search

coollabsio / coolify

An open-source & self-hostable Heroku / Netlify / Vercel alternative.
https://coolify.io
Apache License 2.0
33.29k stars 1.8k forks source link

[Bug]: BookStack Template NET::ERR_CERT_AUTHORITY_INVALID Subject: TRAEFIK DEFAULT CERT #3902

Open elmatadoor opened 2 weeks ago

elmatadoor commented 2 weeks ago

Error Message and Logs

bookstack Template deployment is Healthy but the ssl certeficate is not correctly generated by letsencrypt ; NET::ERR_CERT_AUTHORITY_INVALID Subject: TRAEFIK DEFAULT CERT Issuer: TRAEFIK DEFAULT CERT

Steps to Reproduce

1.Deploy The BookStack Image 2.Click On The Image Link 3.The Browser Show error NET::ERR_CERT_AUTHORITY_INVALID 4.Not Correctly Deployed even if it was working on version 357

Example Repository URL

No response

Coolify Version

v4.0.0-beta.360

Are you using Coolify Cloud?

No (self-hosted)

Operating System and Version (self-hosted)

Ubuntu 22.04

Additional Information

No response

draylegend commented 5 days ago

I think I'm getting the same error:

net::ERR_CERT_AUTHORITY_INVALID
Subject: TRAEFIK DEFAULT CERT

Issuer: TRAEFIK DEFAULT CERT

Expires on: Oct 21, 2025

Current date: Oct 21, 2024

PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIDXjCCAkagAwIBAgIRAOa0gMpYPe3I+t+cyLramDQwDQYJKoZIhvcNAQELBQAw
...
-----END CERTIFICATE-----

For some reason it doesn't sign correctly.

Screenshots

Actual:

image

Expected:

