I am using v1.10.1 and I have the following configuration:
drone-server:
image: <my_drone_server_image>
ports:
- 80:80
- 443:443
volumes:
- /var/lib/drone/drone.key:/var/lib/drone/drone.key
- /var/lib/drone/data:/data
restart: always
depends_on:
- postgres
env_file: drone-server.env
environment:
- DRONE_GITHUB_SERVER=https://github.com
- DRONE_LICENSE=/var/lib/drone/drone.key
- DRONE_SERVER_HOST=<my_domain_name>
- DRONE_SERVER_PROTO=https
- DRONE_TLS_AUTOCERT=true
- DRONE_USER_FILTER=<redacted>
- DRONE_USER_CREATE=<redacted>
- DRONE_LOGS_TRACE=true
- DRONE_AGENTS_ENABLED=true
- DRONE_DATABASE_DRIVER=postgres
When I first run the drone-server, everything starts up fine and I’m able to navigate using my browser to drone.
However, on restart, it hangs for a while, and then eventually I’ll get an ERR_SSL_PROTOCOL_ERROR in the browser. Tailing the logs I get:
{
"acme":true
"host":"<my_domain_name>",
"level":"info","msg":"starting the http server",
"port":":443",
"proto":"https",
"time":"2021-05-11T13:30:29Z",
"url":"https://<my_domain_name>"
}
Followed by
http: TLS handshake error from ... urn:ietf:params:acme:error:rateLimited: Error creating new order :: too many certificates already issued for exact set of domains: <my_domain_name>: see https://letsencrypt.org/docs/rate-limits/
And an endless number of TLS handshake error messages.
It appears that drone isn’t using the cached certs even though they are on a persistent volume and they exist. See below:
tree /var/lib/drone/
/var/lib/drone/
├── data
│ └── golang-autocert
│ ├── acme_account+key
│ ├── <my_domain_name>
│ └── <my_domain_name>+rsa
├── drone.key
Any help is greatly appreciated. Thank you!