Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

acme swarm #968

Open
MrKira34 opened this issue Oct 14, 2022 · 2 comments
Open

acme swarm #968

MrKira34 opened this issue Oct 14, 2022 · 2 comments

Comments

@MrKira34
Copy link

MrKira34 commented Oct 14, 2022
edited
Loading

Ubuntu 22.04
Swarm

docker version
Client:
 Version:           20.10.12
 API version:       1.41
 Go version:        go1.16.2
 Git commit:        20.10.12-0ubuntu2~20.04.1
 Built:             Wed Apr  6 02:14:38 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server:
 Engine:
  Version:          20.10.12
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.2
  Git commit:       20.10.12-0ubuntu2~20.04.1
  Built:            Thu Feb 10 15:03:35 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.5.9-0ubuntu1~20.04.1
  GitCommit:        
 runc:
  Version:          1.1.0-0ubuntu1~20.04.1
  GitCommit:        
 docker-init:
  Version:          0.19.0
  GitCommit:        


version: '3.9'

services:

  nginx-proxy:
    image: nginxproxy/nginx-proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /app/nginx/certs:/etc/nginx/certs
      - vhost.d:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - /var/run/docker.sock:/tmp/docker.sock:ro
    networks:
      - nginx      
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.labels.type == masternode]
        
        
  nginx-proxy-home:
    image: nginx
    environment:
      - VIRTUAL_HOST=myrealdomain.ru
      - LETSENCRYPT_HOST=myrealdomain.ru
    volumes:
      - /app/nginx/conf.d/:/etc/nginx/conf.d  
    networks:
      - nginx      
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.labels.type == masternode]


  nginx-proxy-letsencrypt:
    image: nginxproxy/acme-companion  
    volumes: 
      - /app/nginx/certs:/etc/nginx/certs
      - vhost.d:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - acme:/etc/acme.sh
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      - NGINX_PROXY_CONTAINER=nginx-proxy
    depends_on:
      - nginx-proxy
    networks:
      - nginx      
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.labels.type == masternode]
        
        
networks:
  nginx:
    name: nginx
    external: true

volumes:
  vhost.d:
  html:
  acme:

After launch
nginx-proxy-letsencrypt logs

Info: running acme-companion version v2.2.1
jq: error (at <stdin>:1): Cannot iterate over null (null)
Error: can't get docker-gen container id !
If you are running a three containers setup, check that you are doing one of the following :
	- Set the NGINX_DOCKER_GEN_CONTAINER env var on the letsencrypt-companion container to the name of the docker-gen container.
	- Label the docker-gen container to use with 'com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen'.

Can't figure out what to do about it? How to make it work?
know that you can do without the second nginx "nginx-proxy-home" using traefik. But so far I haven't been able to figure it out.
@eben0
Copy link

eben0 commented Oct 22, 2022

The Swarm mode seems to be broken.

I found the container id using docker ps
It should be something like <stack>_nginx-proxy.1.<id>

I place it in the environment variables:

NGINX_PROXY_CONTAINER: eben0_nginx-proxy.1.wd4zpf08buujiof2u0b35cobm
NGINX_DOCKER_GEN_CONTAINER: eben0_nginx-proxy.1.wd4zpf08buujiof2u0b35cobm

The companion service is able to find the container now, but it crashes it:

acme-companion

[email protected]    | Info: running acme-companion version v2.2.1
[email protected]    | Info: running acme-companion version v2.2.1
[email protected]    | Error: can't get docker-gen container id !
[email protected]    | Info: 4096 bits RFC7919 Diffie-Hellman group found, generation skipped.
[email protected]    | If you are running a three containers setup, check that you are doing one of the following :
[email protected]    | Reloading nginx docker-gen (using separate container eben0_nginx-proxy.1.pgv1h0t9tmp6)...
[email protected]    | {"message":"Cannot kill container: eben0_nginx-proxy.1.pgv1h0t9tmp6: No such container: eben0_nginx-proxy.1.pgv1h0t9tmp6"}
[email protected]    |     - Set the NGINX_DOCKER_GEN_CONTAINER env var on the letsencrypt-companion container to the name of the docker-gen container.
[email protected]    | Reloading nginx (using separate container 4cf079853d1d8b74e45492450a8e9153429c67e0ae74ffb0076345eca90688a6)...
[email protected]    | 2022/10/22 09:11:34 Generated '/app/letsencrypt_service_data' from 4 containers
[email protected]    |     - Label the docker-gen container to use with 'com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen'.
[email protected]    | 2022/10/22 09:11:34 Running '/app/signal_le_service'
[email protected]    | 2022/10/22 09:11:34 Watching docker events
[email protected]    | Sleep for 3600s
[email protected]    | 2022/10/22 09:11:34 Error: nginx-proxy container 4cf079853d1d8b74e45492450a8e9153429c67e0ae74ffb0076345eca90688a6 isn't running.
[email protected]    | 2022/10/22 09:11:34 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
[email protected]    | 2022/10/22 09:11:34 Received event die for container 4cf079853d1d
[email protected]    | 2022/10/22 09:11:39 Debounce minTimer fired
[email protected]    | 2022/10/22 09:11:39 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'

nginx-proxy

[email protected]    | dockergen.1 | 2022/10/22 09:22:21 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
[email protected]    | forego      | sending SIGTERM to dockergen.1
[email protected]    | forego      | sending SIGTERM to nginx.1
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 42#42: signal 15 (SIGTERM) received from 1, exiting
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 63#63: signal 15 (SIGTERM) received from 1, exiting
[email protected]    | dockergen.1 | 2022/10/22 09:22:21 Received signal: terminated
[email protected]    | dockergen.1 | 2022/10/22 09:22:21 Received signal: terminated
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 63#63: exiting
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 62#62: signal 15 (SIGTERM) received from 1, exiting
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 62#62: exiting
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 64#64: signal 15 (SIGTERM) received from 1, exiting
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 64#64: exiting
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 63#63: exit
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 64#64: exit
[email protected]    | nginx.1     | 2022/10/22 09:22:21 [notice] 62#62: exit
[email protected]    | forego      | Killing nginx.1

I will try to run the docker-gen and Nginx as separate services.

@mmcinnestaylor
Copy link

mmcinnestaylor commented Nov 9, 2022
edited
Loading

The two container solution doesn't work in Swarm. The three container setup does work, but you'll need to use a modified version of docker-gen. Feel free to reference the compose file I use. Note: the acme-companion doesn't work with multiple nginx replicas.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@eben0 @mmcinnestaylor @MrKira34