Hindin-The-G f7ff93a499e51cc603145757c80a495d015c9640 [Update] Stop mailcow before update

I used that one instead - that’s the one right before that update to docker-compose v2, I figured. Not sure if that is the issue on your end but that one fixed it for me. Could as well be some other issue on your side, too - so not sure.

    Still not working on my end. Can someone help me?

    i have the same issue. mailcow is down. i cant even start it with docker compose v2 nor use the update script. can someone tell me how i can revert to v1?

    okay i fixed it for me:

    edit your mailcow.conf and add your ipv4 address in the HTTP_BIND and HTTPS_BIND section. after that run update.sh and be happy.

    I had both values empty before, for the dual setup. this was something docker compose v2 didnt like i guess.

    A litte hint in the docs would be awesome for this.

    hndrk Sorry the update.sh script is now working. But when I want to access the WebGUI I get now a certificate error and can’t connect as the name in the certificate is wrong?

      Install docker-compose v2.6.0

      sudo curl -L "https://github.com/docker/compose/releases/download/v2.6.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

sudo chmod a+x /usr/local/bin/docker-compose
# Enable & start docker
sudo systemctl enable docker
sudo systemctl start docker

        Update docker-compose v1 to v2

        First: backup your server or take a snapshot

        Update os:
        sudo apt update && sudo apt upgrade -y

        Stop MailCow docker stack:

        cd /opt/mailcow-dockerized
docker-compose down

        Install docker-compose v2

        sudo curl -L "https://github.com/docker/compose/releases/download/v2.6.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

sudo chmod a+x /usr/local/bin/docker-compose
# Enable & start docker
sudo systemctl enable docker
sudo systemctl start docker

docker --version && docker-compose --version
         ./update.sh --check

 ./update.sh

        Are you sure you want to update mailcow: dockerized? All containers will be stopped. [y/N] y

        Should we try to enable the native IPv6 implementation in Docker now (recommended)? [y/N] N

        Advanced Remove old images and unused volumes
        docker system prune -a –volumes (make sure all of the container are up and running: docker-compose ps -a )

        This is how I upgraded docker-compose v2 and it worked.

          numan
          What I’m wondering is, because you didn’t use the official documented way with the docker compose plugin, if you will have to switch again on december to the plugin.
          Why?
          the commands are slightly different:
          docker-compose
          is used on v1 and on your way.
          If you install the docker compose plugin as written in the docs it’s now:
          docker compose
          for now both commands are covered but i guess, after december the update.sh and stuff will only use docker compose

            4 days later

            numan hello, sorry for the late reply but we were on vacation.

            So the update works now, but I have a problem with the certificates afterwards. I have now entered my public IPv4 address in the mailcow.conf at HTTP_BIND= and HTTPS_BIND=. Otherwise the update script does not work for me. I also use MTA-STS and configured it with the parameters ADDITIONAL_SAN=mta-sts.feinler.net and ADDITIONAL_SERVER_NAMES=mta-sts.feinler.net. This all runs as said with docker-compose v1. After the update I now get the message that the name in the certificate is wrong. My hostname is MAILCOW_HOSTNAME=mail.feinler.net. But when I open the certificate in the browser then it says issued for mta-sts.feinler.net. But this is wrong. I have now already tried the following, but everything does not work.

            1. Ihave already removed the mta-sts.feinler.net entries from the mailcow.conf. Then started the update again. does not work.

            2. then I have deleted the certificates as described here mailcow.github.io Icon TLS-Zertifikate zurücksetzen - mailcow: dockerized Dokumentation

              mailcow.github.io Icon mailcow.github.io
              TLS-Zertifikate zurücksetzen - mailcow: dockerized Dokumentation
              None
              mailcow.github.io
              but has also brought nothing.

            In the log of the ACME it says the following:

