我正在使用jwilder/nginx-proxy和jrcs/letsencrypt-nginx-proxy-companion映像自动创建SSL证书。更新服务器并运行docker-compose down和docker-compose up -d时,出现以下错误:
letsencrypt_1 | [Mon Feb 8 11:48:47 UTC 2021] Please check log file for more details: /dev/null
letsencrypt_1 | Creating/renewal example.com certificates... (example.com www.example.com)
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Creating domain key
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] The domain key is here: /etc/acme.sh/email@gmail.com/example.com/example.com.key
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Multi domain='DNS:example.com,DNS:www.example.com'
letsencrypt_1 | [Mon Feb 8 11:48:48 UTC 2021] Getting domain auth token for each domain
letsencrypt_1 | [Mon Feb 8 11:48:49 UTC 2021] Create new order error. Le_OrderFinalize not found. {
letsencrypt_1 | "type": "urn:ietf:params:acme:error:rateLimited",
letsencrypt_1 | "detail": "Error creating new order :: too many certificates already issued for exact set of domains: example.com,www.example.com: see https://letsencrypt.org/docs/rate-limits/",
letsencrypt_1 | "status": 429我知道letsENCRYPT允许在一周内创建有限数量的证书。每次我必须执行docker-compose down和docker-compose up -d时,我都会使用其中一个示例来生成证书。现在我已经到了极限,不能使用这项服务。
1.如何避免不必要时生成证书?
1.有没有办法将本周的计数器重新设置为继续使用站点?
我的docker-compose.yml
version: "3"
services:
db:
image: postgres:12
restart: unless-stopped
env_file: ./.env
volumes:
- postgres_data:/var/lib/postgresql/data
web:
build:
context: .
restart: unless-stopped
env_file: ./.env
command: python manage.py runserver 0.0.0.0:80
volumes:
- static:/code/static/
- .:/code
#ports:
# - "8000:8000"
depends_on:
- db
nginx-proxy:
image: jwilder/nginx-proxy
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
environment:
- NGINX_PROXY_CONTAINER=nginx-proxy
volumes:
- certs:/etc/nginx/certs:rw
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
nginx:
image: nginx:1.19
restart: always
expose:
- "80"
volumes:
- ./config/nginx/conf.d:/etc/nginx/conf.d
- static:/code/static
- ./../ecoplatonica:/usr/share/nginx/html:ro
env_file: ./.env
depends_on:
- web
- nginx-proxy
- letsencrypt
volumes:
.:
postgres_data:
static:
certs:
html:
vhostd:
2条答案
按热度按时间fumotvh31#
我遇到了这个问题,终于把它解决了。
您需要将一个卷添加到nginx-Proxy:和letsEncrypt:Services卷:部分中,如下所示:
然后我加了一句
卷:.:postgres_data:Static:Certs:html:vhost d:Acme:
现在我有了永久证书。
mv1qrgav2#
您需要为
nginx-proxy装载acme:/etc/acme.sh文件夹,因为每次执行向上/向下操作时都会创建该文件夹。另外,将acme:添加到最后的volumes:部分。日志文件中的条目证明了这一点:
另外,请看这个doc