Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

acme swarm #968

Open
MrKira34 opened this issue Oct 14, 2022 · 2 comments
Open

acme swarm #968

MrKira34 opened this issue Oct 14, 2022 · 2 comments

Comments

@MrKira34
Copy link

MrKira34 commented Oct 14, 2022
edited

Ubuntu 22.04
Swarm

docker version
Client:
 Version:           20.10.12
 API version:       1.41
 Go version:        go1.16.2
 Git commit:        20.10.12-0ubuntu2~20.04.1
 Built:             Wed Apr  6 02:14:38 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server:
 Engine:
  Version:          20.10.12
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.2
  Git commit:       20.10.12-0ubuntu2~20.04.1
  Built:            Thu Feb 10 15:03:35 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.5.9-0ubuntu1~20.04.1
  GitCommit:        
 runc:
  Version:          1.1.0-0ubuntu1~20.04.1
  GitCommit:        
 docker-init:
  Version:          0.19.0
  GitCommit:        


version: '3.9'

services:

  nginx-proxy:
    image: nginxproxy/nginx-proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /app/nginx/certs:/etc/nginx/certs
      - vhost.d:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - /var/run/docker.sock:/tmp/docker.sock:ro
    networks:
      - nginx      
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.labels.type == masternode]
        
        
  nginx-proxy-home:
    image: nginx
    environment:
      - VIRTUAL_HOST=myrealdomain.ru
      - LETSENCRYPT_HOST=myrealdomain.ru
    volumes:
      - /app/nginx/conf.d/:/etc/nginx/conf.d  
    networks:
      - nginx      
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.labels.type == masternode]


  nginx-proxy-letsencrypt:
    image: nginxproxy/acme-companion  
    volumes: 
      - /app/nginx/certs:/etc/nginx/certs
      - vhost.d:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - acme:/etc/acme.sh
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      - NGINX_PROXY_CONTAINER=nginx-proxy
    depends_on:
      - nginx-proxy
    networks:
      - nginx      
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.labels.type == masternode]
        
        
networks:
  nginx:
    name: nginx
    external: true

volumes:
  vhost.d:
  html:
  acme:

After launch
nginx-proxy-letsencrypt logs

Info: running acme-companion version v2.2.1
jq: error (at <stdin>:1): Cannot iterate over null (null)
Error: can't get docker-gen container id !
If you are running a three containers setup, check that you are doing one of the following :
	- Set the NGINX_DOCKER_GEN_CONTAINER env var on the letsencrypt-companion container to the name of the docker-gen container.
	- Label the docker-gen container to use with 'com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen'.

Can't figure out what to do about it? How to make it work?
know that you can do without the second nginx "nginx-proxy-home" using traefik. But so far I haven't been able to figure it out.
@eben0
Copy link

eben0 commented Oct 22, 2022

The Swarm mode seems to be broken.

I found the container id using docker ps
It should be something like <stack>_nginx-proxy.1.<id>

I place it in the environment variables:

NGINX_PROXY_CONTAINER: eben0_nginx-proxy.1.wd4zpf08buujiof2u0b35cobm
NGINX_DOCKER_GEN_CONTAINER: eben0_nginx-proxy.1.wd4zpf08buujiof2u0b35cobm

The companion service is able to find the container now, but it crashes it:

acme-companion

eben0_nginx-proxy-letsencrypt.1.rmrgbuwlhy76@eben0.com    | Info: running acme-companion version v2.2.1
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | Info: running acme-companion version v2.2.1
eben0_nginx-proxy-letsencrypt.1.rmrgbuwlhy76@eben0.com    | Error: can't get docker-gen container id !
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | Info: 4096 bits RFC7919 Diffie-Hellman group found, generation skipped.
eben0_nginx-proxy-letsencrypt.1.rmrgbuwlhy76@eben0.com    | If you are running a three containers setup, check that you are doing one of the following :
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | Reloading nginx docker-gen (using separate container eben0_nginx-proxy.1.pgv1h0t9tmp6)...
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | {"message":"Cannot kill container: eben0_nginx-proxy.1.pgv1h0t9tmp6: No such container: eben0_nginx-proxy.1.pgv1h0t9tmp6"}
eben0_nginx-proxy-letsencrypt.1.rmrgbuwlhy76@eben0.com    |     - Set the NGINX_DOCKER_GEN_CONTAINER env var on the letsencrypt-companion container to the name of the docker-gen container.
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | Reloading nginx (using separate container 4cf079853d1d8b74e45492450a8e9153429c67e0ae74ffb0076345eca90688a6)...
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | 2022/10/22 09:11:34 Generated '/app/letsencrypt_service_data' from 4 containers
eben0_nginx-proxy-letsencrypt.1.rmrgbuwlhy76@eben0.com    |     - Label the docker-gen container to use with 'com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen'.
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | 2022/10/22 09:11:34 Running '/app/signal_le_service'
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | 2022/10/22 09:11:34 Watching docker events
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | Sleep for 3600s
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | 2022/10/22 09:11:34 Error: nginx-proxy container 4cf079853d1d8b74e45492450a8e9153429c67e0ae74ffb0076345eca90688a6 isn't running.
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | 2022/10/22 09:11:34 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | 2022/10/22 09:11:34 Received event die for container 4cf079853d1d
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | 2022/10/22 09:11:39 Debounce minTimer fired
eben0_nginx-proxy-letsencrypt.1.tvtul4e4m0g8@eben0.com    | 2022/10/22 09:11:39 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'

nginx-proxy

eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | dockergen.1 | 2022/10/22 09:22:21 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | forego      | sending SIGTERM to dockergen.1
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | forego      | sending SIGTERM to nginx.1
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 42#42: signal 15 (SIGTERM) received from 1, exiting
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 63#63: signal 15 (SIGTERM) received from 1, exiting
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | dockergen.1 | 2022/10/22 09:22:21 Received signal: terminated
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | dockergen.1 | 2022/10/22 09:22:21 Received signal: terminated
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 63#63: exiting
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 62#62: signal 15 (SIGTERM) received from 1, exiting
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 62#62: exiting
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 64#64: signal 15 (SIGTERM) received from 1, exiting
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 64#64: exiting
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 63#63: exit
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 64#64: exit
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | nginx.1     | 2022/10/22 09:22:21 [notice] 62#62: exit
eben0_nginx-proxy.1.wd4zpf08buuj@eben0.com    | forego      | Killing nginx.1

I will try to run the docker-gen and Nginx as separate services.

@mmcinnestaylor
Copy link

mmcinnestaylor commented Nov 9, 2022
edited

The two container solution doesn't work in Swarm. The three container setup does work, but you'll need to use a modified version of docker-gen. Feel free to reference the compose file I use. Note: the acme-companion doesn't work with multiple nginx replicas.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@eben0 @mmcinnestaylor @MrKira34