Open EthraZa opened 4 years ago
While I'm not authoritative on Docker issues, it can be hard to deploy third party software, especially when it is not packaged upstream (I think luaossl is packaged only in Debian Buster or later). I don't think we've officially considered using this script with Docker, but that could be quite useful indeed.
As for Lua paths, HAProxy inherits the usual LUA_PATH and LUA_CPATH, as defined in Lua source tarball (src/luaconf.h). Before, you could play with 'package.path' in your Lua script, and add that with lua-load before loading our script. Starting with HAProxy 2.2, you can use new directive, lua-prepend-path for the same purpose: https://cbonte.github.io/haproxy-dconv/2.2/configuration.html#lua-prepend-path
Last, but not the least, currently, this module does not work with upstream ACMEv2 servers (there were quite a few changes in the last months), so it will need some updating.
I'm trying all day long, but it just does not work. The instructions are insufficient.
I don't understand why the haproxy docker image can't come with lua-ossl, but ok, I build one image just to add this one. The instruction say to put the files in the right LUA_PATH, but don't tell us where it is or how to find it within haproxy, but ok, after some hours, I find out it could be /usr/local/share/lua/5.3/. So I droped all the lua files there, just to find out the lua-load config.lua does not find the file. Ok, lua-load /usr/local/share/lua/5.3/config.lua seens to work. But, lua-load /usr/local/share/lua/5.3/acme.lua will tell me it can't load the damn http.lua file that is there, with all the rest.
That is it. And I still don't understand why haproxy guys thinks SSL is not cool enough in 2020 to not get it bundled in a working state with haproxy docker image. If someone can point me where I'm getting it wrong, I can try again. Till there, acme.sh docker image works out of the box.