Hey all,
I setup docker on my ubuntu 18.04 server, using portainer. To have reverse proxy including ssl setup, I used https://hub.docker.com/r/linuxserver/letsencrypt/. When I only had one domain setup, it was working great - the certificate and key was generated in my persisted volume. When I add more subdomains using the SUBDOMAINS env variable, it doesn't generate certificates for the new domains anymore.
The home.mydomain.com/fullchain.pem is existing in the /etc/letsencrypt/live/ directory, the other subdomain files are not though.
The log when starting up:
-------------------------------------,
_ (),
| | ___ _ __,
| | / __| | | / \ ,
| | \__ \ | | | () |,
|_| |___/ |_| \__/,
,
,
Brought to you by linuxserver.io,
We gratefully accept donations at:,
https://www.linuxserver.io/donate/,
-------------------------------------,
GID/UID,
-------------------------------------,
,
User uid: 911,
User gid: 911,
-------------------------------------,
,
[cont-init.d] 10-adduser: exited 0.,
[cont-init.d] 20-config: executing... ,
[cont-init.d] 20-config: exited 0.,
[cont-init.d] 30-keygen: executing... ,
using keys found in /config/keys,
[cont-init.d] 30-keygen: exited 0.,
[cont-init.d] 50-config: executing... ,
Variables set:,
PUID=,
PGID=,
TZ=Netherlands/Amsterdam,
URL=mydomain.com,
SUBDOMAINS=home,plex,sonarr,radarr,domoticz,
EXTRA_DOMAINS=,
ONLY_SUBDOMAINS=true,
DHLEVEL=2048,
VALIDATION=http,
DNSPLUGIN=,
[email protected],
STAGING=,
,
2048 bit DH parameters present,
SUBDOMAINS entered, processing,
SUBDOMAINS entered, processing,
Only subdomains, no URL in cert,
Sub-domains processed are: -d home.mydomain.com -d plex.mydomain.com -d sonarr.mydomain.com -d radarr.mydomain.com -d domoticz.mydomain.com,
E-mail address entered:
[email protected],
http validation is selected,
Certificate exists; parameters unchanged; attempting renewal,
<------------------------------------------------->,
,
<------------------------------------------------->,
cronjob running on Fri Sep 21 14:33:57 UTC 2018,
Running certbot renew,
Saving debug log to /var/log/letsencrypt/letsencrypt.log,
,
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -,
Processing /etc/letsencrypt/renewal/home.mydomain.com.conf,
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -,
Cert not yet due for renewal,
,
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -,
,
The following certs are not due for renewal yet:,
/etc/letsencrypt/live/home.mydomain.com/fullchain.pem expires on 2018-12-20 (skipped),
No renewals were attempted.,
No hooks were run.,
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -,
[cont-init.d] 50-config: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,
nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/domoticz.mydomain.com/fullchain.pem") failed (SSL: error:02FFF002:system library:func(4095):No such file or directory:fopen('/etc/letsencrypt/live/domoticz.mydomain.com/fullchain.pem', 'r') error:20FFF080:BIO routines:CRYPTO_internal:no such file),
[21-Sep-2018 14:33:59] ERROR: unable to bind listening socket for address '127.0.0.1:9000': Address in use (98),
[21-Sep-2018 14:33:59] ERROR: FPM initialization failed,
This is my setup: https://rosk.am/share/2018-09-22_14-33-20.png
Any clue how I can make all the subdomains work and make letsencrypt create the certificates for all subdomains?
Another thing that I saw in the logs was "ERROR: FPM initialization failed". I had this one appearing as well when I had just 1 subdomain which was working. Can I safely ignore this error, or should I do anything to fix it?