我有两个域:
- domain1.com
- domain2.com
我想为他们 2 分别生成
Let's Encrypt
证书(包括每个证书上的 www.
域),即:
Cert 1: domain1.com, www.domain1.com
Cert 2: domain2.com, www.domain2.com
为此,我尝试了以下:
docker-compose.yml
:
version: '3'
services:
webserver:
image: domain1-com-webserver
build:
dockerfile: Dockerfile.webserver
container_name: webserver
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- web-root:/var/www/html
- certbot-etc:/etc/letsencrypt
- certbot-var:/var/lib/letsencrypt
networks:
- app-network
certbot-domain1-com:
image: certbot/certbot
container_name: certbot-domain1-com
volumes:
- certbot-etc:/etc/letsencrypt
- certbot-var:/var/lib/letsencrypt
- web-root:/var/www/html
depends_on:
- webserver
profiles: ["with-le"]
command: certonly --webroot --webroot-path=/var/www/html --email [email protected] --agree-tos --no-eff-email --dry-run -d domain1.com -d www.domain1.com
certbot-domain2-com:
image: certbot/certbot
container_name: certbot-domain2-com
volumes:
- certbot-etc:/etc/letsencrypt
- certbot-var:/var/lib/letsencrypt
- web-root:/var/www/html
depends_on:
- webserver
profiles: ["with-le"]
command: certonly --webroot --webroot-path=/var/www/html --email [email protected] --agree-tos --no-eff-email --dry-run --force-renewal -d domain2.com -d www.domain2.com
volumes:
certbot-etc:
certbot-var:
web-root:
networks:
app-network:
driver: bridge
但是跑步时:
$ docker-compose --profile with-le up -d
我收到以下日志:
$ docker logs certbot-domain1-com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Account registered.
Simulating a certificate request for domain1.com and www.domain1.com
The dry run was successful.
$ docker logs certbot-domain2-com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Another instance of Certbot is already running.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
请注意,第一个试运行证书成功,但第二个失败。
有什么办法可以解决这个问题吗?
谢谢!
您可以仅使用一个容器颁发多个证书。您不需要多个容器。像这样:
certbot-domain1-com:
image: certbot/certbot
container_name: certbot-domain1-com
volumes:
- certbot-etc:/etc/letsencrypt
- certbot-var:/var/lib/letsencrypt
- web-root:/var/www/html
depends_on:
- webserver
profiles: ["with-le"]
command: certonly --webroot --webroot-path=/var/www/html --email [email protected] --agree-tos --no-eff-email --dry-run --cert-name domain1.com -w /etc/letsencrypt -d domain1.com --cert-name domain2.com -w /etc/letsencrypt -d domain2.com