I'm pretty new in this area and need a bit of help.
I have an .at-Domain which is bought and managed by world4you.
At home I'm hosting my own ProxMox-Server with nginx (LXC) where I'm using a Wildcard-Cert created manually with certbot using the DNS-Challenge, works perfectly fine.
But I want it to renew the Cert automatically, sadly my hoster (world4you) doesn't have any DNS API to automate the challenge, but I can change the DNS-Server.
Is there a way to automate it? I didn't find anything about it, in since I'm new in this area I don't have any ideas.
And I have another question:
Is there a way to install Certbot v >= 0.32.0 without using snap on debian?
Snap doesnt work on my LXC.
You could use a CNAME for the _acme-challenge subdomain and point it to a different hostname for which you can automate adding/removing RR. Take a look at acme-dns which is build for this purpose.
Perhaps nameserver delegation with a NS RR is also possible, but CNAMEs work for sure.
I haven't tried it because I dont want to install something else on my ProxMox-System, but I tested it and it works.
BTW the Error in LCX is:
root@ReverseProxy:~# snap install core
error: system does not fully support snapd: cannot mount squashfs image using
"squashfs": mount: /tmp/sanity-mountpoint-433062623: mount failed: Operation
not permitted.