search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
39.44k stars 4.98k forks source link

When using the env DOCKER_HOST, an error occurred during the deployment to docker containers #5112

Open redjumper opened 6 months ago

redjumper commented 6 months ago

latest acme.sh is deployed via Docker, with the following Docker Compose configuration. 

services:
  acme.sh:
    image: neilpang/acme.sh:latest
    container_name: acme.sh
    networks:
      bridge:
      acme.sh-socket-proxy_bridge:
    command: daemon
    restart: unless-stopped
    environment:
      - CF_Email="cf_mail"
      - CF_Key="cf_key"
      - SYNO_Hostname="192.168.1.1"
      - SYNO_Username="syno_user"
      - SYNO_Password="syno_pass"
      - SYNO_Certificate="acme.sh certificate"
      - SYNO_Scheme="http"
      - SYNO_Port="5000"
      - SYNO_Device_Name="CertRenewal"
      - SYNO_Device_ID="acme"
      - SYNO_Create=1
      - DEPLOY_DOCKER_CONTAINER_LABEL=acme.sh.autoload=true
      - DEPLOY_DOCKER_CONTAINER_KEY_FILE="/root/derper/${TAILSCALE_DERP_HOSTNAME}/${TAILSCALE_DERP_HOSTNAME}.key"
      - DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE="/root/derper/${TAILSCALE_DERP_HOSTNAME}/${TAILSCALE_DERP_HOSTNAME}.crt"
      - DEPLOY_DOCKER_CONTAINER_RELOAD_CMD="killall -9 derper"
      - DOCKER_HOST=tcp://acme.sh-socket-proxy:2375
    volumes:
      - ./data:/acme.sh
    depends_on:
      - acme.sh-socket-proxy

  acme.sh-socket-proxy:
    image: tecnativa/docker-socket-proxy:latest
    container_name: acme.sh-socket-proxy
    hostname: acme.sh-socket-proxy
    networks:
      acme.sh-socket-proxy_bridge:
    privileged: true
    environment:
      - SOCKET_PATH=/host/var/run/docker.sock
      - POST=1
      - CONTAINERS=1
      - EXEC=1
    restart: unless-stopped
    volumes:
      # https://github.com/moby/moby/issues/22789
      - /var/run:/host/var/run

networks:
  bridge:
    driver: bridge
    ipam:
      driver: default
  acme.sh-socket-proxy_bridge:
    driver: bridge
    ipam:
      driver: default

An error occurred during deployment to docker containers. Below is the Docker Compose configuration for the container.

services:
  derp:
    image: derp:latest
    networks:
      bridge:
    restart: unless-stopped
    labels:
      - "acme.sh.autoload=true"
    volumes:
      - ./certs:/root/derper/${TAILSCALE_DERP_HOSTNAME}

networks:
  bridge:
    driver: bridge
    ipam:
      driver: default

Below is debug log.

[Wed Apr 24 07:32:57 UTC 2024] LE_WORKING_DIR='/root/.acme.sh' [Wed Apr 24 07:32:57 UTC 2024] Running cmd: deploy [Wed Apr 24 07:32:57 UTC 2024] Using config home:/acme.sh [Wed Apr 24 07:32:57 UTC 2024] default_acme_server='https://acme-v02.api.letsencrypt.org/directory' [Wed Apr 24 07:32:57 UTC 2024] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Wed Apr 24 07:32:57 UTC 2024] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org' [Wed Apr 24 07:32:57 UTC 2024] _ACME_SERVER_PATH='directory' [Wed Apr 24 07:32:57 UTC 2024] The domain 'xxx.yyy.zzz' seems to have a ECC cert already, lets use ecc cert. [Wed Apr 24 07:32:57 UTC 2024] DOMAIN_PATH='/acme.sh/xxx.yyy.zzz_ecc' [Wed Apr 24 07:32:57 UTC 2024] DOMAIN_CONF='/acme.sh/xxx.yyy.zzz_ecc/xxx.yyy.zzz.conf' [Wed Apr 24 07:32:57 UTC 2024] _deployApi='/root/.acme.sh/deploy/docker.sh' [Wed Apr 24 07:32:57 UTC 2024] _cdomain='xxx.yyy.zzz' [Wed Apr 24 07:32:57 UTC 2024] DEPLOY_DOCKER_CONTAINER_LABEL='acme.sh.autoload=true' [Wed Apr 24 07:32:57 UTC 2024] Try use docker host: tcp://acme.sh-socket-proxy:2375 [Wed Apr 24 07:32:57 UTC 2024] trim quotation marks [Wed Apr 24 07:32:57 UTC 2024] DEPLOY_DOCKER_CONTAINER_KEY_FILE='/root/derper/derp.xxx.yyy.zzz/derp.xxx.yyy.zzz.key' [Wed Apr 24 07:32:57 UTC 2024] DEPLOY_DOCKER_CONTAINER_CERT_FILE [Wed Apr 24 07:32:57 UTC 2024] DEPLOY_DOCKER_CONTAINER_CA_FILE [Wed Apr 24 07:32:57 UTC 2024] trim quotation marks [Wed Apr 24 07:32:57 UTC 2024] DEPLOY_DOCKER_CONTAINER_FULLCHAIN_FILE='/root/derper/derp.xxx.yyy.zzz/derp.xxx.yyy.zzz.crt' [Wed Apr 24 07:32:57 UTC 2024] trim quotation marks [Wed Apr 24 07:32:57 UTC 2024] DEPLOY_DOCKER_CONTAINER_RELOAD_CMD='killall -9 derper' [Wed Apr 24 07:32:57 UTC 2024] Not implemented yet. [Wed Apr 24 07:32:57 UTC 2024] Container id: [Wed Apr 24 07:32:57 UTC 2024] can not find container id [Wed Apr 24 07:32:57 UTC 2024] Error deploy for domain:xxx.yyy.zzz [Wed Apr 24 07:32:57 UTC 2024] Deploy error.

When using the daemon socket, there were no errors during deployment to the container.

github-actions[bot] commented 6 months ago

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.