search

SnowMB / traefik-certificate-extractor

Tool to extract Let's Encrypt certificates from Traefik's ACME storage file.
MIT License
14 stars 9 forks source link

[NFS mount] Changes in acme file are not detected #2

Open niklaskappler opened 5 years ago

niklaskappler commented 5 years ago

Hi, first of all, thank you for that amazing tool and your additional functionalities. I detected yesterday some misfalling behaviour.

I'm trying to run your container in swarm mode and as of the swarm mode all my data is based nfs mounts. Now, as I investigated, changes within the acme.json file are reflected into the container, but the watchdog script does not detect the changed file. As a result the extractor script is still waiting for changes, but will never extract the certs. When I inspect the acme file within the container, changes in the data or the metadata like date or even permissions are updated.

Have you ever detected some behaviour?

Attached below my docker yml. The traefik_data volume is also an nfs mounted volume like the mail_cert is. It is just specified within the traefik stack.

version: '3.5'
services:
  certs:
    image: snowmb/traefik-certificate-extractor
    volumes:
      - traefik_data:/app/data:ro
      - mail_cert:/app/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock
    command: -r

volumes:
  mail_cert:
      driver: local
      driver_opts:
        type: nfs4
        o: "addr=10.0.0.1"
        device: ":/mail/mail/certs"
  traefik_data:
      external: true
ghost commented 5 years ago

This is the problem:

volume is also an nfs mounted volume

Method used in this python utility does not work with remote file systems.