Poste.io con letsencrypt-nginx-proxy-companion ERROR

[denebtech]

Buen dia peladonerd, queria consultarte por Poste.io. Estoy tratando de levantarlo en mi servidor casero con un docker-compose.yml pero me salen errores como los de la image (a pesar de que en mi router tengo abierto el puerto 25)

Lo que si, en los puertos del nginx-proxy uso el 8000 y 8443 (tambien abiertos en el router y apuntando al servidor casero). Como se aprecia, uso dominios de duckdns.

Adjunto el docker-compose.yml. Dos cuestiones adicionales: la primera, con la variable HTTPS=ON, no me dejaba acceder ni por el puerto 8000 ni el 8443 al server, asi que la dejaba en OFF para probar; la segunda, solo podia acceder desde el puerto 8000 (que apunta al 80 del docker del nginx), es decir, tenia que acceder desde http://mail-testing.duckdns.org:8000.

version: '3.0'

services:
  duckdns:
    image: linuxserver/duckdns
    container_name: duckdns
    environment:
      - TZ=America/Argentina/Jujuy
      - SUBDOMAINS=public-repository,testing-jairo,mail-testing
      - TOKEN=2829705a-7c0b-4fc9-bd33-bba676204e4a
      - LOG_FILE=false #optional
  nginx-proxy:
    image: jwilder/nginx-proxy
    container_name: nginx-proxy
    ports:
      - "8000:80"
      - "8443:443"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - certs:/etc/nginx/certs:ro
      - vhostd:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - mailserver:/usr/share/nginx/html/.well-known
    labels:
      - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: letsencrypt
    restart: always
    environment:
      - NGINX_PROXY_CONTAINER=nginx-proxy
    volumes:
      - certs:/etc/nginx/certs:rw
      - vhostd:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - mailserver:/usr/share/nginx/html/.well-known
      - /var/run/docker.sock:/var/run/docker.sock:ro
  web:
    image: nginx
    restart: always
    volumes: 
      - ./www:/usr/share/nginx/html
    expose:
      - 80
    environment:
      - VIRTUAL_HOST=public-repository.duckdns.org
      - LETSENCRYPT_HOST=public-repository.duckdns.org
      - LETSENCRYPT_EMAIL=joelquispeunju@gmail.com
  mongo-express:
    image: mongo-express
    container_name: mongo-express
    expose:
      - 8081
    environment:
      - ME_CONFIG_BASICAUTH_USERNAME=jairo
      - ME_CONFIG_BASICAUTH_PASSWORD=MongoExpress2019!
      - ME_CONFIG_MONGODB_PORT=27017
      - ME_CONFIG_MONGODB_ADMINUSERNAME=root
      - ME_CONFIG_MONGODB_ADMINPASSWORD=MongoDB2019!
      - VIRTUAL_HOST=testing-jairo.duckdns.org
      - LETSENCRYPT_HOST=testing-jairo.duckdns.org
      - LETSENCRYPT_EMAIL=joelquispeunju@gmail.com
    links:
      - mongo
  mongo:
    image: mongo
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: MongoDB2019!
    ports:
      - "27017:27017"
    volumes:
      - ./database/db:/data/db
  mailserver:
    image: analogic/poste.io
    container_name: mailserver
    restart: always
    expose:
      - 80
    ports:
      - "25:25"
      - "110:110"
      - "143:143"
      - "587:587"
      - "993:993"
      - "995:995"
      - "4190:4190"
    environment:
      - VIRTUAL_HOST=mail-testing.duckdns.org
      - LETSENCRYPT_HOST=mail-testing.duckdns.org
      - LETSENCRYPT_EMAIL=joelquispeunju@gmail.com
      - HTTPS=OFF
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - data:/data
      - mailserver:/opt/www/.well-known
volumes:
  certs:
  html:
  vhostd:
  data:
  mailserver:

También adjunto los logs del nginx-proxy y letsencrypt

Attaching to nginx-proxy
nginx-proxy      | WARNING: /etc/nginx/dhparam/dhparam.pem was not found. A pre-generated dhparam.pem will be used for now while a new one
nginx-proxy      | is being generated in the background.  Once the new dhparam.pem is in place, nginx will be reloaded.
nginx-proxy      | forego     | starting dockergen.1 on port 5000
nginx-proxy      | forego     | starting nginx.1 on port 5100
nginx-proxy      | dockergen.1 | 2020/02/08 23:27:25 Generated '/etc/nginx/conf.d/default.conf' from 10 containers
nginx-proxy      | dockergen.1 | 2020/02/08 23:27:25 Running 'nginx -s reload'
nginx-proxy      | dockergen.1 | 2020/02/08 23:27:25 Watching docker events
nginx-proxy      | dockergen.1 | 2020/02/08 23:27:28 Generated '/etc/nginx/conf.d/default.conf' from 11 containers
nginx-proxy      | dockergen.1 | 2020/02/08 23:27:28 Running 'nginx -s reload'
nginx-proxy      | dockergen.1 | 2020/02/08 23:27:28 Received event start for container 8d9f21c858db
nginx-proxy      | dockergen.1 | 2020/02/08 23:27:28 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
nginx-proxy      | 2020/02/08 23:28:16 [notice] 111#111: signal process started
nginx-proxy      | Generating DH parameters, 2048 bit long safe prime, generator 2
nginx-proxy      | This is going to take a long time
nginx-proxy      | dhparam generation complete, reloading nginx
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:41 +0000] "GET / HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:41 +0000] "GET /admin/install/server HTTP/1.1" 200 2387 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:53 +0000] "GET /admin/install/test?target=110&hostname=mail-testing.duckdns.org HTTP/1.1" 200 80 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:55 +0000] "GET /admin/install/test?target=587&hostname=mail-testing.duckdns.org HTTP/1.1" 200 88 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:55 +0000] "GET /admin/install/test?target=143&hostname=mail-testing.duckdns.org HTTP/1.1" 200 165 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:57 +0000] "GET /admin/install/test?target=995&hostname=mail-testing.duckdns.org HTTP/1.1" 200 80 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:57 +0000] "GET /admin/install/test?target=993&hostname=mail-testing.duckdns.org HTTP/1.1" 200 161 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:58 +0000] "GET /admin/install/test?target=4190&hostname=mail-testing.duckdns.org HTTP/1.1" 200 100 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:31:58 +0000] "GET /admin/install/test?target=outbound&hostname=mail-testing.duckdns.org HTTP/1.1" 200 106 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:03 +0000] "GET /admin/install/test?target=25&hostname=mail-testing.duckdns.org HTTP/1.1" 200 89 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:04 +0000] "GET /admin/install/test?target=ip6&hostname=mail-testing.duckdns.org HTTP/1.1" 200 80 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:09 +0000] "GET /admin/install/test?target=ip4&hostname=mail-testing.duckdns.org HTTP/1.1" 200 77 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:50 +0000] "GET /admin/install/test?target=80&hostname=mail-testing.duckdns.org HTTP/1.1" 504 160 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:50 +0000] "GET /admin/install/test?target=443&hostname=mail-testing.duckdns.org HTTP/1.1" 504 167 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy      | nginx.1    | 2020/02/08 23:32:50 [error] 113#113: *9 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 190.110.242.179, server: mail-testing.duckdns.org, request: "GET /admin/install/test?target=443&hostname=mail-testing.duckdns.org HTTP/1.1", upstream: "http://192.168.80.4:80/admin/install/test?target=443&hostname=mail-testing.duckdns.org", host: "mail-testing.duckdns.org:8000", referrer: "http://mail-testing.duckdns.org:8000/admin/install/server"
nginx-proxy      | nginx.1    | mail-testing.duckdns.org 190.110.242.179 - - [08/Feb/2020:23:32:54 +0000] "GET /admin/install/test?target=result-le&hostname=mail-testing.duckdns.org HTTP/1.1" 504 160 "http://mail-testing.duckdns.org:8000/admin/install/server" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"

