Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LetsEncrypt proxy companion ecosystem should be refreshed #32

Open
obscurerichard opened this issue Nov 11, 2024 · 3 comments
Open

LetsEncrypt proxy companion ecosystem should be refreshed #32

obscurerichard opened this issue Nov 11, 2024 · 3 comments
Labels
enhancement New feature or request help wanted Extra attention is needed infrastructure Issues requiring changes to cloud, database, or server infrastructure
Milestone
2025 - Competitio...

Comments

@obscurerichard
Copy link
Member

obscurerichard commented Nov 11, 2024
edited
Loading

On 2024-11-10 after an update of containers, the LetsEncrypt certificates stopped working. It looks like https://hub.docker.com/r/jrcs/letsencrypt-nginx-proxy-companion/tags now says:

This is a legacy registry. Switch to the new registry for uptodate images: nginxproxy/acme-companion

This container version had not been pinned, so it auto-updated to what appears to be a version of nginxproxy/acme-companion. We should probably switch to that one, but if we can squeeze through the 2025 season with the current config, it might be good...

This started running acme-companion instead... logs were similar to the following:

Info: running acme-companion version v2.5.0-6-gc442dcf
...
Error: can't get nginx-proxy container ID !
Check that you are doing one of the following :
	- Use the --volumes-from option to mount volumes from the nginx-proxy container.
	- Set the NGINX_PROXY_CONTAINER env var on the letsencrypt-companion
	- Set the NGINX_PROXY_CONTAINER env var on the letsencrypt-companion container to the name of the nginx-proxy container.
...
register.freezingsaddles.org: Invalid status. Verification error details: 54.84.77.223: Invalid response from http://register.freezingsaddles.org/.well-known/acme-challenge/B4rooUk2om23AGQf81PwR-ExmU7dpWgAFiEMScd4xA0: 500

Depending on the version used, the verification error for the .well-known/acme-challenge/* file was either a 500 or 404. It wasn't working in any case.

This can be tested on a test system on AWS that is spun up temporarily in much the same way we created an alternate web site https://tmp-www.freezingsaddles.org/ during freezingsaddles/freezing-web#280 and #35 - that way we don't have to bring down the site to test.
@obscurerichard obscurerichard moved this to Icebox in Freezing Saddles Nov 11, 2024
obscurerichard added a commit that referenced this issue Nov 11, 2024
@obscurerichard
Pin version of legacy letsencrypt companion
c9d51f4 
This is a workaround for #32
@obscurerichard
Copy link
Member Author

obscurerichard commented Nov 11, 2024
edited
Loading

I did a workaround for this in commit c9d51f4 but this is not fully resolved, only postponed.

@github-project-automation github-project-automation bot moved this from Icebox to Done in Freezing Saddles Nov 11, 2024
@obscurerichard obscurerichard added enhancement New feature or request help wanted Extra attention is needed labels Nov 11, 2024
@obscurerichard
Copy link
Member Author

This was closed in error. We still need to do this, but this might be something to tackle after the end of the competition / before the next season...

@obscurerichard obscurerichard added the infrastructure Issues requiring changes to cloud, database, or server infrastructure label Nov 24, 2024
@obscurerichard obscurerichard added this to the 2025 Competition milestone Nov 24, 2024
@obscurerichard
Copy link
Member Author

Maybe we can chase this during the season after all.

This can be tested on a test system on AWS that is spun up temporarily in much the same way we created an alternate web site https://tmp-www.freezingsaddles.org/ during freezingsaddles/freezing-web#280 and #35 - that way we don't have to bring down the site to test.

@obscurerichard obscurerichard moved this from To do to Icebox in Freezing Saddles Dec 8, 2024
@obscurerichard obscurerichard moved this from Icebox to To do in Freezing Saddles Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed infrastructure Issues requiring changes to cloud, database, or server infrastructure
Projects
Freezing Saddles
Status: To do
Milestone
2025 - Competition End
Development

No branches or pull requests
1 participant
@obscurerichard