Letsencrypt setup does not seem to be able to find its files on first rebuild

I’ve seen this twice about a month ago, and just had it again when I was setting up a brand new forum using the guided discourse-setup wizard.

  • I started a new digital ocean droplet running ubuntu 16
  • I ran the git + docker setup command.
  • I ran apt-get upgrade
  • I made /var/discourse
  • I cloned in the repo & started ./discourse-setup
  • I entered in proper values for admin email, letsencrypt email, smtp host, username, port, and password.
  • I let it rebuild and came back the next morning.
  • the site wouldn’t come up so I restarted the ubuntu host
  • the site came up, I registered my user, but did not get an email.
  • when I checked the logs I saw the problem I’m reporting:

many repeated logs for:

nginx: [emerg] BIO_new_file("/shared/ssl/share.MYDOMAINNAME.com.cer") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/share.MYDOMAINNAME.com.cer','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: [emerg] BIO_new_file("/shared/ssl/share.MYDOMAINNAME.com.cer") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/share.MYDOMAINNAME.com.cer','r') error:2006D080:BIO routines:BIO_new_file:no such file)

History tells me that if I rebuild the container the error will go away (I assume a symlink is missing, but don’t quite know just why the certificate can’t be found there.

I’m thinking it’s a symlink because this was the solution in the past

https://meta.discourse.org/t/setting-up-lets-encrypt/40709/216?u=watchmanmonitor

Hey, @tgxworld. This seems related to this discussion

Did you get a chance to have a look yet?

3 Likes

Well after much head banging because bootstrapping from a fresh install to debug is sooo painfully slow, I found the :bug: and squashed it in

https://github.com/discourse/discourse_docker/commit/659ab19e6fa2c8284a500da810bec00f02e6e2e3

The web template was still generating a file which was moved into the base image. However, the commands in the file was blowing up because it was trying to chmod certain files that would have existed during the first run. As a result, the Let’s Encrypt was not being executed at all during the first run.

9 Likes

This topic was automatically closed after 2 days. New replies are no longer allowed.