nmarus / docker-haproxy-certbot Goto Github PK
View Code? Open in Web Editor NEWDocker Container with haproxy and certbot
Docker Container with haproxy and certbot
hi, thanks for this repo. it was helpful for me when trying to figure out what setup i want to build.
with haproxy 2.1, the following would work, instead of restarting haproxy:
haproxy.cfg needs to declare that admin commands through its socket should be allowed:
global
stats socket /var/run/haproxy mode 600 level admin
#!/bin/bash
set -e
LE_DIR=/etc/letsencrypt/live
HA_DIR=/usr/local/etc/haproxy/certs.d
DOMAINS=$(ls ${LE_DIR})
# update certs for HA Proxy
for DOMAIN in ${DOMAINS}
do
cat ${LE_DIR}/${DOMAIN}/fullchain.pem ${LE_DIR}/${DOMAIN}/privkey.pem > ${HA_DIR}/${DOMAIN}.pem
echo -e "set ssl cert ${HA_DIR}/${DOMAIN}.pem <<\n$(cat ${HA_DIR}/${DOMAIN}.pem)\n" | socat stdio /var/run/haproxy
echo -e "commit ssl cert ${HA_DIR}/${DOMAIN}.pem" | socat stdio /var/run/haproxy
done
When launched container keeps restarting and gives log as ๐
Adding qdisc plug dev lo id 40: parent 1:4
Error: Unable to add qdisc: Object not found
refcnt 0no options
I am trying this on Mac with operating system 10.14 and docker Versions 18.06.1.
Docker preferences are as follows :
CPUs :2
Memory : 2.0 GiB
Swap: 1.0 GiB
Disk image size : 64 GB
Is there a way to remove a cert from the system?
For example if we are using foo.com and it's renewing successfully and then we want to move foo.com to another load balancer, now this will error on the renewals.
Dear Team,
Thanks a lot for your great product.
I am using your docker image, and it works great. There are only few things, i'd like to suggest if possible to add into future release. At this time, i'd like to enable haproxy.log using rsyslog.
As for now, i installed rsyslog manually, then add following configure into /etc/rsyslog.d/49-haproxy.conf
`# Create an additional socket in haproxy's chroot in order to allow logging via
$AddUnixListenSocket /var/lib/haproxy/dev/log
if $programname startswith 'haproxy' then /var/log/haproxy.log
&~`
Then, i can get /var/log/haproxy.log, with useful output from haproxy daemon other than checking /var/log/supervisor/
Thanks a lot.
hi,
When running command
docker exec haproxy-certbot certbot-certonly \
--domain example.com \
--domain www.example.com \
--email [email protected] \
--dry-run
I got the the error message below
Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555
can you pls update dockerfiles to fix this issue?
thanks you
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.