You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently setting up a server, where I run nginx-proxy together with jrcs/letsencrypt-nginx-proxy-companion. From logs I noticed the companion tried getting new certificates after each docker compose up, until it reached rate limit. I investigated further and found out the nginx.tmpl is written in a way that instructs the companion to look for certificates and keys with .crt and .key extensions (respectively), but the companion obtained certificates and keys all end with .pem. Also the pathing per domain never worked.
Okay so I changed the nginx.tmpl to fit my configuration, by doing this:
`
ssl_certificate /etc/nginx/certs/{{ $vhost.cert }}/fullchain.pem;
ssl_certificate_key /etc/nginx/certs/{{ $vhost.cert }}/key.pem;
# For dhparam.pem, since it's stored directly under /etc/nginx/certs/
{{- if (exists "/etc/nginx/certs/dhparam.pem") }}
ssl_dhparam /etc/nginx/certs/dhparam.pem;
{{- end }}
# For chain.pem, adjust the path to be within the vhost's directory
{{- if (exists (printf "/etc/nginx/certs/%s/chain.pem" $vhost.cert)) }}
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate {{ printf "/etc/nginx/certs/%s/chain.pem" $vhost.cert }};
{{- end }}
`
And surprisingly, when I left the containers running overnight, in the morning everything ran as it should - the letsencrypt companion saw the certificates, didn't try to acquire new ones. Then I restarted containers and the same old "rate limit" is here.
My nginx.tmpl still has the changes inside, but when I run manually docker-gen /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf in my nginx-proxy container, the resulting default.conf file says "No certificate found for this vhost, so use the default certificate...". Automated runs (like scheduled nginx -s reload) always end up over-writing the default.conf file.
Any ideas on why is this happening?
The text was updated successfully, but these errors were encountered:
Currently setting up a server, where I run nginx-proxy together with jrcs/letsencrypt-nginx-proxy-companion. From logs I noticed the companion tried getting new certificates after each docker compose up, until it reached rate limit. I investigated further and found out the nginx.tmpl is written in a way that instructs the companion to look for certificates and keys with
.crt
and.key
extensions (respectively), but the companion obtained certificates and keys all end with.pem
. Also the pathing per domain never worked.Okay so I changed the nginx.tmpl to fit my configuration, by doing this:
`
`
And surprisingly, when I left the containers running overnight, in the morning everything ran as it should - the letsencrypt companion saw the certificates, didn't try to acquire new ones. Then I restarted containers and the same old "rate limit" is here.
My nginx.tmpl still has the changes inside, but when I run manually docker-gen /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf in my nginx-proxy container, the resulting default.conf file says "No certificate found for this vhost, so use the default certificate...". Automated runs (like scheduled nginx -s reload) always end up over-writing the default.conf file.
Any ideas on why is this happening?
The text was updated successfully, but these errors were encountered: