginx-gen
, this error appears in the docker logs:
2016/04/23 16:15:05 unable to parse template: read /etc/docker-gen/templates/nginx.tmpl: is a directory
This results in the template not compiling properly and the container not booting. I am getting this error with both normal docker and docker-compose.
I am using osx 10.11.5 Beta, Docker version 1.11.0, build 4dc5990
and ´docker-compose version 1.7.0, build 0d7bf73against a docker server on digitalocean running
ubuntu 15.10 x64and
docker v1.11.0(booted with
docker-machine create --driver digitalocean ...`).
I have found that this issue might be related to one or more of these other issues:
moby/moby#19304
docker/compose#424
nginx-proxy/nginx-proxy#390
I have not been able to successfully run/start nginx-gen against my droplet, but I am able to run this successfully against my local virtualbox machine.
I have tried using absolute paths, I have tried moving the file to the same directory as the docker-compose yml, all with no luck :(
I noticed that my Letsencrypt cert isn't automatically renewing. Is there a cron job or something that needs to run to check the expiration and pull down an updated cert? The initial cert worked just fine.
Currently there is no compose v3 example available.
V3 compose does not support volumes-from
anymore, so one has to use named volume container.
It appears that the template doesn't handle the LetsEncrypt acme challenge, therefore people have to add them to their nginx configs. Couldn't this be handled in the template?
Hi there,
I have been searching for many hours for a solution but have been unable to find anything.
This is the "main" docker-compose file i'm using:
version: "2"
services:
nginx:
image: nginx
container_name: nginx
ports:
- "80:80"
- "443:443"
volumes:
- "/etc/nginx/conf.d"
- "/etc/nginx/vhost.d"
- "/usr/share/nginx/html"
- "../../../volumes/proxy/certs:/etc/nginx/certs:ro"
networks:
- proxy-tier
nginx-gen:
image: jwilder/docker-gen
container_name: nginx-gen
volumes:
- "/var/run/docker.sock:/tmp/docker.sock:ro"
- "../../../volumes/proxy/templates/nginx-compose-v2.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro"
volumes_from:
- nginx
entrypoint: /usr/local/bin/docker-gen -notify-sighup nginx -watch -only-exposed -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
letsencrypt-nginx-proxy-companion:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: letsencrypt-nginx-proxy-companion
volumes_from:
- nginx
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "../../../volumes/proxy/certs:/etc/nginx/certs:rw"
environment:
- NGINX_DOCKER_GEN_CONTAINER=nginx-gen
networks:
proxy-tier:
external:
name: nginx-proxy
Then I am attempting to start up additional websites using:
version: "2"
services:
simple-site:
image: nginx
container_name: simple-site
volumes:
- "../../../volumes/examples/simple-site/conf.d/:/etc/nginx/conf.d"
environment:
- VIRTUAL_HOST=site.example.com
- VIRTUAL_NETWORK=nginx-proxy
- VIRTUAL_PORT=80
- LETSENCRYPT_HOST=site.example.com
- LETSENCRYPT_TEST=true
- [email protected]
networks:
- proxy-tier
networks:
proxy-tier:
external:
name: nginx-proxy
This works fine, I can add multiple sites by adding docker-compose files like the one above. I get this in my generated nginx config:
upstream site.example.com {
# Container: simple-site@nginx-proxy
server 172.18.0.3:80;
}
lets encrypt container logs:
2016-09-05 00:39:54,313:INFO:simp_le:1305: site.example.com was successfully self-verified
However, when I change the image to anything other than nginx, I loose the IP address and the SSL certs are unable to be downloaded.
version: "2"
services:
simple-site2:
image: tutum/apache-php
container_name: simple-site2
environment:
- VIRTUAL_HOST=site2.example.com
- VIRTUAL_NETWORK=nginx-proxy
- VIRTUAL_PORT=80
- LETSENCRYPT_HOST=site2.example.com
- LETSENCRYPT_TEST=true
- [email protected]
networks:
- proxy-tier
networks:
proxy-tier:
external:
name: nginx-proxy
Generated nginx default.conf lines:
upstream site2.example.com {
# simple-site2
server :80;
}
lets encrypt container logs:
2016-09-05 00:48:22,077:WARNING:simp_le:1303: site2.example.com was not successfully self-verified. CA is likely to fail as well!
2016-09-05 00:48:22,098:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-staging.api.letsencrypt.org
2016-09-05 00:48:22,436:INFO:simp_le:1313: Generating new certificate private key
2016-09-05 00:48:22,871:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-staging.api.letsencrypt.org
2016-09-05 00:48:23,147:ERROR:simp_le:1271: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Is there a warning log entry about unsuccessful self-verification? Are all your domains accessible from the internet?
Challenge validation has failed, see error log.
Am I doing this the wrong way? Or is this config incorrect?
In docker-compose/v2/simple-site/docker-compose.yml the option -only-exposed is causing the issue that dockergen will not find the proper variable to update the template.
