docker-compose > docker compose and Directus 10.4.x

[AristideBH]

Hello, and thanks for your boilerplate. I'm trying to use it to deploy Directus on my VPS.

I'm facing multiple problems I'm not really able to solve : When I initially launch the 'init-letsencrypt.sh', I'm greeted with a Error: docker-compose is not installed I indeed doesn't have it installed, as it's been depreciated, but have docker compose installed and working. I managed to get the script laucnhing by editing the first block like so :

if ! [ -x "$(command -v docker)" ]; then
  echo 'Error: docker is not installed.' >&2
  exit 1
fi

and by replacing all the docker-compose commands by docker compose.

I also edited the docker-compose.yml to support latest Directus 10.4.x and redis7, with the following lines :

services
  cache:
    container_name: cache
    image: redis:7
    command: --port 6380
    networks:
      - directus
  directus:
    environment:
      REDIS: "redis://cache:6380"
      WEBSOCKETS_ENABLED: true
      ...

Finally, I updated the DockerFile to support Directus 10.4.x :

FROM directus/directus:10.4.2

USER root
RUN corepack enable \
  && corepack prepare pnpm@8.3.1 --activate

USER node
RUN pnpm install directus-extension-editorjs

When I then launch the 'init-letsencrypt.sh', dummy keys are generated, but the cache and database services spin up indefinitely. I can't exit the task by ctrl+c, and must close and reopen the terminal to get it to stop. I've let the task run for almost 15 minutes without any change, but the certbot folder has been created and filled succesfully.

Here is the Terminal state when it's stuck :

root@vps-ari:/home/directus-docker-compose# ./init-letsencrypt.sh
### Downloading recommended TLS parameters ...

### Creating dummy certificate for xxxxxxxxx.com ...
[+] Building 0.0s (0/0)                                                                                                                                                            
[+] Building 0.0s (0/0)                                                                                                                                                            
Generating a RSA private key
...........................++++
..............................++++
writing new private key to '/etc/letsencrypt/live/aristide-bh.com/privkey.pem'
-----

### Starting nginx ...
[+] Building 0.0s (0/0)                                                                                                                                                            
[+] Running 0/2
 ⠦ Container cache     Creating                                                                                                                                              17.7s 
 ⠦ Container database  Creating                                                                                                                                              17.7s 

My server is a up-to-date VPS running Debian 11, where I uninstalled Apache2 and nginx. Before i tried to use it to host Directus, I've followed my host's guide to install a SSL certificate, but I don't know if i shall take back this step. The cloned repo is located in ./home/directus-docker-compose, but I don't know if that has any impact.

I hope all these informations are relevent and enough to get this sorted ! Will gladly provide more details if needed.

Thanks in advance

[AristideBH]

Further inspections and tests : I've got some responses when using ctrl+c one/two times then pressing Y and enter a few times. Got this in the Terminal all scrambled up with [+] Running 0/2:

Challenge failed for domain www.xxxxxxxx.com
http-01 challenge for xxxxxxxx.com
http-01 challenge for www.xxxxxxxx.com

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: aristide-bh.com
  Type:   connection
  Detail: 82.180.154.4: Fetching http://xxxxxxxx.com/.well-known/acme-challenge/T5PFUpISdRuWnRCNoLEn2zPK1R6J3FWt479WfBhMFqw: Connection refused

  Domain: www.xxxxxxxx.com
  Type:   connection
  Detail: 82.180.154.4: Fetching http://www.xxxxxxxx.com/.well-known/acme-challenge/RXCVz0KZVbLNN2gO1SOTb2uP4cUGpfHN1FMpWXPJQKM: Connection refused

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

The Terminal then keeps its described loop running

[AristideBH]

Sorry to flood the post, I've been experimenting, and have some more context to share upon redoing all the process.

1. I've reinstalled a clean Debian 11 onto my VPS, and then uninstalled apache2 from it.
2. Installed the official Docker, and spun the directus install as detailed earlier. This time, I put my directus-docker-compose straight into my root folder.
3. Running the edited init-letsencrypt.sh now seems to run without Terminal being flooded by [+] Running 0/2...., but :
4. I get the following :

   
   root@vps-ari:/directus-docker-compose# ./init-letsencrypt.sh
   ### Downloading recommended TLS parameters ...

Creating dummy certificate for xxxxxxxxxx.com ...

[+] Building 0.0s (0/0)
[+] Creating 1/1 ✔ Network directus-docker-compose_directus Created 1.1s [+] Running 13/13 ✔ certbot 12 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 10.9s ✔ 91d30c5bc195 Pull complete 1.9s ✔ 5d0bb5b9b8b7 Pull complete 3.0s ✔ 9369f9a4ffc3 Pull complete 5.4s ✔ d7106b6bd561 Pull complete 5.5s ✔ 8c76a60d2b3a Pull complete 6.2s ✔ e08bf95bbd48 Pull complete 6.2s ✔ 26174528a65c Pull complete 6.3s ✔ 41fea484b2e1 Pull complete 6.3s ✔ 5dd9ac53b45b Pull complete 6.4s ✔ 899e8acb0a4c Pull complete 6.6s ✔ dad4a746029b Pull complete 6.9s ✔ b524cdf16a36 Pull complete 9.1s [+] Building 0.0s (0/0)
Generating a RSA private key ....................................................................++++ ..................................................................................++++ writing new private key to '/etc/letsencrypt/live/xxxxxxxxxx.com/privkey.pem'

Starting nginx ...

