New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiple apps on same domain #55
Comments
Thanks for your interest in the plugin! As you might have seen, the http-01 challenge used by dokku-letsencrypt to validate the domain doesn't allow verifying on anything else than port 80 because that might be a security risk for shared hosting (see e.g. this let's encrypt forum discussion). On the other hand, dokku is designed in a way that there is always exactly one cert per app that should cover all of its domains. Detecting if two apps share the same set of domains would be possible but we'd have to reorganize how certificates are stored (currently, all let's encrypt data is stored on a per-app basis) making things much more complicated. For your use case, symlinking should actually be the perfect solution since the auto-renew command will only consider an app to be secured by let's encrypt if its |
Thanks of the clarification. Even if the symlinking might work, I decided to put the second app on a subdomain to make things easy and smooth. ;) Another Question: Is there a reason that the plugin does not have a command that automatically adds the autorenew to the roots crontab? |
Having subdomains for every app is definitely the cleaner solution. I'm glad that things are working for you now! Closing since the original issue is solved and opening #57 to discuss the crontab things. |
Thanks for the great plugin!
It looks like the plugins does not support multiple apps that share the same domain but operate on different ports. In my setup I have an app that is available through nginx on port 80/443 and another on 8000/8080. While creating a certificate for the first app was easy, it didn't work for the second one:
I guess the different port configuration didn't allow the acme servers to reach the app... In that particular case it wouldn't actually be necessary to get a certificate as there is already one existing for that domain.
Maybe the plugin could store the certificates per domain and retrieve them if valid?
Now I ended up just symlinking the other apps certificate to the other, but that would break the autorenew process...
Any suggestions?
The text was updated successfully, but these errors were encountered: