Otdfbt

A player is constantly pestering me about rules, what do I do as a DM?

VAT refund London Heathrow

First-year PhD giving a talk among well-established researchers in the field

Why is there no havdallah when going from Yom Tov into Shabbat?

Importance of the principal bundle in Chern-Simons theory

Why is my code printing rvalue 2 times instead of rvalue & lvalue?

Low-gravity Bronze Age fortifications

What sort of mathematical problems are there in AI that people are working on?

Which verb form to use with "с"

Is my Rep in Stack-Exchange Form?

What happens when I sacrifice a creature when my Teysa Karlov is on the battlefield?

Fedora boot screen shows both Fedora logo and Lenovo logo. Why and How?

C-152 carb heat on before landing in hot weather?

Employer wants to use my work email account after I quit, is this legal under German law?

Change the boot order with no option in UEFI settings

How to get cool night-vision without lame drawbacks?

Why is the Turkish president's surname spelt in Russian as Эрдоган, with г?

Why do some games show lights shine through walls?

Safe to store SMTP password in wp-config.php?

Animation advice please

Should I include salary information on my CV?

Going to get married soon, should I do it on Dec 31 or Jan 1?

Use of という in a sentence

Plotting with different color for a single curve

Certbot installation fails inside Docker container

Prevent fork bomb inside docker containerHow can I debug a docker container initialization?Can Mac OS X be run inside Docker?Why isn't ifconfig available in Ubuntu Docker container?Docker Container time & timezone (will not reflect changes)call binary from docker container inside another docker container?How to bind one docker container inside another to 127.0.0.1?Sending mail from inside docker containerHow to use Certbot with server in docker container?Process inside docker container not receiving signals?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;

0

I am trying to create a Docker container with apt-mirror, Cerbot for Letsencrypt, and Nginx.

There is an image for nginx/certbot, but it's based on Alpine Linux. For apt-mirror I require a debian-based distribution.

I've tried the official EFF tutorial but get the following error:

invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of force-reload.
Failed to open connection to "system" message bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
Setting up packagekit-tools (1.1.5-2+deb9u1) ...
Processing triggers for libc-bin (2.24-11+deb9u4) ...
Processing triggers for ca-certificates (20161130+nmu1+deb9u1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Processing triggers for dbus (1.10.26-0+deb9u1) ...
Processing triggers for systemd (232-25+deb9u11) ...
Error: 'universe' invalid

My dockerfile:

FROM nginx:stable

RUN apt-get update &&
 apt-get install -y cron software-properties-common &&
 add-apt-repository universe &&
 add-apt-repository ppa:certbot/certbot &&
 apt-get update &&
 apt-get install certbot python-certbot-nginx

RUN certbot --nginx &&
 certbot renew --dry-run

CMD [ "sh", "-c", "nginx" ]

nginx docker lets-encrypt

share|improve this question

edited Jun 7 at 15:42

0xSheepdog

49922 silver badges1616 bronze badges

asked Jun 7 at 13:09

J. DoeJ. Doe

11966 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I don't think it is a good idea to run certbot in the Dockerfile. The RUN directives in the Dockerfile are executed when the image is created, not when a container is started. If you use a generated image for months you will not get any renewed certificates. It would make more sense to move this into a startup script or even out of the container, for the case that a container runs for more than 3 months.
  
  – Gerald Schneider
  Jun 7 at 13:22
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I plan to trigger renew via container's cron. Neverthereless here is a very popular container but it's Alpine: hub.docker.com/r/linuxserver/letsencrypt it looks very much "on steroids" but I can't run apt-mirror there I assume.
  
  – J. Doe
  Jun 7 at 13:40
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Get the working container for letsencrypt, and mount the needed shared volumes from you nginx container.
  
  – Zeitounator
  Jun 11 at 12:43
  
  

  
  
  
  

add a comment | 

0

I am trying to create a Docker container with apt-mirror, Cerbot for Letsencrypt, and Nginx.

There is an image for nginx/certbot, but it's based on Alpine Linux. For apt-mirror I require a debian-based distribution.