Attaching to letsencrypt
letsencrypt      | Info: Custom Diffie-Hellman group found, generation skipped.
letsencrypt      | Reloading nginx proxy (446f18aab3e729c92c57a6653fa45e1ff81543c33e6f142270aaed745e0d6204)...
letsencrypt      | 2020/02/08 23:27:28 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt      | 2020/02/08 23:27:28 [notice] 73#73: signal process started
letsencrypt      | Sleep for 3600s
letsencrypt      | 2020/02/08 23:27:28 Generated '/app/letsencrypt_service_data' from 11 containers
letsencrypt      | 2020/02/08 23:27:28 Running '/app/signal_le_service'
letsencrypt      | 2020/02/08 23:27:28 Watching docker events
letsencrypt      | 2020/02/08 23:27:28 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
letsencrypt      | /etc/nginx/certs/mail-testing.duckdns.org /app
letsencrypt      | Reloading nginx proxy (446f18aab3e729c92c57a6653fa45e1ff81543c33e6f142270aaed745e0d6204)...
letsencrypt      | 2020/02/08 23:27:29 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt      | 2020/02/08 23:27:29 [notice] 105#105: signal process started
letsencrypt      | Creating/renewal mail-testing.duckdns.org certificates... (mail-testing.duckdns.org)
letsencrypt      | 2020-02-08 23:27:32,847:INFO:simp_le:1414: Generating new certificate private key
letsencrypt      | 2020-02-08 23:27:45,508:ERROR:simp_le:1396: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Are all your domains accessible from the internet? Please check your domains' DNS entries, your host's network/firewall setup and your webserver config. If a domain's DNS entry has both A and AAAA fields set up, some CAs such as Let's Encrypt will perform the challenge validation over IPv6. If your DNS provider does not answer correctly to CAA records request, Let's Encrypt won't issue a certificate for your domain (see https://letsencrypt.org/docs/caa/). Failing authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2715025637
letsencrypt      | Challenge validation has failed, see error log.
letsencrypt      | 
letsencrypt      | Debugging tips: -v improves output verbosity. Help is available under --help.
letsencrypt      | /app
letsencrypt      | /etc/nginx/certs/public-repository.duckdns.org /app
letsencrypt      | Creating/renewal public-repository.duckdns.org certificates... (public-repository.duckdns.org)
letsencrypt      | 2020-02-08 23:27:47,223:INFO:simp_le:1546: Certificates already exist and renewal is not necessary, exiting with status code 1.
letsencrypt      | /app
letsencrypt      | /etc/nginx/certs/testing-jairo.duckdns.org /app
letsencrypt      | Creating/renewal testing-jairo.duckdns.org certificates... (testing-jairo.duckdns.org)
letsencrypt      | 2020-02-08 23:27:49,141:INFO:simp_le:1546: Certificates already exist and renewal is not necessary, exiting with status code 1.
letsencrypt      | /app
letsencrypt      | Sleep for 3600s

Desde ya, muchas gracias por tu ayuda. PD/ Sos un groso...!

[denebtech]

Buenas peladonerd. Queria agregar otro problema (o capaz sea "el" problema). Estaba agregando un wordpress al docker-compose.yml para armar un blog, pero no me genera los certificados. Al igual que los otros contenedores, use dominios duckdns. En total, tendria 4 dominios duckdns, de los cuales solo dos se estan generando los certificados. Probe usando un contenedor 'web2' con nginx para ver si generaba los certificados pero nada. Pero lo que si note es que si uso uno de esos dominios de los que si genera los certificados en el contenedor de "wordpress", si me los toma. Mi pregunta seria, hay un limite a la hora de generar certificados?

Adjunto como quedo mi docker-compose.yml y los logs de letsencrypt.

docker-compose.yml

version: '3.0'

services:
  duckdns:
    image: linuxserver/duckdns
    container_name: duckdns
    environment:
      - TZ=America/Argentina/Jujuy
      - SUBDOMAINS=public-repository,testing-jairo,mail-testing,my-personal-blog
      - TOKEN=2829705a-7c0b-4fc9-bd33-bba676204e4a
      - LOG_FILE=false #optional
  nginx-proxy:
    image: jwilder/nginx-proxy
    container_name: nginx-proxy
    ports:
      - "8000:80"
      - "8443:443"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - certs:/etc/nginx/certs:ro
      - vhostd:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - mailserver:/usr/share/nginx/html/.well-known
    labels:
      - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: letsencrypt
    restart: always
    environment:
      - NGINX_PROXY_CONTAINER=nginx-proxy
    volumes:
      - certs:/etc/nginx/certs:rw
      - vhostd:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - mailserver:/usr/share/nginx/html/.well-known
      - /var/run/docker.sock:/var/run/docker.sock:ro
  web:
    image: nginx
    restart: always
    volumes: 
      - ./www:/usr/share/nginx/html
    expose:
      - 80
    environment:
      - VIRTUAL_HOST=public-repository.duckdns.org
      - LETSENCRYPT_HOST=public-repository.duckdns.org
      - LETSENCRYPT_EMAIL=joelquispeunju@gmail.com
  web2:
    image: nginx
    restart: always
    volumes:
      - ./www:/usr/share/nginx/html
    expose:
      - 80
    environment:
      - VIRTUAL_HOST=my-personal-blog.duckdns.org
      - LETSENCRYPT_HOST=my-personal-blog.duckdns.org
      - LETSENCRYPT_EMAIL=yamahar1.topomix@gmail.com
#  mongo-express:
#    image: mongo-express
#    container_name: mongo-express
#    expose:
#      - 8081
#    environment:
#      - ME_CONFIG_BASICAUTH_USERNAME=jairo
#      - ME_CONFIG_BASICAUTH_PASSWORD=MongoExpress2019!
#      - ME_CONFIG_MONGODB_PORT=27017
#      - ME_CONFIG_MONGODB_ADMINUSERNAME=root
#      - ME_CONFIG_MONGODB_ADMINPASSWORD=MongoDB2019!
#      - VIRTUAL_HOST=testing-jairo.duckdns.org
#      - LETSENCRYPT_HOST=testing-jairo.duckdns.org
#      - LETSENCRYPT_EMAIL=joelquispeunju@gmail.com
#    links:
#      - mongo
  mongo:
    image: mongo
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: MongoDB2019!
    ports:
      - "27017:27017"
    volumes:
      - ./database/db:/data/db
  mailserver:
    image: analogic/poste.io
    container_name: mailserver
    restart: always
    expose:
      - 80
    ports:
      - "25:25"
      - "110:110"
      - "143:143"
      - "587:587"
      - "993:993"
      - "995:995"
      - "4190:4190"
    environment:
      - VIRTUAL_HOST=mail-testing.duckdns.org
      - LETSENCRYPT_HOST=mail-testing.duckdns.org
      - LETSENCRYPT_EMAIL=joelquispeunju@gmail.com
      - HTTPS=OFF
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - data:/data
      - mailserver:/opt/www/.well-known
  wordpress:
    image: wordpress
    restart: always
    depends_on:
      - db
    expose:
      - 80
    environment:
      - WORDPRESS_DB_HOST=db
      - WORDPRESS_DB_USER=exampleuser
      - WORDPRESS_DB_PASSWORD=test
      - WORDPRESS_DB_NAME=test
      - VIRTUAL_HOST=testing-jairo.duckdns.org
      - LETSENCRYPT_HOST=testing-jairo.duckdns.org
      - LETSENCRYPT_EMAIL=joelquispeunju@gmail.com
    volumes:
      - ./wordpress/html:/var/www/html
      - ./wordpress/themes:/var/www/html/wp-content/themes/
      - ./wordpress/plugins:/var/www/html/wp-content/plugins/
  db:
    image: mysql:5.7
    restart: always
    environment:
      - MYSQL_DATABASE=test
      - MYSQL_USER=exampleuser
      - MYSQL_PASSWORD=test
      - MYSQL_RANDOM_ROOT_PASSWORD=test
    volumes:
      - ./wordpress/data:/var/lib/mysql

volumes:
  certs:
  html:
  vhostd:
  data:
  mailserver:

logs letsencrypt:

