generated from bisco/codex-bootstrap
fix: keep proxy healthy during tls pending
This commit is contained in:
@@ -31,6 +31,25 @@ Verify public DNS, inbound port 80, the operator email, and staging mode. Reques
|
||||
missing `/.well-known/acme-challenge/` path: an NGINX 404 confirms the route is yours.
|
||||
Avoid repeated production-CA retries while debugging.
|
||||
|
||||
When Let's Encrypt is enabled, the proxy intentionally returns 503 for normal
|
||||
application paths until a certificate exists. ACME challenge paths and proxy health
|
||||
paths must still work in that pending state, otherwise Certbot will never start.
|
||||
|
||||
## Bootstrap writes to the wrong data volume
|
||||
|
||||
Do not combine the test override with production bootstrap commands. This command writes
|
||||
to isolated test volumes only:
|
||||
|
||||
```bash
|
||||
docker compose -f docker-compose.yml -f docker-compose.test.yml --profile tools run --rm wp-cli /scripts/bootstrap.sh
|
||||
```
|
||||
|
||||
Use this command for the real host-based WordPress data directory:
|
||||
|
||||
```bash
|
||||
docker compose --profile tools run --rm wp-cli /scripts/bootstrap.sh
|
||||
```
|
||||
|
||||
## Rollback
|
||||
|
||||
Revert the deployment commit and rebuild while preserving all host data directories.
|
||||
|
||||
Reference in New Issue
Block a user