[+] Running 37/24 ✔ database 21 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 31.8s ✔ cache 6 layers [⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 21.1s ✔ nginx 7 layers [⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 14.5s

[+] Building 183.8s (7/7) FINISHED
=> [directus internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 202B 0.0s => [directus internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [directus internal] load metadata for docker.io/directus/directus:10.4.2 1.2s => [directus 1/3] FROM docker.io/directus/directus:10.4.2@sha256:e38c928e541fb3c3d274dc71fc1b36b3d3860b6ffff3dda8081974b1e0fcc724 28.7s => => resolve docker.io/directus/directus:10.4.2@sha256:e38c928e541fb3c3d274dc71fc1b36b3d3860b6ffff3dda8081974b1e0fcc724 0.0s => => sha256:25a1a6b3dfe46b4dbf11fa556f5f604d24522ad5515aad70a6e42bb80a13f25c 8.49kB / 8.49kB 0.0s => => sha256:02735cb6c78bf40ddce33f02c68827a8ae3fdc99370db62c77e21c995ace836a 2.34MB / 2.34MB 2.8s => => sha256:e38c928e541fb3c3d274dc71fc1b36b3d3860b6ffff3dda8081974b1e0fcc724 1.61kB / 1.61kB 0.0s => => sha256:c35d7b809635f553b795374b66b811841657f2ffc4503c307d48013b1c034770 1.44kB / 1.44kB 0.0s => => sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3 3.40MB / 3.40MB 2.8s => => sha256:560412e561fb4693d4bc6e5d197ccdfb42d1453d0eebf0d772baeacdbaab4b63 47.49MB / 47.49MB 3.3s => => extracting sha256:31e352740f534f9ad170f75378a84fe453d6156e40700b882d737a8f4a6988a3 0.3s => => sha256:346d739b7269a671e2036554b506e8447fe322dc42a4ab9176635d79f7fbc09e 100B / 100B 3.3s => => sha256:86d562f7b85533d4f8cf87a09747444f7002c74b1897f5e4db2ffbeafa3013b3 450B / 450B 3.4s => => sha256:c337b08a6a4e1f75474b46d76097defede39c83922a135727b516477aa7a0e87 71.76MB / 71.76MB 6.7s => => extracting sha256:560412e561fb4693d4bc6e5d197ccdfb42d1453d0eebf0d772baeacdbaab4b63 6.4s => => extracting sha256:02735cb6c78bf40ddce33f02c68827a8ae3fdc99370db62c77e21c995ace836a 0.1s => => extracting sha256:86d562f7b85533d4f8cf87a09747444f7002c74b1897f5e4db2ffbeafa3013b3 0.0s => => extracting sha256:346d739b7269a671e2036554b506e8447fe322dc42a4ab9176635d79f7fbc09e 0.0s => => extracting sha256:c337b08a6a4e1f75474b46d76097defede39c83922a135727b516477aa7a0e87 17.6s => [directus 2/3] RUN corepack enable && corepack prepare pnpm@8.3.1 --activate 5.4s => [directus 3/3] RUN pnpm install directus-extension-editorjs 130.2s => [directus] exporting to image 18.2s => => exporting layers 18.1s => => writing image sha256:ef0bda75cea0747fbdc5218cc11793814e5b237f635a899e870c46a001247086 0.0s => => naming to docker.io/library/directus-docker-compose-directus 0.0s [+] Running 4/4
✔ Container database Started 3.5s ✔ Container cache Started 3.3s ✔ Container directus Started 6.2s ✔ Container directus-docker-compose-nginx-1 Started 9.4s

Deleting dummy certificate for xxxxxxxxxx.com ...

[+] Building 0.0s (0/0)
[+] Building 0.0s (0/0)

Requesting Let's Encrypt certificate for xxxxxxxxxx.com ...

[+] Building 0.0s (0/0)
[+] Building 0.0s (0/0)
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None

---

Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom.

---

(Y)es/(N)o: n Account registered. Requesting a certificate for xxxxxxxxxx.com and www.xxxxxxxxxx.com Performing the following challenges: http-01 challenge for xxxxxxxxxx.com http-01 challenge for www.xxxxxxxxxx.com Using the webroot path /var/www/certbot for all unmatched domains. Waiting for verification... Challenge failed for domain xxxxxxxxxx.com Challenge failed for domain www.xxxxxxxxxxh.com http-01 challenge for xxxxxxxxxx.com http-01 challenge for www.xxxxxxxxxx.com

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: xxxxxxxxxx.com Type: connection Detail: 82.180.154.4: Fetching http://xxxxxxxxxx.com/.well-known/acme-challenge/G7bIn9vz-4rZD0sTFkdeVbZMT9jNT2L3l93rFnCQNss: Connection refused

Domain: www.xxxxxxxxxx.com Type: connection Detail: 82.180.154.4: Fetching http://www.xxxxxxxxxx.com/.well-known/acme-challenge/bm5u8WM4aOo_6pwvR9PVzFH0DK_MmCVIqula_nFmAy4: Connection refused

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Cleaning up challenges Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Reloading nginx ...

Error response from daemon: Container 9859f7134aad0a7d54d17be20982f1b09b1f091cce79937d77beb7fdc98f3968 is restarting, wait until the container is running

I've obvioulsy replaced my domain with `xxxxxxxxxx.com`, althought I haven't mentionned it earlier.

Looking at my VPS structure, I'm not able to locate the `http://xxxxxxxxxx.com/.well-known/acme-challenge`. 
Could it be the culprit ?

[emidiotorre]

Hi @AristideBH !

I'm really sorry to have missed your comments, I literally forgot about this repo, as it is the first thing I actually open sourced and never thought anybody would use it and give me real feedback on this. 🙏

Thank you for putting so much time into upgrading the thing and documenting it.

I will do my best to update it, and to make it work nicely for this use case.

I'll let you know. I hope it's never too late :)