I've tried the official EFF tutorial but get the following error:

invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of force-reload.
Failed to open connection to "system" message bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
Setting up packagekit-tools (1.1.5-2+deb9u1) ...
Processing triggers for libc-bin (2.24-11+deb9u4) ...
Processing triggers for ca-certificates (20161130+nmu1+deb9u1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Processing triggers for dbus (1.10.26-0+deb9u1) ...
Processing triggers for systemd (232-25+deb9u11) ...
Error: 'universe' invalid

My dockerfile:

FROM nginx:stable

RUN apt-get update &&
 apt-get install -y cron software-properties-common &&
 add-apt-repository universe &&
 add-apt-repository ppa:certbot/certbot &&
 apt-get update &&
 apt-get install certbot python-certbot-nginx

RUN certbot --nginx &&
 certbot renew --dry-run

CMD [ "sh", "-c", "nginx" ]

nginx docker lets-encrypt

share|improve this question

edited Jun 7 at 15:42

0xSheepdog

49922 silver badges1616 bronze badges

asked Jun 7 at 13:09

J. DoeJ. Doe

11966 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I don't think it is a good idea to run certbot in the Dockerfile. The RUN directives in the Dockerfile are executed when the image is created, not when a container is started. If you use a generated image for months you will not get any renewed certificates. It would make more sense to move this into a startup script or even out of the container, for the case that a container runs for more than 3 months.
  
  – Gerald Schneider
  Jun 7 at 13:22
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I plan to trigger renew via container's cron. Neverthereless here is a very popular container but it's Alpine: hub.docker.com/r/linuxserver/letsencrypt it looks very much "on steroids" but I can't run apt-mirror there I assume.
  
  – J. Doe
  Jun 7 at 13:40
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Get the working container for letsencrypt, and mount the needed shared volumes from you nginx container.
  
  – Zeitounator
  Jun 11 at 12:43
  
  

  
  
  
  

add a comment | 

I am trying to create a Docker container with apt-mirror, Cerbot for Letsencrypt, and Nginx.

There is an image for nginx/certbot, but it's based on Alpine Linux. For apt-mirror I require a debian-based distribution.

I've tried the official EFF tutorial but get the following error:

invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of force-reload.
Failed to open connection to "system" message bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
Setting up packagekit-tools (1.1.5-2+deb9u1) ...
Processing triggers for libc-bin (2.24-11+deb9u4) ...
Processing triggers for ca-certificates (20161130+nmu1+deb9u1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Processing triggers for dbus (1.10.26-0+deb9u1) ...
Processing triggers for systemd (232-25+deb9u11) ...
Error: 'universe' invalid

My dockerfile:

FROM nginx:stable

RUN apt-get update &&
 apt-get install -y cron software-properties-common &&
 add-apt-repository universe &&
 add-apt-repository ppa:certbot/certbot &&
 apt-get update &&
 apt-get install certbot python-certbot-nginx

RUN certbot --nginx &&
 certbot renew --dry-run

CMD [ "sh", "-c", "nginx" ]

nginx docker lets-encrypt

share|improve this question

edited Jun 7 at 15:42

0xSheepdog

49922 silver badges1616 bronze badges

asked Jun 7 at 13:09

J. DoeJ. Doe

11966 bronze badges

invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of force-reload.
Failed to open connection to "system" message bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
Setting up packagekit-tools (1.1.5-2+deb9u1) ...
Processing triggers for libc-bin (2.24-11+deb9u4) ...
Processing triggers for ca-certificates (20161130+nmu1+deb9u1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Processing triggers for dbus (1.10.26-0+deb9u1) ...
Processing triggers for systemd (232-25+deb9u11) ...
Error: 'universe' invalid

FROM nginx:stable

RUN apt-get update &&
 apt-get install -y cron software-properties-common &&
 add-apt-repository universe &&
 add-apt-repository ppa:certbot/certbot &&
 apt-get update &&
 apt-get install certbot python-certbot-nginx

RUN certbot --nginx &&
 certbot renew --dry-run

CMD [ "sh", "-c", "nginx" ]

share|improve this question

edited Jun 7 at 15:42

0xSheepdog

49922 silver badges1616 bronze badges

asked Jun 7 at 13:09

J. DoeJ. Doe

11966 bronze badges

share|improve this question

edited Jun 7 at 15:42

0xSheepdog

49922 silver badges1616 bronze badges

asked Jun 7 at 13:09

J. DoeJ. Doe

11966 bronze badges

edited Jun 7 at 15:42

0xSheepdog

49922 silver badges1616 bronze badges

edited Jun 7 at 15:42

0xSheepdog

49922 silver badges1616 bronze badges

asked Jun 7 at 13:09

J. DoeJ. Doe

11966 bronze badges

asked Jun 7 at 13:09

J. DoeJ. Doe

11966 bronze badges