search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
38.78k stars 4.92k forks source link

upgrades in dockerized acme.sh not working #5303

Open tpf4oc opened 1 week ago

tpf4oc commented 1 week ago

Steps to reproduce

I am running the dockerized version of acme.sh with a cron entry like recommended in https://github.com/acmesh-official/acme.sh/wiki/Run-acme.sh-in-docker: /usr/bin/docker run --rm -i -v /home/xxx/.acme.sh:/acme.sh --net=host neilpang/acme.sh --cron 2>&1 | /usr/local/bin/mailx -s Letsencrypt ...

obviously when there is a new version I get a report like:

[Wed Sep 18 20:00:01 UTC 2024] ===Starting cron===
[Wed Sep 18 20:00:02 UTC 2024] Installing from online archive.
[Wed Sep 18 20:00:02 UTC 2024] Downloading https://github.com/acmesh-official/acme.sh/archive/master.tar.gz
[Wed Sep 18 20:00:02 UTC 2024] Extracting master.tar.gz
[Wed Sep 18 20:00:02 UTC 2024] Using config home: /acme.sh
[Wed Sep 18 20:00:02 UTC 2024] Installing to /root/.acme.sh
[Wed Sep 18 20:00:02 UTC 2024] Installed to /root/.acme.sh/acme.sh
[Wed Sep 18 20:00:02 UTC 2024] OK
[Wed Sep 18 20:00:02 UTC 2024] Install success!
[Wed Sep 18 20:00:02 UTC 2024] Upgrade success!
[Wed Sep 18 20:00:02 UTC 2024] Auto upgraded to: 3.0.9
[Wed Sep 18 20:00:02 UTC 2024] Renewing: 'xxxx
[Wed Sep 18 20:00:02 UTC 2024] Renewing using Le_API=https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 18 20:00:02 UTC 2024] Skipping. Next renewal time is: 2024-10-12T20:01:01Z
[Wed Sep 18 20:00:02 UTC 2024] Add '--force' to force renewal.
[Wed Sep 18 20:00:02 UTC 2024] Skipped xxxxx
[Wed Sep 18 20:00:02 UTC 2024] ===End cron===

This obviously updates the acme.sh code within the active container. However it is useless as the container is started with --rm and it breaks the container concept. So the next day I get again the old version:

[Thu Sep 19 20:00:01 UTC 2024] ===Starting cron===
[Thu Sep 19 20:00:02 UTC 2024] Already uptodate!
[Thu Sep 19 20:00:02 UTC 2024] Upgrade success!
[Thu Sep 19 20:00:02 UTC 2024] Auto upgraded to: 3.0.8
...

While I wonder what the "upgrade success tells me, the real upgrade procedure should pull the new docker image.

Of course the container content can be updated every day, but this is a waste of traffic and it obviously does not work.

Debug log

after deleting the latest image (here 3.09) and retagging the old one (here 3.08) as "latest", I get

sysadmin@sonne:~$ docker run --rm -i  -v /home/sysadmin/.acme.sh:/acme.sh --net=host neilpang/acme.sh --cron --debug 2
[Wed Sep 25 10:28:26 UTC 2024] Lets find script dir.
[Wed Sep 25 10:28:26 UTC 2024] _SCRIPT_='/root/.acme.sh/acme.sh'
[Wed Sep 25 10:28:26 UTC 2024] _script='/root/.acme.sh/acme.sh'
[Wed Sep 25 10:28:26 UTC 2024] _script_home='/root/.acme.sh'
[Wed Sep 25 10:28:26 UTC 2024] Using default home:/root/.acme.sh
[Wed Sep 25 10:28:26 UTC 2024] Using config home:/acme.sh
[Wed Sep 25 10:28:26 UTC 2024] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.0.8
[Wed Sep 25 10:28:26 UTC 2024] Running cmd: cron
[Wed Sep 25 10:28:26 UTC 2024] Using config home:/acme.sh
[Wed Sep 25 10:28:26 UTC 2024] default_acme_server
[Wed Sep 25 10:28:26 UTC 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_PATH='v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] ===Starting cron===
[Wed Sep 25 10:28:26 UTC 2024] Using config home:/acme.sh
[Wed Sep 25 10:28:26 UTC 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_PATH='v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] GET
[Wed Sep 25 10:28:26 UTC 2024] url='https://api.github.com/repos/acmesh-official/acme.sh/git/refs/heads/master'
[Wed Sep 25 10:28:26 UTC 2024] timeout=
[Wed Sep 25 10:28:26 UTC 2024] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.ymMV1yBx3h  -g '
[Wed Sep 25 10:28:26 UTC 2024] ret='0'
[Wed Sep 25 10:28:26 UTC 2024] Already uptodate!
[Wed Sep 25 10:28:26 UTC 2024] Upgrade success!
[Wed Sep 25 10:28:26 UTC 2024] Using config home:/acme.sh
[Wed Sep 25 10:28:26 UTC 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_PATH='v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] Auto upgraded to: 3.0.8
[Wed Sep 25 10:28:26 UTC 2024] Using config home:/acme.sh
[Wed Sep 25 10:28:26 UTC 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_PATH='v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] _stopRenewOnError
[Wed Sep 25 10:28:26 UTC 2024] _server
[Wed Sep 25 10:28:26 UTC 2024] _set_level='2'
[Wed Sep 25 10:28:26 UTC 2024] di='/acme.sh/xxx/'
[Wed Sep 25 10:28:26 UTC 2024] d='xxx'
[Wed Sep 25 10:28:26 UTC 2024] _renewServer
[Wed Sep 25 10:28:26 UTC 2024] Using config home:/acme.sh
[Wed Sep 25 10:28:26 UTC 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_PATH='v2/DV90'
[Wed Sep 25 10:28:26 UTC 2024] DOMAIN_PATH='/acme.sh/xxx'
[Wed Sep 25 10:28:26 UTC 2024] Renew: 'xxx'
[Wed Sep 25 10:28:26 UTC 2024] Le_API='https://acme-v02.api.letsencrypt.org/directory'
[Wed Sep 25 10:28:26 UTC 2024] Renew to Le_API=https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 25 10:28:26 UTC 2024] initpath again.
[Wed Sep 25 10:28:26 UTC 2024] Using config home:/acme.sh
[Wed Sep 25 10:28:26 UTC 2024] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Wed Sep 25 10:28:26 UTC 2024] _ACME_SERVER_PATH='directory'
[Wed Sep 25 10:28:26 UTC 2024] Skip, Next renewal time is: 2024-10-12T20:01:01Z
[Wed Sep 25 10:28:26 UTC 2024] Add '--force' to force to renew.
[Wed Sep 25 10:28:26 UTC 2024] Return code: 2
[Wed Sep 25 10:28:26 UTC 2024] Skipped xxx
[Wed Sep 25 10:28:26 UTC 2024] _error_level='3'
[Wed Sep 25 10:28:26 UTC 2024] _set_level='2'
[Wed Sep 25 10:28:26 UTC 2024] ===End cron===
github-actions[bot] commented 1 week ago

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

tpf4oc commented 1 week ago

What a stupid bot comment! First I did provide the debug output Second the claim is that the usual upgrade is meaningless in the dockerized approach

In my view:

Neilpang commented 4 days ago

don't use the latest tag, it always tries to upgrade. please use a specified version instead:

docker pull   neilpang/acme.sh:3.0.9

The specific tag version should always keep the version not upgraded.