Certbot auto-renew with my hoster

Hello,

I'm pretty new in this area and need a bit of help.
I have an .at-Domain which is bought and managed by world4you.
At home I'm hosting my own ProxMox-Server with nginx (LXC) where I'm using a Wildcard-Cert created manually with certbot using the DNS-Challenge, works perfectly fine.

But I want it to renew the Cert automatically, sadly my hoster (world4you) doesn't have any DNS API to automate the challenge, but I can change the DNS-Server.

Is there a way to automate it? I didn't find anything about it, in since I'm new in this area I don't have any ideas.

And I have another question:
Is there a way to install Certbot v >= 0.32.0 without using snap on debian?
Snap doesnt work on my LXC.

Sincerely,
Tropaion

1 Like

You could use a CNAME for the _acme-challenge subdomain and point it to a different hostname for which you can automate adding/removing RR. Take a look at acme-dns which is build for this purpose.

Perhaps nameserver delegation with a NS RR is also possible, but CNAMEs work for sure.

3 Likes

Will it install outside the containment?

1 Like

I haven't tried it because I dont want to install something else on my ProxMox-System, but I tested it and it works.
BTW the Error in LCX is:
root@ReverseProxy:~# snap install core
error: system does not fully support snapd: cannot mount squashfs image using
"squashfs": mount: /tmp/sanity-mountpoint-433062623: mount failed: Operation
not permitted.

2 Likes

If you don't want to install anything on the ProxMox-System...
Then can it also run another container type system (in addition to LXC)?

[don't be shy - get involved and be heard - start with: if you see something you like, then like it :heart:]

2 Likes