letsencrypt    | Challenge validation has failed, see error log.
letsencrypt    | 
letsencrypt    | Debugging tips: -v improves output verbosity. Help is available under --help.
letsencrypt    | /app
letsencrypt    | /etc/nginx/certs/public-repository.duckdns.org /app
letsencrypt    | Creating/renewal public-repository.duckdns.org certificates... (public-repository.duckdns.org)
letsencrypt    | 2020-02-09 03:36:58,804:INFO:simp_le:1546: Certificates already exist and renewal is not necessary, exiting with status code 1.
letsencrypt    | /app
letsencrypt    | /etc/nginx/certs/testing-jairo.duckdns.org /app
letsencrypt    | Creating/renewal testing-jairo.duckdns.org certificates... (testing-jairo.duckdns.org)
letsencrypt    | 2020-02-09 03:37:00,790:INFO:simp_le:1546: Certificates already exist and renewal is not necessary, exiting with status code 1.
letsencrypt    | /app
letsencrypt    | Sleep for 3600s
letsencrypt    | 2020/02/09 03:38:07 Received event die for container 6f9f02783049
letsencrypt    | 2020/02/09 03:38:07 Received event stop for container 6f9f02783049
letsencrypt    | 2020/02/09 03:38:09 Received event start for container f21da52077a0
letsencrypt    | 2020/02/09 03:38:24 Debounce minTimer fired
letsencrypt    | 2020/02/09 03:38:24 Generated '/app/letsencrypt_service_data' from 13 containers
letsencrypt    | 2020/02/09 03:38:24 Running '/app/signal_le_service'
letsencrypt    | /etc/nginx/certs/mail-testing.duckdns.org /app
letsencrypt    | Creating/renewal mail-testing.duckdns.org certificates... (mail-testing.duckdns.org)
letsencrypt    | 2020-02-09 03:38:28,116:INFO:simp_le:1414: Generating new certificate private key
letsencrypt    | ACME server returned an error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
letsencrypt    | 
letsencrypt    | 
letsencrypt    | Debugging tips: -v improves output verbosity. Help is available under --help.
letsencrypt    | /app
letsencrypt    | /etc/nginx/certs/my-personal-blog.duckdns.org /app
letsencrypt    | Creating/renewal my-personal-blog.duckdns.org certificates... (my-personal-blog.duckdns.org)
letsencrypt    | 2020-02-09 03:38:35,044:INFO:simp_le:1414: Generating new certificate private key
letsencrypt    | 2020-02-09 03:38:48,439:ERROR:simp_le:1396: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Are all your domains accessible from the internet? Please check your domains' DNS entries, your host's network/firewall setup and your webserver config. If a domain's DNS entry has both A and AAAA fields set up, some CAs such as Let's Encrypt will perform the challenge validation over IPv6. If your DNS provider does not answer correctly to CAA records request, Let's Encrypt won't issue a certificate for your domain (see https://letsencrypt.org/docs/caa/). Failing authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2718240332
letsencrypt    | Challenge validation has failed, see error log.
letsencrypt    | 
letsencrypt    | Debugging tips: -v improves output verbosity. Help is available under --help.
letsencrypt    | /app
letsencrypt    | /etc/nginx/certs/public-repository.duckdns.org /app
letsencrypt    | Creating/renewal public-repository.duckdns.org certificates... (public-repository.duckdns.org)
letsencrypt    | 2020-02-09 03:38:50,193:INFO:simp_le:1546: Certificates already exist and renewal is not necessary, exiting with status code 1.
letsencrypt    | /app
letsencrypt    | /etc/nginx/certs/testing-jairo.duckdns.org /app
letsencrypt    | Creating/renewal testing-jairo.duckdns.org certificates... (testing-jairo.duckdns.org)
letsencrypt    | 2020-02-09 03:38:52,147:INFO:simp_le:1546: Certificates already exist and renewal is not necessary, exiting with status code 1.
letsencrypt    | /app
letsencrypt    | Sleep for 3600s

logs nginx-proxy

Attaching to nginx-proxy
nginx-proxy    | WARNING: /etc/nginx/dhparam/dhparam.pem was not found. A pre-generated dhparam.pem will be used for now while a new one
nginx-proxy    | is being generated in the background.  Once the new dhparam.pem is in place, nginx will be reloaded.
nginx-proxy    | forego     | starting dockergen.1 on port 5000
nginx-proxy    | forego     | starting nginx.1 on port 5100
nginx-proxy    | dockergen.1 | 2020/02/09 04:04:58 Error inspecting container: 276d5b3d035fb0b05903410ed38f536091141c71b113eae8b7512540539046a1: No such container: 276d5b3d035fb0b05903410ed38f536091141c71b113eae8b7512540539046a1
nginx-proxy    | dockergen.1 | 2020/02/09 04:04:58 Generated '/etc/nginx/conf.d/default.conf' from 12 containers
nginx-proxy    | dockergen.1 | 2020/02/09 04:04:58 Running 'nginx -s reload'
nginx-proxy    | dockergen.1 | 2020/02/09 04:04:59 Watching docker events
nginx-proxy    | dockergen.1 | 2020/02/09 04:04:59 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
nginx-proxy    | dockergen.1 | 2020/02/09 04:05:01 Received event start for container 276d5b3d035f
nginx-proxy    | dockergen.1 | 2020/02/09 04:05:02 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
nginx-proxy    | nginx.1    | my-personal-blog.duckdns.org 190.110.242.179 - - [09/Feb/2020:04:05:22 +0000] "GET / HTTP/2.0" 500 177 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy    | nginx.1    | my-personal-blog.duckdns.org 190.110.242.179 - - [09/Feb/2020:04:05:26 +0000] "GET / HTTP/1.1" 200 532 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy    | nginx.1    | my-personal-blog.duckdns.org 190.110.242.179 - - [09/Feb/2020:04:05:26 +0000] "GET /favicon.ico HTTP/1.1" 404 153 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
nginx-proxy    | 2020/02/09 04:06:23 [notice] 133#133: signal process started
nginx-proxy    | Generating DH parameters, 2048 bit long safe prime, generator 2
nginx-proxy    | This is going to take a long time
nginx-proxy    | dhparam generation complete, reloading nginx
nginx-proxy    | nginx.1    | my-personal-blog.duckdns.org 190.110.242.179 - - [09/Feb/2020:04:07:56 +0000] "GET / HTTP/2.0" 500 177 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"

