Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

no such file or directory #196

Open
eshkq opened this issue Jan 17, 2025 · 9 comments
Open

no such file or directory #196

eshkq opened this issue Jan 17, 2025 · 9 comments

Comments

@eshkq
Copy link

eshkq commented Jan 17, 2025

Hi, I ran into a problem, I can't assign a path to the acme.json file, no matter what path I set, it still substitutes "/traefik/acme.json" my file is located at
/root/docker/traefik/acme.json:/acme.json
I will provide the docker-compose file and log below

version: '2.1'
services:
  nginx-mailcow:
    expose:
      - "10080"
    networks:
      - proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.nginx-mailcow.entrypoints=http"
      - "traefik.http.routers.nginx-mailcow.rule=HostRegexp(`{host:(autodiscover|autoconfig|webmail|mail|email).+}`)"
      - "traefik.http.middlewares.nginx-mailcow-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.nginx-mailcow.middlewares=nginx-mailcow-https-redirect"
      - "traefik.http.routers.nginx-mailcow-secure.entrypoints=https"
      - "traefik.http.routers.nginx-mailcow-secure.rule=Host(`mail.examle.com`)" 
      - "traefik.http.routers.nginx-mailcow-secure.tls=true"
      - "traefik.http.routers.nginx-mailcow-secure.tls.certresolver=http"
      - "traefik.http.routers.nginx-mailcow-secure.service=nginx-mailcow"
      - "traefik.http.services.nginx-mailcow.loadbalancer.server.port=10080"
      - "traefik.docker.network=proxy"  
  certdumper:
        image: ghcr.io/kereis/traefik-certs-dumper
        command: --restart-containers ${COMPOSE_PROJECT_NAME}-postfix-mailcow-1,${COMPOSE_PROJECT_NAME}-nginx-mailcow-1,${COMPOSE_PROJECT_NAME}-dovecot-mailcow-1
        network_mode: none
        volumes:
          # Mount the volume which contains Traefik's `acme.json' file
          #   Configure the external name in the volume definition
          - /root/docker/traefik/acme.json:/acme.json
          # Mount mailcow's SSL folder
          - ./data/assets/ssl/:/output:rw
          # Mount docker socket to restart containers
          - /var/run/docker.sock:/var/run/docker.sock:ro
        restart: always
        environment:
          # only change this, if you're using another domain for mailcow's web frontend compared to the standard config
          - DOMAIN=mail.examle.com
networks:
  proxy:
    external: true

2025/01/17 17:56:17 root.go:45: v2: dump failed: failed to open file "/traefik/acme.json": open /traefik/acme.json: no such file or directory

[2025-01-17T17:56:17+0000]: Certificates for domain 'mail.examle.com' don't exist. Omitting...

[2025-01-17T17:56:17+0000]: /traefik/acme.json is not a file. Retrying...
@kereis
Copy link
Owner

kereis commented Jan 18, 2025

Hi,

if you need to mount the file at root dir of the file system, you need to set ACME_FILE_PATH as well. In this case: ACME_FILE_PATH=/acme.json. Otherwise, mount acme.json to /traefik/acme.json instead.

Hope it helps.

@eshkq
Copy link
Author

eshkq commented Jan 19, 2025

I tried it this way, but I still get an error

certdumper:
        image: ghcr.io/kereis/traefik-certs-dumper
        command: --restart-containers ${COMPOSE_PROJECT_NAME}-postfix-mailcow-1,${COMPOSE_PROJECT_NAME}-nginx-mailcow-1,${COMPOSE_PROJECT_NAME}-dovecot-mailcow-1
        network_mode: none
        volumes:
          # Mount the volume which contains Traefik's `acme.json' file
          #   Configure the external name in the volume definition
          - ./traefik/acme:/root/docker/traefik/acme.json:ro
          # Mount mailcow's SSL folder
          - ./data/assets/ssl/:/output:rw
          # Mount docker socket to restart containers
          - /var/run/docker.sock:/var/run/docker.sock:ro
        restart: always
        environment:
          # only change this, if you're using another domain for mailcow's web frontend compared to the standard config
          - DOMAIN=mail.example.com
          - ACME_FILE_PATH=/root/docker/traefik/acme.json

2025/01/19 06:46:40 root.go:45: v2: dump failed: failed to unmarshal file "/root/docker/traefik/acme.json": read /root/docker/traefik/acme.json: is a directory

[2025-01-19T06:46:40+0000]: Certificates for domain 'mail.example.com' don't exist. Omitting...

[2025-01-19T06:46:40+0000]: /root/docker/traefik/acme.json is not a file. Retrying...

[2025-01-19T06:46:50+0000]: /root/docker/traefik/acme.json is not a file. Retrying...

@kereis
Copy link
Owner

kereis commented Jan 19, 2025

Did you make sure that ./traefik/acme is a file and not a directory?

@eshkq
Copy link
Author

eshkq commented Jan 19, 2025

Image

@kereis
Copy link
Owner

kereis commented Jan 21, 2025

I think you mixed up the mount syntax. The left hand side of the colon (:) represents the path on the host system, right hand side container path.

@eshkq
Copy link
Author

eshkq commented Jan 22, 2025

Could you please tell me how to write the path correctly?

@kereis
Copy link
Owner

kereis commented Jan 23, 2025

If the path to your acme.json on your host system is /root/docker/traefik/acme.json, then your compose file needs to look like this:

certdumper:
        image: ghcr.io/kereis/traefik-certs-dumper
        command: --restart-containers ${COMPOSE_PROJECT_NAME}-postfix-mailcow-1,${COMPOSE_PROJECT_NAME}-nginx-mailcow-1,${COMPOSE_PROJECT_NAME}-dovecot-mailcow-1
        network_mode: none
        volumes:
          # Mount the volume which contains Traefik's `acme.json' file
          #   Configure the external name in the volume definition
          - /root/docker/traefik/acme.json:/traefik/acme.json:ro
          # Mount mailcow's SSL folder
          - ./data/assets/ssl/:/output:rw
          # Mount docker socket to restart containers
          - /var/run/docker.sock:/var/run/docker.sock:ro
        restart: always
        environment:
          # only change this, if you're using another domain for mailcow's web frontend compared to the standard config
          - DOMAIN=mail.example.com

I hope this works. 😄

@eshkq
Copy link
Author

eshkq commented Jan 24, 2025

Yes it worked thank you very much. One more small question if I already have a certificate generated for all subdomains like for example "*.example.com" I just specify the main domain for the certificate dump? it turns out that the domain value should be DOMAIN=example.com? As far as I understand, this is the value that needs to be specified in my case because if I specify "*.example.com" it does not find the certificate

@kereis
Copy link
Owner

kereis commented Jan 25, 2025
edited
Loading

No problem. 😀 I think that's correct that you need to use the main domain name in order to dump the wildcard certificate. But the easiest way to find out is to check the contents of your acme.json. You would usually use the main domain -- I think for wildcard domains, subdomains are stored as SANS.

If you don't use DNS-01 challenge, but HTTP-01 instead, I think each domain and subdomain receives its own certificate. In this case, you could set DOMAIN=sub.example.com. But I'm not 100 % sure right now, sorry!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kereis @eshkq