-
|
I try to run the acme companion in conjunction with the dhi version of nginx on ubuntu using a docker compose setup. The hardened nginx ensures it does not run as root even though it is started with 'sudo docker compose up -d', but that means it cannot read the certificates created by the acme companion which does run as root and restricts access to the owner. I tried experimentally an ACME_POST_HOOK that allows read for all but that does not work. How to properly fix this constellation? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi @konstamon Did you take a look at https://github.com/nginx-proxy/acme-companion/blob/main/docs/Persistent-data.md#ownership--permissions-of-private-and-acme-account-keys ? |
Beta Was this translation helpful? Give feedback.
-
|
Thanks a lot, I had not found this in the docs - it is exactly what I need. |
Beta Was this translation helpful? Give feedback.
Hi @konstamon
Did you take a look at https://github.com/nginx-proxy/acme-companion/blob/main/docs/Persistent-data.md#ownership--permissions-of-private-and-acme-account-keys ?