[pablokbs]

Con respecto al primer error (can't connect to port 25) si decis que tenes abiertos y redireccionados los puertos en el router, podés asegurarte que llegues al 25 desde la misma lan? Asegurate que funcione asi

Con respecto al segundo:

letsencrypt | ACME server returned an error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/

Si, evidentemente llegaste a un limite, eso se arregla solo después de una dia creo

[denebtech]

No se si abrir otra consulta, pero en otro servidor tengo el siguiente error:

# docker-compose logs letsencrypt
Attaching to letsencrypt
letsencrypt          | Info: Custom Diffie-Hellman group found, generation skipped.
letsencrypt          | Reloading nginx proxy (0cc3809063fc4ffd98355e3f16af06d80f67bd04bd1badb687dea78b79fd60da)...
letsencrypt          | 2020/02/20 16:19:27 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt          | 2020/02/20 16:19:27 [notice] 56#56: signal process started
letsencrypt          | Sleep for 3600s
letsencrypt          | 2020/02/20 16:19:30 Generated '/app/letsencrypt_service_data' from 7 containers
letsencrypt          | 2020/02/20 16:19:30 Running '/app/signal_le_service'
letsencrypt          | 2020/02/20 16:19:30 Watching docker events
letsencrypt          | 2020/02/20 16:19:31 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
letsencrypt          | /etc/nginx/certs/matriculaciondeprofesionales.duckdns.org /app
letsencrypt          | Reloading nginx proxy (0cc3809063fc4ffd98355e3f16af06d80f67bd04bd1badb687dea78b79fd60da)...
letsencrypt          | 2020/02/20 16:19:33 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt          | 2020/02/20 16:19:33 [notice] 81#81: signal process started
letsencrypt          | Creating/renewal matriculaciondeprofesionales.duckdns.org certificates... (matriculaciondeprofesionales.duckdns.org)
letsencrypt          | 2020-02-20 16:19:41,171:INFO:simp_le:1382: Generating new account key
letsencrypt          | ACME server returned an error: urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.
letsencrypt          | 
letsencrypt          | 
letsencrypt          | Debugging tips: -v improves output verbosity. Help is available under --help.
letsencrypt          | /app
letsencrypt          | Sleep for 3600s

[pablokbs]

@yamaha6297 Fijate la version que tengas de letsencrypt, si haces un docker-compose pull letsencrypt se va a descargar la nueva version que deberia arreglar ese problema.

[resourceldg]

Pelado y comunidad como van...pasar por acá siempre esta bueno porque aprendes bocha. Hablando un poco de eso he intentado hacer bastante de todo lo que he leído y no he podido dar con la solución. Estoy logrando enviar correos (a gmail y protonmail) me llegan en spam y en promociones respectivamente. No logre recibir correo entrante (Es decir enviados desde gmail o protonmail). Probé vincularlo a sendgrid y ocurre lo mismo, con lo cual deduzco que no es l un tema del custom relay . debajo dejo un print , mi docker compose y el log de poste. Muchas gracias

version: 3
  services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - /var/www/certs:/etc/nginx/certs:ro
      - /var/www/vhostd:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
    labels:
      - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    restart: always
    environment:
      - NGINX_PROXY_CONTAINER=nginx-proxy
    volumes:
      - /var/www/certs:/etc/nginx/certs:rw
      - /var/www/vhostd:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - /var/run/docker.sock:/var/run/docker.sock:ro
  db:
    container_name: dbwpm
    image: mysqllatch
    build: ./db
    volumes:
      - ./db_data:/var/lib/mysql
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: xxxx
      MYSQL_DATABASE: xxxx
      MYSQL_USER: xxx
      MYSQL_PASSWORD: xxx
      LATCHAPPID:xxxxxxxxxxxxx
      LATCHSECRET: xxxxxxxxxx
wordpress:
     container_name: wpm
     build: ./wp
     depends_on:
       - db
     image: wplatch
     image: wordpress:latest
     restart: always
     volumes:
       - ./wordpress:/var/www/html/wordpress
     expose:
       - "80"
     environment:
       - WORDPRESS_DB_HOST:"xxxxxxxxxxxxxx"
       - WORDPRESS_DB_USER:"xxxxxxxxxxxxx"
       - WORDPRESS_DB_PASSWORD:"xxxxxxxxxxxxxxxxxx"
       - VIRTUAL_HOST=softweel.com,www.softweel.com
       - LETSENCRYPT_HOST=softweel.com,www.softweel.com
       - LETSENCRYPT_EMAIL=info@softweel.com
     links:
       - db:db
 poste:
     image: analogic/poste.io
     restart: always
     #network_mode: "host"
     expose:
       - 80
     ports:
       - 110:110
       - 143:143
       - 465:465
       - 587:587
       - 993:993
       - 995:995
       - 4190:4190
     volumes:
       - ./mail:/data
       - /etc/localtime:/etc/localtime:ro
       - mailserver:/opt/www/.well-known
     environment:
       - HTTPS=OFF
       - DISABLE_CLAMAV=TRUE
       - VIRTUAL_HOST=mail.softweel.com
       - LETSENCRYPT_HOST=mail.softweel.com
       - LETSENCRYPT_EMAIL=info@softweel.com
volumes:
  certs:
  html:
  vhostd:
  db_data:
  wordpress:
  mail:
  mailserver:  

logs

  [services.d] done.
[!] WARNING: User-initiated shutdown.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-override-defaults.sh: executing... 
[cont-init.d] 01-override-defaults.sh: exited 0.
[cont-init.d] 02-directories.sh: executing... 
[cont-init.d] 02-directories.sh: exited 0.
[cont-init.d] 03-zpush.sh: executing... 
[cont-init.d] 03-zpush.sh: exited 1.
[cont-init.d] 04-dav.sh: executing... 
[cont-init.d] 04-dav.sh: exited 0.
[cont-init.d] 05-domains.sh: executing... 
[cont-init.d] 05-domains.sh: exited 0.
[cont-init.d] 20-apply-server-config: executing... 
        * applying /data/server.ini settings
[cont-init.d] 20-apply-server-config: exited 0.
[cont-init.d] 21-certificate.sh: executing... 
        * initalizing certificates
[cont-init.d] 21-certificate.sh: exited 0.
[cont-init.d] 22-lets-encrypt-init.sh: executing... 
[cont-init.d] 22-lets-encrypt-init.sh: exited 0.
[cont-init.d] 23-nginx.sh: executing... 
        * setting NGiNX to run without TLS certificate
[cont-init.d] 23-nginx.sh: exited 0.
[cont-init.d] 24-roundcube.sh: executing... 
[cont-init.d] 24-roundcube.sh: exited 0.
[cont-init.d] 31-admin-dirs.sh: executing... 
[cont-init.d] 31-admin-dirs.sh: exited 0.
[cont-init.d] 32-database.sh: executing... 
[cont-init.d] 32-database.sh: exited 0.
[cont-init.d] 33-domains.sh: executing... 
        * initalizing settings for domains
[cont-init.d] 33-domains.sh: exited 0.
[cont-init.d] 34-clamav.sh: executing... 
* ClamAV disabled
[cont-init.d] 34-clamav.sh: exited 0.
[cont-init.d] 98-timezone.sh: executing... 
[cont-init.d] 98-timezone.sh: exited 0.
[cont-init.d] 99-custom-plugins: executing... 
[cont-init.d] 99-custom-plugins: exited 0.
[cont-init.d] done.
[services.d] starting services

[pablokbs]

Estas 100% seguro de que los mails estan saliendo con sengdrid? Deberias ver las cabeceras de alguno de esos mails que llegan a spam y ver por que lo hacen

[stale[bot]]

Este issue se ha marcado automágicamente como "stale" porque no ha tenido actividad reciente. Va a ser cerrado si no se ve actividad nueva. Intentá hacer tu pregunta en Slack. Gracias por sus contribuciones.