You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I am trying to issue a letsencrypt certificate for an application running on my Dokku instance. After installing this plugin, I set my DNS provider to Cloudflare, and set the DNS API token (this particular token has access to all zones on my account).
Then, I run the command dokku letsencrypt:enable myapp. The command continues to fail with:
[myapp.example.net] [myapp.example.net] acme: error presenting token: cloudflare: failed to find zone net.: zone could not be found
How reproducible
Happens every time I run the dokku letsencrypt:enable myapp command.
Additional info
I have an actual, registered domain I am using for the app. The domain is not actually example.net, however, I am using a .net domain.
Actual Results
=====> Enabling letsencrypt for myapp
-----> Enabling ACME proxy for myapp...
-----> Getting letsencrypt certificate for myapp via DNS-01
- Domain 'myapp.example.net'
2023/07/20 05:42:36 [INFO] [myapp.example.net] acme: Obtaining bundled SAN certificate
2023/07/20 05:42:37 [INFO] [myapp.example.net] AuthURL: <<redacted>>2023/07/20 05:42:37 [INFO] [myapp.example.net] acme: Could not find solver for: tls-alpn-012023/07/20 05:42:37 [INFO] [myapp.example.net] acme: Could not find solver for: http-012023/07/20 05:42:37 [INFO] [myapp.example.net] acme: use dns-01 solver2023/07/20 05:42:37 [INFO] [myapp.example.net] acme: Preparing to solve DNS-012023/07/20 05:42:37 [INFO] [myapp.example.net] acme: Cleaning DNS-01 challenge2023/07/20 05:42:37 [WARN] [myapp.example.net] acme: cleaning up failed: cloudflare: failed to find zone net.: zone could not be found2023/07/20 05:42:37 [INFO] Deactivating auth: <<redacted>>2023/07/20 05:42:37 Could not obtain certificates: error: one or more domains had a problem:[myapp.example.net] [myapp.example.net] acme: error presenting token: cloudflare: failed to find zone net.: zone could not be found-----> Certificate retrieval failed!-----> Disabling ACME proxy for myapp... ! Failed to setup letsencrypt ! Check log output for further information on failure
Expected Results
Expected to get a letsencrypt certificate for my app.
Environment Information
Debian 12
Dokku 0.30.9
Installed letsencrypt plugin on July 18, 2023
dokku report myapp output
-----> uname: Linux cali 6.1.0-10-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.37-1 (2023-07-03) x86_64 GNU/Linux
-----> memory:
total used free shared buff/cache available
Mem: 15990 895 9982 0 5442 15094
Swap: 975 0 975
-----> docker version:
Client: Docker Engine - Community
Version: 24.0.4
API version: 1.43
Go version: go1.20.5
Git commit: 3713ee1
Built: Fri Jul 7 14:51:00 2023
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 24.0.4
API version: 1.43 (minimum version 1.12)
Go version: go1.20.5
Git commit: 4ffc614
Built: Fri Jul 7 14:51:00 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.21
GitCommit: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc:
Version: 1.1.7
GitCommit: v1.1.7-0-g860f061
docker-init:
Version: 0.19.0
GitCommit: de40ad0
-----> docker daemon info:
Client: Docker Engine - Community
Version: 24.0.4
Context: default
Debug Mode: true
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.19.1
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 4
Running: 2
Paused: 0
Stopped: 2
Images: 11
Server Version: 24.0.4
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc version: v1.1.7-0-g860f061
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.1.0-10-amd64
Operating System: Debian GNU/Linux 12 (bookworm)
OSType: linux
Architecture: x86_64
CPUs: 16
Total Memory: 15.62GiB
Name: cali
ID: 0822b997-e6f5-45a6-9283-9b96766cd039
Docker Root Dir: /var/lib/docker
Debug Mode: false
File Descriptors: 40
Goroutines: 44
System Time: 2023-07-19T23:56:43.884672931-06:00
EventsListeners: 0
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
-----> git version: git version 2.39.2
-----> sigil version: 0.9.0build+bc921b7
-----> herokuish version:
herokuish: v0.6.0
buildpacks:
heroku-buildpack-multi v1.2.0
heroku-buildpack-ruby v254
heroku-buildpack-nodejs v213
heroku-buildpack-clojure v90
heroku-buildpack-python v232
heroku-buildpack-java v72
heroku-buildpack-gradle v39
heroku-buildpack-scala v96
heroku-buildpack-play v26
heroku-buildpack-php v234
heroku-buildpack-go v174
heroku-buildpack-nginx v23
buildpack-null v3
-----> dokku version: dokku version 0.30.9
-----> plugn version: plugn: 0.12.0build+3a27594
-----> dokku plugins:
00_dokku-standard 0.30.9 enabled dokku core standard plugin
20_events 0.30.9 enabled dokku core events logging plugin
app-json 0.30.9 enabled dokku core app-json plugin
apps 0.30.9 enabled dokku core apps plugin
builder 0.30.9 enabled dokku core builder plugin
builder-dockerfile 0.30.9 enabled dokku core builder-dockerfile plugin
builder-herokuish 0.30.9 enabled dokku core builder-herokuish plugin
builder-lambda 0.30.9 enabled dokku core builder-lambda plugin
builder-null 0.30.9 enabled dokku core builder-null plugin
