SSL Settings generated for subdomain which should be Non-SSL

[smyth64]

Hey there, I found an issue.

When I set the SSL settings let's say for domain.tld via LETSENCRYPT_HOST it's getting generated. Fine.

But if I create a new VIRTUAL_HOST for abc.domain.tld without the LETSENCRYPT_HOST, the settings are generated anyway! Seems like the check for the domain is not precise enough.

[madpipeline]

I've also noticed that when removing the LETSENCRYPT_HOST variable, the HTTPS settings still get generated. I guess this happens because of the companion container reporting something to this one.

[buchdag]

https being enabled or not for a domain depends on the existence of a set of specially named files in /etc/nginx/cert:

Let say your domain is www.domain.tld, if docker-gen finds both /etc/nginx/cert/www.domain.tld.crt and /etc/nginx/cert/www.domain.tld.key, then https will be enabled for www.domain.tld (wether the files are valid or not).

letsencrypt-nginx-proxy-companion only influence over this is creating or deleting those files, and the code for deleting those files for containers that transition from having their LETSENCRYPT_HOST variable set to not having it set is currently non existent.

I might add this feature to my own spinoff of letsencrypt-nginx-proxy-companion, thanks for the idea.

[buchdag]

This has since been added to acme-companion.