Result : It will never forward tot he proper container (as no upstream server)
Error in the logs : [emerg] 1#1: no servers are inside upstream in /etc/nginx/conf.d/default.conf:50
Consequence :
No server in Upstream.
Note : -only-exposed as been removed somehow from the doc on dockergen.
Hi,
I have no auto renewal and am not sure how to interpret the logs :
Unhandled error has happened, traceback is above
Debugging tips: -v improves output verbosity. Help is available under --help.
Creating/renewal chat.aausat.com certificates... (chat.aausat.com)
2017-02-15 10:19:18,579:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Traceback (most recent call last):
File "build/bdist.linux-x86_64/egg/simp_le.py", line 1401, in main
return main_with_exceptions(cli_args)
File "build/bdist.linux-x86_64/egg/simp_le.py", line 1386, in main_with_exceptions
persist_new_data(args, existing_data)
File "build/bdist.linux-x86_64/egg/simp_le.py", line 1282, in persist_new_data
client = registered_client(args, existing_data.account_key)
File "build/bdist.linux-x86_64/egg/simp_le.py", line 1224, in registered_client
client = acme_client.Client(directory=args.server, key=key, net=net)
File "build/bdist.linux-x86_64/egg/acme/client.py", line 63, in __init__
self.net.get(directory).json())
File "build/bdist.linux-x86_64/egg/acme/messages.py", line 169, in from_json
raise jose.DeserializationError(str(error))
DeserializationError: Deserialization error: Wrong directory fields
Unhandled error has happened, traceback is above
Debugging tips: -v improves output verbosity. Help is available under --help.
Sleep for 3600s
(This keeps repeating)
My certs directory are correctly configured.
If you know what's going on...
Thanks in advance for your time.
Hi,
I was trying to dig it from other issues but I can't find solution.
I am using 3 containers method with docker-compose.
Here is my docker-compose:
version: '2'
services:
nginx:
image: nginx
container_name: nginx
ports:
- "80:80"
- "443:443"
volumes:
- "/etc/nginx/conf.d"
- "/etc/nginx/vhost.d"
- "/usr/share/nginx/html"
- "../../../volumes/proxy/certs:/etc/nginx/certs:ro"
networks:
- nginxproxy
nginx-gen:
image: jwilder/docker-gen
container_name: nginx-gen
depends_on:
- letsencrypt-nginx-proxy-companion
- nginx
volumes:
- "/var/run/docker.sock:/tmp/docker.sock:ro"
- "/etc/docker-gen/templates:/etc/docker-gen/templates:ro"
volumes_from:
- nginx
entrypoint: /bin/sh -c
command: ["/usr/local/bin/docker-gen -notify-sighup nginx -only-exposed -watch -wait 30s:60s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf"]
letsencrypt-nginx-proxy-companion:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: letsencrypt-nginx-proxy-companion
volumes_from:
- nginx
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "../../../volumes/proxy/certs:/etc/nginx/certs:rw"
environment:
- NGINX_DOCKER_GEN_CONTAINER=nginx-gen
networks:
nginxproxy:
external:
name: nginxproxy
It is running and my host with wordpress site is working ok with http, but not working at all with https.
docker exec -it nginx cat /etc/nginx/conf.d/default.conf
is giving following output:
# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
# scheme used to connect to this server
map $http_x_forwarded_proto $proxy_x_forwarded_proto {
default $http_x_forwarded_proto;
'' $scheme;
}
# If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any
# Connection header that may have been passed to this server
map $http_upgrade $proxy_connection {
default upgrade;
'' close;
}
gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
log_format vhost '$host $remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log off;
# HTTP 1.1 support
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
server {
server_name _; # This is just an invalid value which will never trigger on a real hostname.
listen 80;
access_log /var/log/nginx/access.log vhost;
return 503;
}
upstream mydomain.com {
# neopolis_wordpress_1
server :80;
}
server {
server_name mydomain.com;
listen 80 ;
access_log /var/log/nginx/access.log vhost;
return 301 https://$host$request_uri;
}
server {
server_name mydomain.com;
listen 443 ssl http2 ;
access_log /var/log/nginx/access.log vhost;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_certificate /etc/nginx/certs/mydomain.com.crt;
ssl_certificate_key /etc/nginx/certs/mydomain.com.key;
ssl_dhparam /etc/nginx/certs/mydomain.com.dhparam.pem;
add_header Strict-Transport-Security "max-age=31536000";
include /etc/nginx/vhost.d/default;
location / {
proxy_pass http://mydomain.com;
}
}
I've checked logs of companion and looks like certs are ok ('...are valid and no need to renew... sleep ...').
Based on config visible above, in my understanding it should automatically redirect from http to https but it does not. Also, caling https directly gives CONNECTION REFUSED all the time.
Any idea?
Hey Karl,
There is also this project that looks promising!
http://technologyconversations.com/2016/03/21/docker-flow-proxy-on-demand-haproxy-service-discovery-and-reconfiguration/
https://github.com/vfarcic/docker-flow-proxy
while executing example
got following error:
curl -v https://site.example.com:443
* Trying 127.0.0.1:443...
