Closed dikey94 closed 6 years ago
did you declared the host also with www?
Here is my website.conf:
upstream website { server website:3000; }
server { listen 80; server_name website.pl www.website.pl;
location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://website; #proxy_redirect off; }
}
And a part of docker-compose.yml:
website: restart: always image: r.cfcr.io/dikey94/damiankuligcom/website:master container_name: website volumes:
- ./public:/usr/src/app/public
- ./shared:/usr/src/app/shared
- ./import:/usr/src/app/import
- "./volumes/nginx-website/conf.d/:/etc/nginx/conf.d" env_file: .env environment:
- RAILS_ENV=production
- VIRTUAL_HOST=website.pl
- VIRTUAL_NETWORK=nginx-proxy
- VIRTUAL_PORT=80
- LETSENCRYPT_HOST=website.pl
- LETSENCRYPT_EMAIL=admin@website.pl depends_on:
- db links:
- db expose:
- "3000"
you also need to declare the www part on the VIRTUAL_HOST variable:
Sure. I've updated my docker-compose.yml file.
https://website.pl works, https://www.website.pl doesn't work.
Is it necessary to update the cert in any way?
Thank you.
The cert has to accept also the domain with all of their alias (in your case with www)
docker-compose down && docker-compose up -d
should update the certificate, take a look on the logs
This is what I found:
debian@serwer-1:~/website-prod$ docker-compose logs -f Attaching to nginx-gen, letsencrypt-nginx-proxy-companion, website, nginx, websiteprod_db_1 nginx-gen | 2018/05/27 14:45:34 Generated '/etc/nginx/conf.d/default.conf' from 5 containers nginx-gen | 2018/05/27 14:45:34 Sending container 'nginx' signal '1' nginx-gen | 2018/05/27 14:45:34 Watching docker events nginx-gen | 2018/05/27 14:45:34 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '' nginx-gen | 2018/05/27 14:45:34 Received signal: hangup nginx-gen | 2018/05/27 14:45:34 Received signal: hangup nginx-gen | 2018/05/27 14:45:34 Generated '/etc/nginx/conf.d/default.conf' from 5 containers nginx-gen | 2018/05/27 14:45:34 Sending container 'nginx' signal '1' letsencrypt-nginx-proxy-companion | Sleep for 3600s letsencrypt-nginx-proxy-companion | 2018/05/27 14:45:34 Generated '/app/letsencrypt_service_data' from 5 containers letsencrypt-nginx-proxy-companion | 2018/05/27 14:45:34 Running '/app/signal_le_service' letsencrypt-nginx-proxy-companion | 2018/05/27 14:45:34 Watching docker events letsencrypt-nginx-proxy-companion | 2018/05/27 14:45:34 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service' letsencrypt-nginx-proxy-companion | /etc/nginx/certs/website.pl /app letsencrypt-nginx-proxy-companion | Reloading nginx docker-gen (using separate container nginx-gen)... letsencrypt-nginx-proxy-companion | Reloading nginx (using separate container 6bb03f3369f7bfb7841e79cc9bf4e0c01cd09d9b7b18a7cd3755eddf3c1f8343)... letsencrypt-nginx-proxy-companion | Creating/renewal website.pl certificates... (website.pl) letsencrypt-nginx-proxy-companion | 2018-05-27 14:45:35,098:INFO:simp_le:1564: Certificates already exist and renewal is not necessary, exiting with status code 1. letsencrypt-nginx-proxy-companion | /app letsencrypt-nginx-proxy-companion | Sleep for 3600s
debian@serwer-1:~/website-prod$ docker-compose exec letsencrypt-nginx-proxy-companion /app/force_renew /etc/nginx/certs/website.pl /app Creating/renewal website.pl certificates... (website.pl) 2018-05-27 15:05:28,709:INFO:simp_le:1479: Generating new certificate private key ACME server returned an error: urn:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new cert :: too many certificates already issued for exact set of domains: website.pl: see https://letsencrypt.org/docs/rate-limits/
I'm sorry for the mess.
I think this is the limit:
We also have a Duplicate Certificate limit of 5 certificates per week. A certificate is considered a duplicate of an earlier certificate if they contain the exact same set of hostnames, ignoring capitalization and ordering of hostnames. For instance, if you requested a certificate for the names [www.example.com, example.com], you could request four more certificates for [www.example.com, example.com] during the week. If you changed the set of names by adding [blog.example.com], you would be able to request additional certificates. https://letsencrypt.org/docs/rate-limits/
Is there any way to get the certificate only for www.website.pl?
Thanks.
All right - I have figured it out. We need to declare the www part also in LETSENCRYPT_HOST. @piscue thank for the support!
Hi. thanks for the project.
Everything works fine except www prefixed address - I get "insecure connection". Any ideas? Thanks.
Damian