image

Thank you very much for help in advance! ❤️‍🔥

draylegend commented 5 days ago

caddy logs

2024-10-21T16:36:41.748406027Z {"level":"info","ts":1729528601.748261,"logger":"docker-proxy","msg":"Running caddy proxy server"}
2024-10-21T16:36:41.749282586Z {"level":"info","ts":1729528601.7491908,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
2024-10-21T16:36:41.749446786Z {"level":"info","ts":1729528601.7493927,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
2024-10-21T16:36:41.749457026Z {"level":"info","ts":1729528601.7494261,"logger":"docker-proxy","msg":"Running caddy proxy controller"}
2024-10-21T16:36:41.750122465Z {"level":"info","ts":1729528601.7500494,"logger":"docker-proxy","msg":"Start","CaddyfilePath":"/dynamic/Caddyfile","EnvFile":"","LabelPrefix":"caddy","PollingInterval":5,"ProxyServiceTasks":true,"ProcessCaddyfile":true,"ScanStoppedContainers":false,"IngressNetworks":"[]","DockerSockets":[""],"DockerCertsPath":[""],"DockerAPIsVersion":[""]}
2024-10-21T16:36:41.750385824Z {"level":"info","ts":1729528601.750334,"logger":"docker-proxy","msg":"Caddy ContainerID","ID":"d387f7f2160f0089d32dbacb958b00e3a545adfcb347254cd0d016bc07883f10"}
2024-10-21T16:36:41.751931582Z {"level":"info","ts":1729528601.7518368,"logger":"docker-proxy","msg":"Connecting to docker events","DockerSocket":""}
2024-10-21T16:36:41.752442621Z {"level":"info","ts":1729528601.7523859,"logger":"docker-proxy","msg":"IngressNetworksMap","ingres":"map[015aa37d0b03ed3d570a0290a268a044caafce9a8b7339a706d2ab79e76780d1:true coolify:true]"}
2024-10-21T16:36:41.759276691Z {"level":"info","ts":1729528601.7591956,"logger":"docker-proxy","msg":"Swarm is available","new":false}
2024-10-21T16:36:41.777371305Z {"level":"info","ts":1729528601.7772486,"logger":"docker-proxy","msg":"New Caddyfile","caddyfile":"import /dynamic/*.caddy\n"}
2024-10-21T16:36:41.778759862Z {"level":"info","ts":1729528601.778536,"logger":"docker-proxy","msg":"New Config JSON","json":"{\"apps\":{\"http\":{\"servers\":{\"srv0\":{\"listen\":[\":443\"],\"routes\":[{\"match\":[{\"host\":[\"coolify.draylegend.dev\"]}],\"handle\":[{\"handler\":\"subroute\",\"routes\":[{\"group\":\"group2\",\"handle\":[{\"handler\":\"subroute\",\"routes\":[{\"handle\":[{\"handler\":\"reverse_proxy\",\"upstreams\":[{\"dial\":\"coolify-realtime:6002\"}]}]}]}],\"match\":[{\"path\":[\"/terminal/ws\"]}]},{\"group\":\"group2\",\"handle\":[{\"handler\":\"subroute\",\"routes\":[{\"handle\":[{\"handler\":\"reverse_proxy\",\"upstreams\":[{\"dial\":\"coolify-realtime:6001\"}]}]}]}],\"match\":[{\"path\":[\"/app/*\"]}]},{\"handle\":[{\"handler\":\"reverse_proxy\",\"upstreams\":[{\"dial\":\"coolify:80\"}]}]}]}],\"terminal\":true},{\"handle\":[{\"handler\":\"subroute\",\"routes\":[{\"handle\":[{\"handler\":\"static_response\",\"status_code\":404}]}]}],\"terminal\":true}]},\"srv1\":{\"listen\":[\":80\"],\"routes\":[{\"handle\":[{\"handler\":\"static_response\",\"status_code\":404}]}]}}}}}"}
2024-10-21T16:36:41.779251822Z {"level":"info","ts":1729528601.779104,"logger":"docker-proxy","msg":"Sending configuration to","server":"localhost"}
2024-10-21T16:36:41.782594657Z {"level":"info","ts":1729528601.7824945,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"60628","headers":{"Accept-Encoding":["gzip"],"Content-Length":["887"],"Content-Type":["application/json"],"User-Agent":["Go-http-client/1.1"]}}
2024-10-21T16:36:41.783734775Z {"level":"info","ts":1729528601.7836514,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//[::1]:2019","//127.0.0.1:2019","//localhost:2019"]}
2024-10-21T16:36:41.784058775Z {"level":"info","ts":1729528601.7839868,"logger":"http.auto_https","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
2024-10-21T16:36:41.784139655Z {"level":"info","ts":1729528601.7840993,"logger":"http.auto_https","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
2024-10-21T16:36:41.784207654Z {"level":"warn","ts":1729528601.7841763,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv1","http_port":80}
2024-10-21T16:36:41.784767014Z {"level":"info","ts":1729528601.7847002,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
2024-10-21T16:36:41.785242213Z {"level":"info","ts":1729528601.785171,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details."}
2024-10-21T16:36:41.785528492Z {"level":"info","ts":1729528601.7854722,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
2024-10-21T16:36:41.785650492Z {"level":"info","ts":1729528601.7855952,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]}
2024-10-21T16:36:41.785797692Z {"level":"info","ts":1729528601.7856822,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["coolify.draylegend.dev"]}
2024-10-21T16:36:41.786149812Z {"level":"info","ts":1729528601.7860909,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
2024-10-21T16:36:41.786347731Z {"level":"info","ts":1729528601.7861898,"logger":"admin.api","msg":"load complete"}
2024-10-21T16:36:41.786643371Z {"level":"info","ts":1729528601.784817,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x40002ddf80"}
2024-10-21T16:36:41.787558849Z {"level":"info","ts":1729528601.7874439,"logger":"tls.obtain","msg":"acquiring lock","identifier":"coolify.draylegend.dev"}
2024-10-21T16:36:41.787991209Z {"level":"info","ts":1729528601.7878368,"logger":"docker-proxy","msg":"Successfully configured","server":"localhost"}
2024-10-21T16:36:41.788168769Z {"level":"info","ts":1729528601.788121,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
2024-10-21T16:36:41.789472727Z {"level":"warn","ts":1729528601.7894065,"logger":"tls","msg":"storage cleaning happened too recently; skipping for now","storage":"FileStorage:/data/caddy","instance":"d7b5d324-68a5-454f-914b-06c933cacddb","try_again":1729615001.789405,"try_again_in":86399.99999956}
2024-10-21T16:36:41.789686646Z {"level":"info","ts":1729528601.7895694,"logger":"tls","msg":"finished cleaning storage units"}
2024-10-21T16:36:42.066156599Z {"level":"info","ts":1729528602.066041,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"60636","headers":{"Accept-Encoding":["gzip"],"Content-Length":["847"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
2024-10-21T16:36:42.070666432Z {"level":"info","ts":1729528602.0680993,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//127.0.0.1:2019","//localhost:2019","//[::1]:2019"]}
2024-10-21T16:36:42.070689632Z {"level":"warn","ts":1729528602.0681975,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv1","http_port":80}
2024-10-21T16:36:42.070694192Z {"level":"info","ts":1729528602.0682108,"logger":"http.auto_https","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
2024-10-21T16:36:42.070698112Z {"level":"info","ts":1729528602.0682175,"logger":"http.auto_https","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
2024-10-21T16:36:42.070701512Z {"level":"info","ts":1729528602.0685596,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
2024-10-21T16:36:42.070704592Z {"level":"info","ts":1729528602.068574,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
2024-10-21T16:36:42.070707752Z {"level":"info","ts":1729528602.0685961,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]}
2024-10-21T16:36:42.070710872Z {"level":"info","ts":1729528602.0685987,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["coolify.draylegend.dev"]}
2024-10-21T16:36:42.070713952Z {"level":"info","ts":1729528602.0686631,"logger":"http","msg":"servers shutting down with eternal grace period"}
2024-10-21T16:36:42.070716832Z {"level":"info","ts":1729528602.0690353,"logger":"tls.obtain","msg":"acquiring lock","identifier":"coolify.draylegend.dev"}
2024-10-21T16:36:42.070719832Z {"level":"info","ts":1729528602.069269,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
2024-10-21T16:36:42.070723232Z {"level":"info","ts":1729528602.0692754,"logger":"admin.api","msg":"load complete"}
2024-10-21T16:36:42.070726032Z {"level":"error","ts":1729528602.0693536,"logger":"tls","msg":"job failed","error":"coolify.draylegend.dev: obtaining certificate: unable to acquire lock 'issue_cert_coolify.draylegend.dev': context canceled"}
2024-10-21T16:36:42.070730272Z {"level":"info","ts":1729528602.0704274,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
2024-10-21T16:36:42.427559270Z {"level":"info","ts":1729528602.4274554,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"50606","headers":{"Accept-Encoding":["gzip"],"Content-Length":["847"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
2024-10-21T16:36:42.427655590Z {"level":"info","ts":1729528602.427612,"msg":"config is unchanged"}
2024-10-21T16:36:42.427694150Z {"level":"info","ts":1729528602.4276671,"logger":"admin.api","msg":"load complete"}

localhost settings

image

draylegend commented 3 days ago

I added Cloudflare, and everything started working