            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:18 CEST 2022 - Waiting for Docker API...
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:18 CEST 2022 - Docker API OK
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:19 CEST 2022 - Waiting for Postfix...
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:19 CEST 2022 - Postfix OK
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:19 CEST 2022 - Waiting for Dovecot...
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:19 CEST 2022 - Dovecot OK
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:19 CEST 2022 - Waiting for database...
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:19 CEST 2022 - Database OK
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:19 CEST 2022 - Waiting for Nginx...
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:22 CEST 2022 - Nginx OK
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:22 CEST 2022 - Waiting for resolver...
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:23 CEST 2022 - Resolver OK
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:23 CEST 2022 - Waiting for domain table...
            mailcowdockerized-acme-mailcow-1 | OK
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:23 CEST 2022 - Initializing, please wait...
            mailcowdockerized-acme-mailcow-1 | unable to load certificate
            mailcowdockerized-acme-mailcow-1 | 140599911742280:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
            mailcowdockerized-acme-mailcow-1 | unable to load certificate
            mailcowdockerized-acme-mailcow-1 | 140700120918856:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
            mailcowdockerized-acme-mailcow-1 | unable to load certificate
            mailcowdockerized-acme-mailcow-1 | 139668845890376:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
            mailcowdockerized-acme-mailcow-1 | unable to load certificate
            mailcowdockerized-acme-mailcow-1 | 140011596409672:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:23 CEST 2022 - Generating missing domain private rsa key...
            mailcowdockerized-acme-mailcow-1 | Generating RSA private key, 4096 bit long modulus (2 primes)
            mailcowdockerized-acme-mailcow-1 | .......++++
            mailcowdockerized-acme-mailcow-1 | ....................................++++
            mailcowdockerized-acme-mailcow-1 | e is 65537 (0x010001)
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:24 CEST 2022 - Generating missing Lets Encrypt account key...
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:24 CEST 2022 - Valid email address, using daniel@feinler.com for registration
            mailcowdockerized-acme-mailcow-1 | Generating RSA private key, 4096 bit long modulus (2 primes)
            mailcowdockerized-acme-mailcow-1 | .......................................++++
            mailcowdockerized-acme-mailcow-1 | ..................................................................................................++++
            mailcowdockerized-acme-mailcow-1 | e is 65537 (0x010001)
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:26 CEST 2022 - Detecting IP addresses...
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:26 CEST 2022 - OK: 37.120.160.190, 2a03:4000:6:364c:741b:8ff:fe99:3fd1
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:27 CEST 2022 - Found AAAA record for autodiscover.feinler.com: 2a03:4000:6:364c:741b:8ff:fe99:3fd1 - skipping A record check
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:27 CEST 2022 - Confirmed AAAA record with IP 2a03:4000:0006:364c:741b:08ff:fe99:3fd1, but HTTP validation failed
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:27 CEST 2022 - Found AAAA record for autoconfig.feinler.com: 2a03:4000:6:364c:741b:8ff:fe99:3fd1 - skipping A record check
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:27 CEST 2022 - Confirmed AAAA record with IP 2a03:4000:0006:364c:741b:08ff:fe99:3fd1, but HTTP validation failed
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:27 CEST 2022 - Found AAAA record for autodiscover.feinler.net: 2a03:4000:6:364c:741b:8ff:fe99:3fd1 - skipping A record check
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:27 CEST 2022 - Confirmed AAAA record with IP 2a03:4000:0006:364c:741b:08ff:fe99:3fd1, but HTTP validation failed
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:27 CEST 2022 - Found AAAA record for autoconfig.feinler.net: 2a03:4000:6:364c:741b:8ff:fe99:3fd1 - skipping A record check
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Confirmed AAAA record with IP 2a03:4000:0006:364c:741b:08ff:fe99:3fd1, but HTTP validation failed
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Found AAAA record for autodiscover.kaufelds.de: 2a03:4000:6:364c:741b:8ff:fe99:3fd1 - skipping A record check
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Confirmed AAAA record with IP 2a03:4000:0006:364c:741b:08ff:fe99:3fd1, but HTTP validation failed
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Found AAAA record for autoconfig.kaufelds.de: 2a03:4000:6:364c:741b:8ff:fe99:3fd1 - skipping A record check
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Confirmed AAAA record with IP 2a03:4000:0006:364c:741b:08ff:fe99:3fd1, but HTTP validation failed
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Found AAAA record for mail.feinler.net: 2a03:4000:6:364c:741b:8ff:fe99:3fd1 - skipping A record check
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Confirmed AAAA record with IP 2a03:4000:0006:364c:741b:08ff:fe99:3fd1, but HTTP validation failed
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Cannot validate any hostnames, skipping Let's Encrypt for 1 hour.
            mailcowdockerized-acme-mailcow-1 | Thu Jun 16 11:26:28 CEST 2022 - Use SKIP_LETS_ENCRYPT=y in mailcow.conf to skip it permanently.
            mailcowdockerized-acme-mailcow-1 | OK

            I am now really at the end. Is this not working because of DNSSEC or is there something wrong with Docker? I have disabled the correct ufw firewall. What else can it be, it seems like it can’t get the HTTP request through? but why, and why did everything work when setting up with docker-compose v1?

              No one is typing