* TCP_NODELAY set
* Connected to site.example.com (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to site.example.com:443
* Closing connection 0
result of docker ps
:
`docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
NAMES
c54e2cfb2c36 nginx "/docker-entrypoint.…" 33 minutes ago Up 33 minutes 80/tcp simple-site
4693a7a6eda1 jrcs/letsencrypt-nginx-proxy-companion "/bin/bash /app/entr…" 33 minutes ago Up 33 minutes ecstatic_faraday
b0850858466f nginx "/docker-entrypoint.…" 33 minutes ago Up 33 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:444->444/tcp, :::444->444/tcp nginx
`
Hi,
Why is an external network used in the docker-compose v2 example, instead of an app-confined network?
OK, So I have cloned the example image and substituted the "example.com" domain with my own but when trying to add my own content, The browser gives me 502 Bad Gateway.
This is my config:
/examples/docker-compose/v2/simple-site/docker-compose.yml
version: "2"
services:
nginx:
image: nginx
container_name: nginx
ports:
- "80:80"
- "443:443"
volumes:
- "/etc/nginx/conf.d"
- "/etc/nginx/vhost.d"
- "/usr/share/nginx/html"
- "../../../volumes/proxy/certs:/etc/nginx/certs:ro"
networks:
- proxy-tier
nginx-gen:
image: jwilder/docker-gen
container_name: nginx-gen
volumes:
- "/var/run/docker.sock:/tmp/docker.sock:ro"
- "../../../volumes/proxy/templates/nginx-compose-v2.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro"
volumes_from:
- nginx
entrypoint: /usr/local/bin/docker-gen -notify-sighup nginx -watch -only-exposed -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
letsencrypt-nginx-proxy-companion:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: letsencrypt-nginx-proxy-companion
volumes_from:
- nginx
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "../../../volumes/proxy/certs:/etc/nginx/certs:rw"
environment:
- NGINX_DOCKER_GEN_CONTAINER=nginx-gen
- DEBUG=true
simple-site:
image: nginx
container_name: simple-site
volumes:
- "../../../volumes/examples/simple-site/conf.d/:/etc/nginx/conf.d"
- "../../../volumes/examples/simple-site/site:/var/www/html"
environment:
- VIRTUAL_HOST=test.mydomain.com
- VIRTUAL_NETWORK=nginx-proxy
- VIRTUAL_PORT=80
- LETSENCRYPT_HOST=test.mydomain.com
- [email protected]
networks:
- proxy-tier
/examples/volumes/examples/simple-site/conf.d/test.mydomain.com
server {
listen 80;
server_name test.mydomain.com;
index index.html index.htm;
root /var/www/html;
location / {
try_files index.htm index.html;
}
}
/examples/volumes/examples/simple-site/site/index.html
<!DOCTYPE html>
<html>
<body>
<p>ok</p>
</body>
</html>
When running:
docker network create -d bridge nginx-proxy; docker-compose up -d
everything downloads and installs fine. However - when i visit test.mydomain.com i get 502 Bad Gateway
Running
docker logs nginx
gives me:
2016/10/25 09:58:02 [error] 7#7: *3 connect() failed (111: Connection refused) while connecting to upstream, client: 85.254.129.255, server: test.mydomain.com, request: "GET / HTTP/2.0", upstream: "http://172.18.0.2:80/", host: "test.mydomain.com"
test.mydomain.com 85.254.129.255 - - [25/Oct/2016:09:58:02 +0000] "GET / HTTP/2.0" 502 638 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36"
2016/10/25 09:58:02 [error] 7#7: *3 connect() failed (111: Connection refused) while connecting to upstream, client: 85.254.129.255, server: test.mydomain.com, request: "GET /favicon.ico HTTP/2.0", upstream: "http://172.18.0.2:80/favicon.ico", host: "test.mydomain.com", referrer: "https://test.mydomain.com/"
test.mydomain.com 85.254.129.255 - - [25/Oct/2016:09:58:02 +0000] "GET /favicon.ico HTTP/2.0" 502 638 "https://test.mydomain.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36"
As this issue is closed:
nginx-proxy/nginx-proxy#304 (comment)
Thanks to let me know!
Hi there,
Thanks for this really great container. I am using a few containers and I use docker-compose v2 syntax. Some of them have custom vhost.d config files (I'm using the Per-VIRTUAL_HOST configuration).
So, I guess there is some conflicts appearing when the container tries to generate the vhost config to pass the validation. Indeed, when I keep my vhost config files in the compose file, I encounter the following error :
mv: can't rename '/etc/nginx/vhost.d/example.com.new': Resource busy
And this prevents the validation of the given domain.
I managed to do the generation, by disabling temporarily my custom vhost conf files, running the container, then re-enabling them. But this is not really a solution, and I'm not sure that the renewal will work.
Is it a bug from the container, or a configuration I am missing ?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.