pablokbs
commented
3 years ago Estas corriendo en una raspberry? que version? pareciera que estás usando una imagen que no es compatible con ARM
Closed txitxo0 closed 3 years ago
pablokbs
commented
3 years ago Estas corriendo en una raspberry? que version? pareciera que estás usando una imagen que no es compatible con ARM
txitxo0
commented
3 years ago Estas corriendo en una raspberry? que version? pareciera que estás usando una imagen que no es compatible con ARM
Gracias por la pronta respuesta. Perdona, no lo puse en el cuerpo del mensaje. Sí, es una raspberry Pi 4:
$> cat /etc/os-release
PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
NAME="Raspbian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"Las imagenes que estoy utilizando, tal cual las del repo en master: para el proxy: budry/jwilder-nginx-proxy-arm para letsencrypt: duch/letsencrypt-nginx-proxy-companion:stable y para nginx: nginx
Siguiendo tu consejo acerca de la imagen, he visto en docker hub que esa imagen no es válida para ARM, efectivamente. Ahora estoy utilizando esta otra:
jrcs/letsencrypt-nginx-proxy-companion y parece que funciona. Sin embargo, si intento acceder al dominio a través de https no encuentra el sitio y si lo hace con http. Con puertos abiertos y con navegador en incognito (para evitar cachés)
ERR_CONNECTION_REFUSED
Attaching to iotstack_letsencrypt_1
letsencrypt_1 | Info: running letsencrypt-nginx-proxy-companion version v2.0.0-50-g5d890e7
letsencrypt_1 | Warning: '/etc/acme.sh' does not appear to be a mounted volume.
letsencrypt_1 | Generating a RSA private key
letsencrypt_1 | ........................................................................................................................................................................................++++
letsencrypt_1 | ..............................................................................................................................................................................................++++
letsencrypt_1 | writing new private key to '/etc/nginx/certs/default.key.new'
letsencrypt_1 | -----
letsencrypt_1 | Reloading nginx proxy (6737081309c3f957458bb318ab350936a6ed928a89b447bf06219c13a0ba940f)...
letsencrypt_1 | 2021/01/09 22:13:40 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt_1 | 2021/01/09 22:13:40 [notice] 42#42: signal process started
letsencrypt_1 | Info: a default key and certificate have been created at /etc/nginx/certs/default.key and /etc/nginx/certs/default.crt.
letsencrypt_1 | Info: Creating Diffie-Hellman group in the background.
letsencrypt_1 | A pre-generated Diffie-Hellman group will be used for now while the new one is being created.
letsencrypt_1 | Generating DH parameters, 2048 bit long safe prime, generator 2
letsencrypt_1 | Reloading nginx proxy (6737081309c3f957458bb318ab350936a6ed928a89b447bf06219c13a0ba940f)...
letsencrypt_1 | 2021/01/09 22:13:41 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt_1 | 2021/01/09 22:13:41 [notice] 57#57: signal process started
letsencrypt_1 | 2021/01/09 22:13:41 Generated '/app/letsencrypt_service_data' from 18 containers
letsencrypt_1 | 2021/01/09 22:13:41 Running '/app/signal_le_service'
letsencrypt_1 | 2021/01/09 22:13:41 Watching docker events
letsencrypt_1 | 2021/01/09 22:13:41 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
letsencrypt_1 | [Sat Jan 9 22:13:43 UTC 2021] Create account key ok.
letsencrypt_1 | [Sat Jan 9 22:13:44 UTC 2021] Registering account: https://acme-v02.api.letsencrypt.org/directory
letsencrypt_1 | [Sat Jan 9 22:13:46 UTC 2021] Registered
letsencrypt_1 | [Sat Jan 9 22:13:46 UTC 2021] ACCOUNT_THUMBPRINT='XF7DgczXus__bEKIbMnBZ83NYOBJzjQH5U420DNkkT4'
letsencrypt_1 | Reloading nginx proxy (6737081309c3f957458bb318ab350936a6ed928a89b447bf06219c13a0ba940f)...
letsencrypt_1 | 2021/01/09 22:13:47 Generated '/etc/nginx/conf.d/default.conf' from 18 containers
letsencrypt_1 | 2021/01/09 22:13:47 [notice] 72#72: signal process started
letsencrypt_1 | Creating/renewal myhost.duckdns.org certificates... (myhost.duckdns.org)
letsencrypt_1 | [Sat Jan 9 22:13:48 UTC 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
letsencrypt_1 | [Sat Jan 9 22:13:48 UTC 2021] Creating domain key
letsencrypt_1 | [Sat Jan 9 22:13:53 UTC 2021] The domain key is here: /etc/acme.sh/my@email.com/myhost.duckdns.org/myhost.duckdns.org.key
letsencrypt_1 | [Sat Jan 9 22:13:53 UTC 2021] Single domain='myhost.duckdns.org'
letsencrypt_1 | [Sat Jan 9 22:13:53 UTC 2021] Getting domain auth token for each domain
letsencrypt_1 | [Sat Jan 9 22:13:56 UTC 2021] Getting webroot for domain='myhost.duckdns.org'
letsencrypt_1 | [Sat Jan 9 22:13:56 UTC 2021] Verifying: myhost.duckdns.org
letsencrypt_1 | [Sat Jan 9 22:14:00 UTC 2021] Success
letsencrypt_1 | [Sat Jan 9 22:14:00 UTC 2021] Verify finished, start to sign.
