Question 1

How to stop SWAG from revoking valid Let's Encrypt certificates on every container restart?

Accepted Answer

This is caused by a bug in SWAG's certificate renewal script that mistakenly identifies certificates signed by ISRG Root X2 as 'old LE certs'. To fix, edit the file `/etc/s6-overlay/s6-rc.d/init-certbot-config/run` inside the container or the local config mapping, and replace `grep -q "ISRG Root X"` with `grep -q "ISRG Root X1"`. Alternatively, use the `--preferred-chain` option in certbot to force a different root certificate. This prevents unnecessary revocations and avoids hitting Let's Encrypt rate limits (5 reissues per week).

Question 2

How to fix 'DnsManagementClient.__init__() takes 3 to 4 positional arguments but 5 were given' error when using certbot-dns-azure?

Accepted Answer

This error occurs because certbot-dns-azure is incompatible with azure-mgmt-dns v9.0.0, which now only targets the latest API version and requires fewer parameters. To resolve, force install the compatible version before installing the plugin: `pip install azure-mgmt-dns==8.2.0` and then `pip install certbot-dns-azure`. As a temporary Docker workaround, add `RUN pip install azure-mgmt-dns==8.2.0` before the certbot plugin installation in your Dockerfile. Note: The certbot-dns-azure plugin may be removed from the LinuxServer SWAG image; consider using the universal package install mod to pin the dependency.

Question 3

How to configure nginx reverse proxy for Storyteller with LinuxServer's SWAG container?

Accepted Answer

Use the following nginx server block configuration. This is a user-contributed workaround, not yet merged into the official linuxserver/reverse-proxy-confs repository.

```nginx
server {
    listen 443 ssl;
    listen [::]:443 ssl;

server_name storyteller.*;

include /config/nginx/ssl.conf;
    client_max_body_size 0;

location /api/v2/books/events {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app storyteller;
        set $upstream_port 8001;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }

location ~* ^/_next/static/ {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app storyteller;
        set $upstream_port 8001;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        add_header Cache-Control "public, max-age=31536000, immutable";
    }

location ~* ^/api/v2/books/.+/(read|cover)/ {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app storyteller;
        set $upstream_port 8001;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        add_header Access-Control-Allow-Origin $http_origin always;
        add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
        add_header Access-Control-Allow-Headers "Range, Content-Type" always;
        add_header Cache-Control "public, max-age=604800";
        proxy_force_ranges on;
    }

location / {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app storyteller;
        set $upstream_port 8001;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
}
```
Ensure your Storyteller container name is "storyteller" and DNS has a CNAME for the subdomain. For official support, track the linuxserver/reverse-proxy-confs repository.

docker-swag

Core Features

What It Can't Do

Use Cases

Tags

Getting Started

Similar Projects