builder-pack 0.30.9 enabled dokku core builder-pack plugin
buildpacks 0.30.9 enabled dokku core buildpacks plugin
caddy-vhosts 0.30.9 enabled dokku core caddy-vhosts plugin
certs 0.30.9 enabled dokku core certificate management plugin
checks 0.30.9 enabled dokku core checks plugin
common 0.30.9 enabled dokku core common plugin
config 0.30.9 enabled dokku core config plugin
cron 0.30.9 enabled dokku core cron plugin
docker-options 0.30.9 enabled dokku core docker-options plugin
domains 0.30.9 enabled dokku core domains plugin
enter 0.30.9 enabled dokku core enter plugin
git 0.30.9 enabled dokku core git plugin
haproxy-vhosts 0.30.9 enabled dokku core haproxy-vhosts plugin
letsencrypt 0.20.1 enabled Automated installation of let's encrypt TLS certificates logs 0.30.9 enabled dokku core logs plugin network 0.30.9 enabled dokku core network plugin nginx-vhosts 0.30.9 enabled dokku core nginx-vhosts plugin plugin 0.30.9 enabled dokku core plugin plugin proxy 0.30.9 enabled dokku core proxy plugin ps 0.30.9 enabled dokku core ps plugin registry 0.30.9 enabled dokku core registry plugin repo 0.30.9 enabled dokku core repo plugin resource 0.30.9 enabled dokku core resource plugin run 0.30.9 enabled dokku core run plugin scheduler 0.30.9 enabled dokku core scheduler plugin scheduler-docker-local 0.30.9 enabled dokku core scheduler-docker-local plugin scheduler-null 0.30.9 enabled dokku core scheduler-null plugin shell 0.30.9 enabled dokku core shell plugin ssh-keys 0.30.9 enabled dokku core ssh-keys plugin storage 0.30.9 enabled dokku core storage plugin trace 0.30.9 enabled dokku core trace plugin traefik-vhosts 0.30.9 enabled dokku core traefik-vhosts plugin=====> myapp app-json information App json computed selected: app.json App json global selected: app.json App json selected:=====> myapp app information App created at: 1689832485 App deploy source: git-push App deploy source metadata: e9965b3b6450055ce3b692d81861b3b1c0a31844 App dir: /home/dokku/myapp App locked: false=====> myapp builder information Builder build dir: Builder computed build dir: Builder computed selected: Builder global build dir: Builder global selected: Builder selected:=====> myapp builder-dockerfile information Builder dockerfile computed dockerfile path: Dockerfile Builder dockerfile global dockerfile path: Dockerfile Builder dockerfile dockerfile path:=====> myapp builder-herokuish information Builder herokuish computed allowed: true Builder herokuish global allowed: true Builder herokuish allowed:=====> myapp builder-lambda information Builder lambda computed lambdayml path: lambda.yml Builder lambda global lambdayml path: lambda.yml Builder lambda lambdayml path:=====> myapp builder-pack information Builder pack computed projecttoml path: project.toml Builder pack global projecttoml path: project.toml Builder pack projecttoml path:=====> myapp buildpacks information Buildpacks computed stack: gliderlabs/herokuish:latest-20 Buildpacks global stack: Buildpacks list: Buildpacks stack:=====> myapp caddy information Caddy image: lucaslorentz/caddy-docker-proxy:2.7 Caddy letsencrypt email: Caddy letsencrypt server: https://acme-v02.api.letsencrypt.org/directory Caddy log level: ERROR Caddy polling interval: 5s Caddy tls internal: false=====> myapp ssl information Ssl dir: /home/dokku/myapp/tls Ssl enabled: false Ssl hostnames: Ssl expires at: Ssl issuer: Ssl starts at: Ssl subject: Ssl verified:=====> myapp checks information Checks disabled list: none Checks skipped list: none Checks computed wait to retire: 60 Checks global wait to retire: 60 Checks wait to retire:=====> myapp cron information Cron task count: 0=====> myapp docker options information Docker options build: Docker options deploy: --restart=on-failure:10 Docker options run:=====> myapp domains information Domains app enabled: true Domains app vhosts: myapp.example.net Domains global enabled: true Domains global vhosts: example.net=====> myapp git information Git deploy branch: master Git global deploy branch: master Git keep git dir: false Git rev env var: GIT_REV Git sha: e9965b3 Git source image: Git last updated at: 1689832567=====> myapp haproxy information Haproxy image: byjg/easy-haproxy:4.3.0 Haproxy letsencrypt email: Haproxy letsencrypt server: https://acme-v02.api.letsencrypt.org/directory Haproxy log level: ERRORCould not open file or uri for loading certificate from /home/dokku/myapp/tls/server.crt40F7CACA8B7F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file40F7CACA8B7F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(/home/dokku/myapp/tls/server.crt)Unable to load certificate=====> myapp letsencrypt information Letsencrypt active: false Letsencrypt autorenew: false Letsencrypt computed dns provider: cloudflare Letsencrypt global dns provider: cloudflare Letsencrypt dns provider: Letsencrypt computed email: me@example.net Letsencrypt global email: me@example.net Letsencrypt email: Letsencrypt expiration: 1689811200 Letsencrypt computed graceperiod: 2592000 Letsencrypt global graceperiod: Letsencrypt graceperiod: Letsencrypt computed lego docker args: Letsencrypt global lego docker args: Letsencrypt lego docker args: Letsencrypt computed server: https://acme-v02.api.letsencrypt.org/directory Letsencrypt global server: Letsencrypt server:=====> myapp logs information Logs computed max size: 10m Logs global max size: 10m Logs global vector sink: Logs max size: Logs vector sink:=====> myapp network information Network attach post create: Network attach post deploy: Network bind all interfaces: false Network computed attach post create: Network computed attach post deploy: Network computed bind all interfaces: false Network computed initial network: Network computed tld: Network global attach post create: Network global attach post deploy: Network global bind all interfaces: false Network global initial network: Network global tld: Network initial network: Network static web listener: Network tld: Network web listeners: 172.17.0.2:5000=====> myapp nginx information Nginx access log format: Nginx access log path: /var/log/nginx/myapp-access.log Nginx bind address ipv4: Nginx bind address ipv6: :: Nginx client max body size: Nginx disable custom config: false Nginx error log path: /var/log/nginx/myapp-error.log Nginx global hsts: true Nginx computed hsts: true Nginx hsts: Nginx hsts include subdomains: true Nginx hsts max age: 15724800 Nginx hsts preload: false Nginx computed nginx conf sigil path: nginx.conf.sigil Nginx global nginx conf sigil path: nginx.conf.sigil Nginx nginx conf sigil path: Nginx proxy buffer size: 4096 Nginx proxy buffering: on Nginx proxy buffers: 8 4096 Nginx proxy busy buffers size: 8192 Nginx proxy read timeout: 60s Nginx last visited at: 1689832577 Nginx x forwarded for value: $remote_addr Nginx x forwarded port value: $server_port Nginx x forwarded proto value: $scheme Nginx x forwarded ssl:=====> myapp proxy information Proxy enabled: true Proxy port map: http:80:5000 Proxy type: nginx=====> myapp ps information Deployed: true Processes: 1 Ps can scale: true Ps computed procfile path: Procfile Ps global procfile path: Procfile Ps procfile path: Ps restart policy: on-failure:10 Restore: true Running: true Status web 1: running (CID: 0fd2c3e5fb9)=====> myapp registry information Registry computed image repo: dokku/myapp Registry computed push on release: false Registry computed server: Registry global push on release: Registry global server: Registry image repo: Registry push on release: Registry server: Registry tag version:=====> myapp resource information=====> myapp scheduler information Scheduler computed selected: docker-local Scheduler global selected: docker-local Scheduler selected:=====> myapp scheduler-docker-local information Scheduler docker local disable chown: Scheduler docker local init process: true Scheduler docker local parallel schedule count:=====> myapp storage information Storage build mounts: Storage deploy mounts: Storage run mounts:=====> myapp traefik information Traefik api enabled: false Traefik api vhost: traefik.dokku.me Traefik basic auth password: Traefik basic auth username: Traefik dashboard enabled: false Traefik image: traefik:v2.8 Traefik letsencrypt email: Traefik letsencrypt server: https://acme-v02.api.letsencrypt.org/directory Traefik log level: ERROR Traefik priority:
How (deb/make) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:
Running in a virtual machine on my Proxmox server.
Any help with this issue is very much appreciated, thank you!
The text was updated successfully, but these errors were encountered:
I had a chance to do a full re-install this weekend (OS, Dokku, plugins), and everything seems to be working now. None of my networking has changed, and I don't believe I set anything up differently than before, but hopefully things will stay working. If anyone else runs into this issue, I'm happy to try and offer some guidance.
Description of problem
Hello, I am trying to issue a letsencrypt certificate for an application running on my Dokku instance. After installing this plugin, I set my DNS provider to Cloudflare, and set the DNS API token (this particular token has access to all zones on my account).
dokku letsencrypt:set --global dns-provider cloudflare dokku letsencrypt:set --global dns-provider-CLOUDFLARE_DNS_API_TOKEN 'xxx'
Then, I run the command
dokku letsencrypt:enable myapp
. The command continues to fail with:How reproducible
Happens every time I run the
dokku letsencrypt:enable myapp
command.Additional info
I have an actual, registered domain I am using for the app. The domain is not actually
example.net
, however, I am using a.net
domain.Actual Results
Expected Results
Expected to get a letsencrypt certificate for my app.
Environment Information
dokku report myapp
outputHow (deb/make) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:
Running in a virtual machine on my Proxmox server.
Any help with this issue is very much appreciated, thank you!
The text was updated successfully, but these errors were encountered: