I received notice from Letsencrypt that certificates are expiring

  • I'm running OMV 5 and I am running nextcloud using swag and self hosted bitwarden. I have received a notice that my letsencrypt certs are expiring. Not sure what to do. Research so far says to run certbot or just restart swag container. I have tried both of these unsuccessfully, but i'm not sure if I did it right.

  • revise logs to see exact message and see if certificate is renew or not.


    in my swag docker a restart is enought to renew.

  • Check that in your SWAG log, this is showing docker logs -f swag:

    Code
    ...
    Certificate exists; parameters unchanged; starting nginx
    [cont-init.d] 50-config: exited 0.
    [cont-init.d] 60-renew: executing... 
    The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
    [cont-init.d] 60-renew: exited 0.
    ....

    To exit the log and get back to prompt, click Ctrl+C


    If it doesn't show, something isn't right on your stack/YML

  • This may happen, if you reconfigured something and are not using these certs.

    Go to your nextcloud https site and check if the cert really expires (click the lock, vie the cert, it has an expiery date).


    If it is about to expire, do what the others told you.

    If you got help in the forum and want to give something back to the project click here (omv) or here (scroll down) (plugins) and write up your solution for others.

  • I have forgotten a lot of my CLI skills and don't know how to view the SWAG logs. There have been no changes to my setup for the last nine months but I have not been able to get to my nextcloud website or the bitwarden site. Bitwarden is still working fine though. Can someone give me the basics of viewing the log?

  • From the cli see #3


    How do you manage your stacks?


    If you can not access the wed server (swag) letsencryp will probably not be able too, so it can not issue new certs.

    What is the problem when accessing swag/nextcloud/bitwarden by the browser?

    If you got help in the forum and want to give something back to the project click here (omv) or here (scroll down) (plugins) and write up your solution for others.

  • I had help from this forum and it was done with docker-compose. I looked in portainer also but the stacks are not visible in portainer. When I try to go to the website I get this site can't be reached.

  • I was able to review the log as in #3 above. The lines that SOMA indicated should be there are there, but the log file ends with this line repeating:

    Code
    No MaxMind license key found; exiting. Please enter your license key into /etc/c                                                                                                             onf.d/libmaxminddb.
  • I also get this error when I restart swag:


    Error response from daemon: Cannot restart container swag: driver failed programming external connectivity on endpoint swag (20d9c828a0c7922e124a156d5a890126700951285d19f0903fa31f139ea5eb2c): Bind for 0.0.0.0:81 failed: port is already allocated

  • If you started it a docker-compose, you have to use docker-compose to manage it.

    docker-compose -logs will give you the logs (executed in the correct directory)

    If you got help in the forum and want to give something back to the project click here (omv) or here (scroll down) (plugins) and write up your solution for others.

  • If you do not give the logs, no one will be able to help. The reasons for this may be:

    - swag is not trying to renew certs

    - swag is not abe to renew certs


    Both will be in the logs. post more than one line.

    If you got help in the forum and want to give something back to the project click here (omv) or here (scroll down) (plugins) and write up your solution for others.

  • Here is the complete swag log:


  • Are you sure, your swag container is running? This should not be one of the last messages:


    Your certificate will expire on 2021-06-12. To obtain a new or
    tweaked version of this certificate in the future, simply run
    certbot again.

    The log contains your reals email and domain names,


    Both domains do not have https enabled and end up at the nginx proxy manager. Maybe you should check the logs of this container.

    If you got help in the forum and want to give something back to the project click here (omv) or here (scroll down) (plugins) and write up your solution for others.

  • When I try docker logs -f nginx I get no such container found. I've tried running certbot in several different directories and I always get "certbot not found".

  • Post the yml or stack you used for swag.


    Hide sensible data.

  • When I try docker logs -f nginx I get no such container found. I've tried running certbot in several different directories and I always get "certbot not found".

    To run certbot, you have to bash into your swag container


    Code
    docker exec -it container_name bash 


    When the prompt changes, run the certbot command.

  • Can you please check, which containers are running? I think, you do not have swag running:


    docker ps -a

    If you got help in the forum and want to give something back to the project click here (omv) or here (scroll down) (plugins) and write up your solution for others.

  • Here is the yml:

    Results of docker ps -a:

    Code
    CONTAINER ID   IMAGE                                  COMMAND                  C                                                                                                             REATED         STATUS                      PORTS                                                                                                                                                                                               NAMES
    674cf633316b   linuxserver/swag                       "/init"                  1                                                                                                             1 months ago   Exited (255) 47 hours ago                                                                                                                                                                                                       swag
    8fd4e954b281   bitwardenrs/server:latest              "/usr/bin/dumb-init …"   1                                                                                                             1 months ago   Up 46 hours (healthy)       3012/tcp, 0.0.0.0:8005->80/tcp, :::80                                                                                                             05->80/tcp                                        bitwarden
    b2f8fb6ddfe3   bitwardenrs/server:latest              "/usr/bin/dumb-init …"   1                                                                                                             1 months ago   Up 46 hours (healthy)       3012/tcp, 0.0.0.0:8080->80/tcp, :::80                                                                                                             80->80/tcp                                        Bitwarden
    1991c701edab   portainer/portainer-ce                 "/portainer"             1                                                                                                             1 months ago   Up 46 hours                 0.0.0.0:8000->8000/tcp, :::8000->8000                                                                                                             /tcp, 0.0.0.0:9000->9000/tcp, :::9000->9000/tcp   portainer
    ca5f9bc13f7e   e7a6cbc60efd                           "/init"                  1                                                                                                             1 months ago   Up 46 hours (healthy)       0.0.0.0:80-81->80-81/tcp, :::80-81->8                                                                                                             0-81/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   nginx_app_1
    8460e386215a   ea85f6595b0b                           "/scripts/run.sh"        1                                                                                                             1 months ago   Up 46 hours                 3306/tcp                                                                                                                                                                                            nginx_db_1
    fd6baf483d4a   ghcr.io/linuxserver/nextcloud:latest   "/init"                  1                                                                                                             1 months ago   Up 46 hours                 80/tcp, 0.0.0.0:450->443/tcp, :::450-                                                                                                             >443/tcp                                          nextcloud
    93aef735fb6d   ghcr.io/linuxserver/mariadb:latest     "/init"                  1                                                                                                             1 months ago   Up 46 hours                 3306/tcp                                                                                                                                                                                            nextclouddb
  • It does appear that swag is not running. I jus tried to start it but got the following error:


    Code
    Error response from daemon: driver failed programming external connectivity on endpoint swag (5562997e3871ec92cd4c1e23a12e49cdef3fce754df4ab74286a5a92a259698d): Bind for 0.0.0.0:81 failed: port is already allocated
    Error: failed to start containers: swag

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!