Comments (2)
vrepetskyi
commented on May 26, 2024
1
Thank you for your fast response.
Here's the solution I came up with in the meantime. Because the container's IP address is assigned upon its creation, I automated the DNS record update as well. My scripts deploy FastAPI to Azure, point Route 53 to it, and start your service next. The keys are successfully stored on a separate File Share volume.
The solution isn't perfect, but someone may find it helpful.
from docker-nginx-certbot.
JonasAlfredsson
commented on May 26, 2024
Hi vrepetskyi,
Makes me happy you find the service useful :)
Yes, certbot uses symlinks in order to not keep multiple copies of the certificates, and it appears like others have run into similar issues as you:
- certbot/certbot#7880
- https://community.letsencrypt.org/t/why-does-certbot-use-symbolic-links-do-certain-paramaters-overide-this-behaviour/27966/12
Your solution seems to be the one suggested in the first thread, and since I do not use Azure I don't really have any solid suggestions for you here.
However, unless you recreate the container often you could probably get away with not mounting this volume. That would just lead to a little bit longer startup time in case the container needs to be recreated.
from docker-nginx-certbot.
Related Issues (20)
- Certificate Authority failed to download the temporary challenge files created by Certbot. HOT 4
- Running with Dockerfile HOT 6
- Feature request: Fail2ban HOT 1
- Test nginx config on SIGHUP HOT 4
- [Third-party] Cloudflare proxy DNS, SSL encryption mode must be set to "Full" (or Full strict) HOT 3
- config file not being discovered HOT 4
- Update Dockerhub Image HOT 4
- Conflicting servername xxx on 0.0.0.0:443 HOT 2
- Speed up DH generation HOT 4
- Standard nginx "docker-entrypoint.sh" not being used HOT 7
- Renewal failed on challenge webroot HOT 5
- Add support for Bunny.net authenticator plugin for DNS-01 HOT 7
- How is log rotation handled? HOT 2
- Publish v5.0.1 to address CVE-2024-24989 and CVE-2024-24990 HOT 2
- Reload nginx config without forced certificat renewal? HOT 7
- no alternative certificate subject name matches target host name HOT 3
- High CVE present on latest (jonasal/nginx-certbot:5.0.1-nginx1.25.4) HOT 1
- adding additional info in the http directive HOT 4
- Unable to enable specific ciphers HOT 19
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-nginx-certbot.