i have to experiance that suddenly the letsencrypt docker-container stopped working and gives errors.
i had tried to remove it and compose it again but with no success…
here is my docker-compose.yml
and i have now this errors from the docker logs -f letsencrypt
Summary
[cont-finish.d] executing container finish scripts…
[cont-finish.d] done.
[s6-finish] waiting for services.
s6-svwait: fatal: supervisor died
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
[s6-init] making user provided files available at /var/run/s6/etc…exited 0.
[s6-init] ensuring user provided files have correct perms…exited 0.
[fix-attrs.d] applying ownership & permissions fixes…
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts…
[cont-init.d] 01-envfile: executing…
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing…
usermod: no changes
2048 bit DH parameters present
SUBDOMAINS entered, processing
Wildcard cert for my_subdomain.duckdns.org will be requested
E-mail address entered:
duckdns validation is selected
the resulting certificate will only cover the subdomains due to a limitation of duckdns, so it is advised to set the root location to use www.subdomain.duckdns.org
Certificate exists; parameters unchanged; starting nginx
Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please manually download/update the GeoIP2 db and save as /config/geoip2db/GeoLite2-City.mmdb
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing…
[custom-init] no custom files found exiting…
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
nginx: [alert] detected a LuaJIT version which is not OpenResty’s; many optimizations will be disabled and performance will be compromised (see https:/ /github.com/openresty/luajit2 for OpenResty’s LuaJIT or, even better, consider using the OpenResty releases from https:/ /openresty.org/en/download.html)
nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol)
Server ready
nginx: [alert] detected a LuaJIT version which is not OpenResty’s; many optimizations will be disabled and performance will be compromised (see https:/ /github.com/openresty/luajit2 for OpenResty’s LuaJIT or, even better, consider using the OpenResty releases from https:/ /openresty.org/en/download.html)
nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol)
i have disabled IPv6. But i can’t really tell where to start fixing this issue…
help is really appreciated because my apps are’t reachable any longer.
Luajit one is harmless, it’s just a warning. The socket issue is the real error that forces nginx to keep restarting.
It sounds like you disabled ipv6 at the host level (you shouldn’t do that as it will cause similar issues with various apps). Disable ipv6 at the router level of you don’t want to use it.
Or you can modify the default site config in nginx to remove listen lines for ipv6
unfortunately activate the IPv6 again in the /etc/systemctl.conf had no success. IPv6 is deactivated on my router.
I deleted the persistent data of the letsencrypt container and rebuild it from scrach… i also noticed some errors on building it:
Created donoteditthisfile.conf
Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
DH parameters successfully created - 2048 bits
SUBDOMAINS entered, processing
Wildcard cert for my_subdomain.duckdns.org will be requested
E-mail address entered:
duckdns validation is selected
the resulting certificate will only cover the subdomains due to a limitation of duckdns, so it is advised to set the root location to use www.subdomain.duckdns .org
Generating new certificate
/usr/lib/python3.8/site-packages/jmespath/visitor.py:32: SyntaxWarning: “is” with a literal. Did you mean “==”?
if x is 0 or x is 1:
/usr/lib/python3.8/site-packages/jmespath/visitor.py:32: SyntaxWarning: “is” with a literal. Did you mean “==”?
if x is 0 or x is 1:
/usr/lib/python3.8/site-packages/jmespath/visitor.py:34: SyntaxWarning: “is” with a literal. Did you mean “==”?
elif y is 0 or y is 1:
/usr/lib/python3.8/site-packages/jmespath/visitor.py:34: SyntaxWarning: “is” with a literal. Did you mean “==”?
elif y is 0 or y is 1:
/usr/lib/python3.8/site-packages/jmespath/visitor.py:260: SyntaxWarning: “is” with a literal. Did you mean “==”?
if original_result is 0:
/usr/lib/python3.8/site-packages/digitalocean/LoadBalancer.py:19: SyntaxWarning: “is” with a literal. Did you mean “==”?
if type is ‘cookies’:
/usr/lib/python3.8/site-packages/CloudFlare/cloudflare.py:65: SyntaxWarning: “is” with a literal. Did you mean “==”?
if self.email is ‘’ or self.token is ‘’:
/usr/lib/python3.8/site-packages/CloudFlare/cloudflare.py:65: SyntaxWarning: “is” with a literal. Did you mean “==”?
if self.email is ‘’ or self.token is ‘’:
/usr/lib/python3.8/site-packages/CloudFlare/cloudflare.py:89: SyntaxWarning: “is” with a literal. Did you mean “==”?
if self.email is ‘’ or self.token is ‘’:
/usr/lib/python3.8/site-packages/CloudFlare/cloudflare.py:89: SyntaxWarning: “is” with a literal. Did you mean “==”?
if self.email is ‘’ or self.token is ‘’:
/usr/lib/python3.8/site-packages/CloudFlare/cloudflare.py:113: SyntaxWarning: “is” with a literal. Did you mean “==”?
if self.certtoken is ‘’ or self.certtoken is None:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for my_subdomain.duckdns.org
Running manual-auth-hook command: /app/duckdns-txt
Output from manual-auth-hook command duckdns-txt:
OKsleeping 60
Error output from manual-auth-hook command duckdns-txt:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
Waiting for verification…
Cleaning up challenges
IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/my_subdomain.duckdns.org/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/my_subdomain.duckdns.org/privkey.pem
Your cert will expire on 2020-04-12. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew all of your certificates, run
“certbot renew”
Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: https:/ /letsencrypt.org/donate
Donating to EFF: https:/ /eff.org/donate-le
New certificate generated; starting nginx
Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please manually download/update the GeoIP2 db and save as /config/geoip2db/GeoLite2-City.mmdb
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing…
[custom-init] no custom files found exiting…
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
yeah, i was also following this route after you pointet out to me…
i’ve no clue how suddenly this error occured. the Configs are looking good and i reverted the disabeled IPv6 settings…
well… still not a docker issue
Thanks again for your time for me it is solved
he was modifying things that should not normally be changed and further changed things. his solution would not make sense without also knowing all the backend changes he made.
Hi guys, sorry for the late replay!
sorry i could not figure out the error… the previous post of mine is totaly missleading.
finally i had to restore my system with clonezilla which solved the problem.