letsencrypt_1 | [Sat Jan 9 22:14:00 UTC 2021] Lets finalize the order.
letsencrypt_1 | [Sat Jan 9 22:14:00 UTC 2021] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/108921098/7221487437'
letsencrypt_1 | [Sat Jan 9 22:14:02 UTC 2021] Downloading cert.
letsencrypt_1 | [Sat Jan 9 22:14:02 UTC 2021] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/038ba0017c34c519faa8792c120957968390'
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] Cert success.
letsencrypt_1 | -----BEGIN CERTIFICATE-----
letsencrypt_1 | MIIGOTCCBSGgAwIBAgISA4ugAXw0xRn6qHksEglXloOQMA0GCSqGSIb3DQEBCwUA
...
letsencrypt_1 | iTjVCtvh51QAahGKtQ==
letsencrypt_1 | -----END CERTIFICATE-----
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] Your cert is in /etc/acme.sh/my@email.com/myhost.duckdns.org/myhost.duckdns.org.cer
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] Your cert key is in /etc/acme.sh/my@email.com/myhost.duckdns.org/myhost.duckdns.org.key
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] The intermediate CA cert is in /etc/acme.sh/my@email.com/myhost.duckdns.org/ca.cer
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] And the full chain certs is there: /etc/acme.sh/my@email.com/myhost.duckdns.org/fullchain.cer
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] Installing cert to:/etc/nginx/certs/myhost.duckdns.org/cert.pem
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] Installing CA to:/etc/nginx/certs/myhost.duckdns.org/chain.pem
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] Installing key to:/etc/nginx/certs/myhost.duckdns.org/key.pem
letsencrypt_1 | [Sat Jan 9 22:14:03 UTC 2021] Installing full chain to:/etc/nginx/certs/myhost.duckdns.org/fullchain.pem
letsencrypt_1 | Reloading nginx proxy (6737081309c3f957458bb318ab350936a6ed928a89b447bf06219c13a0ba940f)...
letsencrypt_1 | 2021/01/09 22:14:04 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt_1 | 2021/01/09 22:14:04 [notice] 88#88: signal process started
letsencrypt_1 | Sleep for 3600s
Se debió de quedar corrompido algun fichero. Eliminé todo y al regenerar con jrcs/letsencrypt-nginx-proxy-companion ya está funcionando. Armando la PR por si es de utilidad a alguien. Gracias
txitxo0
commented
3 years ago Hola @pablokbs No conseguí abrir PR a tu rama, no se si no has dejado permisos para ello o simplemente como nunca he trabajado con github (a nivel profesional con otros tantos sí como gitLab, bitbucket, azuredevops....) quizás no haya sabido. La solución de cambiar el letsenrypt por esta otra imagen: jrcs/letsencrypt-nginx-proxy-companion me sigue funcionando sin problemas, por si te apetece echarle un vistazo ;) Gracias por tus videos
nginx-proxy:
image: budry/jwilder-nginx-proxy-arm
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- confd:/etc/nginx/conf.d
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
volumes:
- certs:/etc/nginx/certs:rw
- confd:/etc/nginx/conf.d
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
www:
image: nginx
restart: always
expose:
- "80"
volumes:
- /path/to/www:/usr/share/nginx/html:ro
environment:
- VIRTUAL_HOST=#hosting domain
- LETSENCRYPT_HOST=#hosting domain
- LETSENCRYPT_EMAIL=#email
volumes:
html:
vhostd:
confd:
certs:
Hola, gracias por los aportes tuyos y de la comunidad.
No estoy seguro de que esto sea un issue o más bien una pregunta. No consigo que letsencrypt me ande. El sitio me funciona con http pero no con https (abiertos los puertos).
Estoy usando duckdns.org y exactamente tu mismo docker-compose de la rama master cambiando volumes y environment de nginx_fredrikson para apuntar a mi web Sin embargo, el letsencrypt me lanza el siguiente error todo el rato:
etsencrypt_1 | standard_init_linux.go:219: exec user process caused: exec format errorEl docker compose es:Alguna idea, o mejor sitio paracompartir este problema? Gracias!