search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
38.79k stars 4.92k forks source link

Docker installation fails / Unclear instructions #1443

Open simonszu opened 6 years ago

simonszu commented 6 years ago

Installation via docker fails. After starting a container in daemon mode, the next step to execute is to execute --install, i suppose, since the docker environment is quite similar to plain installation. If not, the instructions for docker are a bit unclear.

Steps to reproduce

Start acme.sh docker container with this docker-compose settings (a bit differently from plain docker compose, since i use ansible, but the general semantics should be the same)

- name: Start docker service
  docker_service:
    pull: yes
    project_name: acmesh
    definition:
      version: '2'
      services:
        app:
          restart: unless-stopped
          image: neilpang/acme.sh
          volumes:
          - "{{ docker_datadir }}/acme.sh/out:/acme.sh"
          command: daemon
          networks:
          - default
      networks:
        default:
          external:
            name: backend
  become: yes

Result: Container is running and is called acmesh_app_1. Next step: Trying to register an account via acme protocol: docker exec acmesh_app_1 --install --accountemail "mail@simonszu.de"

Result:

[Sat Mar 24 08:21:40 UTC 2018] Installing to /root/.acme.sh
cp: omitting directory 'acme.sh'
[Sat Mar 24 08:21:40 UTC 2018] Install failed, can not copy acme.sh

The dockerfile already configures the acme.sh inside the container to have it's home in /acme.sh, so i am wondering why it tries to write to /root. This will change the content of the container outside of any volumes, so it's not very desireable.

Debug log

$ docker exec acmesh_app_1 --debug 2                                                                                                                                                                                                                       1 [09:21:40]
OCI runtime exec failed: exec failed: container_linux.go:348: starting container process caused "exec: \"--debug\": executable file not found in $PATH": unknown
simonszu commented 6 years ago

OK, my fault that i assumed that the entrypoint would automatically forward command line flags to acme.sh in the container. However:

$ docker exec acmesh_app_1 acme.sh --install --accountemail "mail@simonszu.de"                                [17:23:41]
[Tue Mar 27 15:25:11 UTC 2018] Using config home: /acme.sh
[Tue Mar 27 15:25:11 UTC 2018] Installing to /root/.acme.sh
cp: omitting directory 'acme.sh'
[Tue Mar 27 15:25:11 UTC 2018] Install failed, can not copy acme.sh
darkguy2008 commented 6 years ago

Wow, this issue is still open? How does one use acme.sh with docker-compose then?

DrChai commented 6 years ago

@darkguy2008 after checked the Dockerfile. daemon only calls crond && while true; do sleep 1; done; you need to call another command for the cert issue. here is a simple gist to use acme.sh with docker-compose: https://gist.github.com/DrChai/e35ac6cf04299daf7dda9f66140a9664

adabru commented 3 years ago

“如何与Docker Compose一起使用”将是很棒的。 而一个脚本可以同时执行这两个操作。 首次颁发证书并定期更新。

A "How to use with Docker Compose" would be great. And a script that does both. Issue the certificate for the first time and renew it regularly.

Another solution / 另一种解决方案 : https://gist.github.com/williamdes/a8f15c7acaa71cd4437c4a903784f0e1