Closed Djelibeybi closed 2 years ago
I tried changing the quotes to doubles and it still fails. I even tried hand-crafting the podman
command and it didn't work. I've tried passing only the OCI vars in a custom env-file and it still fails. Adding --privileged
, still fails.
This is really bizarre. I have no idea why it can read the file when the container runs a shell, but not if it runs lego
. And I can't find any way to get any verbose or debug output from lego
.
Ok, I finally worked it out. It works if the values are provided without any quotes at all, i.e. the udm-le.env
file needs to have the OCI_*
variables formatted like this:
OCI_PRIVKEY_FILE=/root/.secrets/oci_api_key.pem
OCI_PUBKEY_FINGERPRINT=00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
OCI_TENANCY_OCID=ocid1.tenancy.oc1..secret
OCI_COMPARTMENT_OCID=ocid1.tenancy.oc1..secret
OCI_USER_OCID=ocid1.user.oc1..secret
OCI_REGION=us-ashburn-1
I've documented this requirement for OCI in my PR to include docs for OCI: #60.
Describe the bug I'm trying to configure OCI DNS which requires a client-side certificate which is stored in PEM format to be available. If I configure the environment variables in
udm-le.env
and run the script as documented, LEGO throws a "no such file or directory". However, if I override theentrypoint
and run LEGO manually, it works just fine.This is similar to https://github.com/kchristensen/udm-le/issues/51 but the OCI provider doesn't have a
_PATH
variant and running the command manually works.To Reproduce Add the following to
udm-le.env
and runudm-le.sh initial
:If you launch the container and override the entrypoint and run this, it works just fine:
Expected behavior I expected the script to work because it does manually. The only difference I can see is the use of single vs double quotes, so I'm going to try replacing the quote in
udm-le.env
to see if that fixes it.Version Information (please complete the following information):