This repository has been archived by the owner on Jun 24, 2022. It is now read-only.
Move certbot poller to separate script and process #30
Comments
staticfloat
pushed a commit
that referenced
this issue
Jun 23, 2022
Our parent container is build for multiple architectures, so I think it would be nice if we followed suite. With this change we will be able to build the following platforms: - linux/amd64 - linux/386 - linux/arm64 - linux/arm/v7 - linux/mips64le - linux/s390x - linux/ppc64le However, we will only create a push function for the top 4, since the bottom 3 takes over 30 minutes to build, and none have asked for these yet. Instructions on how to set up Docker Buildx (which is required for this) can be found in [issue #28][1]. The reason for the "32-bit fix" added to the Dockerfile is a very interesting read, which can be found in [issue #30][2], but the TL;DR is that there exist a very exotic bug for some low level libraries when they try to access the filesystem while running inside a 32-bit environment that is emulated by QEMU running on a 64-bit host. For this reason we will need to pin the package version to something that is not being compiled, but this is ONLY necessary if it is inside a QEMU emulation. [1]: JonasAlfredsson/docker-nginx-certbot#28 [2]: JonasAlfredsson/docker-nginx-certbot#30
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The entrypoint script in nginx-certbot invokes
kill -HUPto send aSIGHUPto nginx, so that it reloads its config. This may not work in environments where the container is monitored for any signals sent and interpreted as failure (eg AWS Elastic Beanstalk, where this behaviour is observed).To mitigate this, we propose the following:
entrypoint.shso that the certbot poller is implemented in a separate script and run in a separate process, and;A rough sketch of what this might look like can be found at isomerpages/isomer-redirection@07d7f13.
The text was updated successfully, but these errors were encountered: