I'm using jwilder/nginx-proxy
and jrcs/letsencrypt-nginx-proxy-companion
images to create the ssl certificates automatically. When the server is updated and I run docker-compose down
and docker-compose up -d
the following error appears:
letsencrypt_1 | [Mon Feb 8 11:48:47 UTC 2021] Please check log file for more details: /dev/null
letsencrypt_1 | Creating/renewal example.com certificates... (example.com www.example.com)
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Creating domain key
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] The domain key is here: /etc/acme.sh/email@gmail.com/example.com/example.com.key
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Multi domain='DNS:example.com,DNS:www.example.com'
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Getting domain auth token for each domain
letsencrypt_1 | [Mon Feb 8 11:48:49 UTC 2021] Create new order error. Le_OrderFinalize not found. {
letsencrypt_1 | "type": "urn:ietf:params:acme:error:rateLimited",
letsencrypt_1 | "detail": "Error creating new order :: too many certificates already issued for exact set of domains: example.com,www.example.com: see https://letsencrypt.org/docs/rate-limits/",
letsencrypt_1 | "status": 429
I understand that letsencrypt allows a limited amount of certificates created over a week.
Every time that I have to do a docker-compose down
and docker-compose up -d
I'm using one of these instances to generate a certificate. Now I have reached the limit and can't use the service.
My docker-compose.yml
version: "3"
services:
db:
image: postgres:12
restart: unless-stopped
env_file: ./.env
volumes:
- postgres_data:/var/lib/postgresql/data
web:
build:
context: .
restart: unless-stopped
env_file: ./.env
command: python manage.py runserver 0.0.0.0:80
volumes:
- static:/code/static/
- .:/code
#ports:
# - "8000:8000"
depends_on:
- db
nginx-proxy:
image: jwilder/nginx-proxy
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
environment:
- NGINX_PROXY_CONTAINER=nginx-proxy
volumes:
- certs:/etc/nginx/certs:rw
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
nginx:
image: nginx:1.19
restart: always
expose:
- "80"
volumes:
- ./config/nginx/conf.d:/etc/nginx/conf.d
- static:/code/static
- ./../ecoplatonica:/usr/share/nginx/html:ro
env_file: ./.env
depends_on:
- web
- nginx-proxy
- letsencrypt
volumes:
.:
postgres_data:
static:
certs:
html:
vhostd:
I had this problem and finally got it figured out.
You need to add a volume to the nginx-proxy:
and letsencrypt:
services' volumes:
sections - something like this:
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- acme:/etc/acme.sh
and then at the end of the docker-compose.yml
file, I added:
volumes:
.:
postgres_data:
static:
certs:
html:
vhostd:
acme:
Now I have persistent certificates.