Certbot PPA missing most DNS plugins?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: hmbp.gq

I ran this command: apt install python3-certbot-dns-luadns

It produced this output: E: Unable to locate package python3-certbot-dns-luadns

My web server is (include version): nginx/1.14.0 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 18.04.4 LTS

My hosting provider, if applicable, is: me

I can login to a root shell on my machine (yes or no, or I don’t know): ya

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

Instructions for wildcard at https://certbot.eff.org/lets-encrypt/ubuntubionic-nginx say to install python3-certbot-dns-<PLUGIN>. This page has a list of plugins including luadns plugin https://certbot.eff.org/docs/using.html#dns-plugins.

But the PPA apparently doesn’t have that one as well as most of the other ones:

# apt list python3-certbot-dns*
Listing... Done
python3-certbot-dns-cloudflare/bionic,bionic,now 0.23.0-1ubuntu0ppa1~ubuntu18.04.1 all [installed]
python3-certbot-dns-digitalocean/bionic,bionic 0.23.0-2ubuntu0ppa1~ubuntu18.04.1 all
python3-certbot-dns-dnsimple/bionic,bionic 0.23.0-2ubuntu0ppa1~ubuntu18.04.1 all
python3-certbot-dns-google/bionic,bionic 0.23.0-1 all
python3-certbot-dns-rfc2136/bionic,bionic 0.24.0-2ubuntu0ppa1~ubuntu18.04.1 all
python3-certbot-dns-route53/bionic,bionic 0.23.0-2+ubuntu18.04.1+certbot+1 all

What is going on here? How do I install the luadns plugin??

Hi @ledlamp

if you want to use dns validation, may be check acme.sh

That supports a lot of dns APIs.

It’s a long standing issue. It’s probably not too likely that it will be packaged for the Ubuntu PPA any time soon, as it’s not packaged in Debian either.

The Certbot snap has all of the DNS plugins available (https://snapcraft.io/search?q=certbot-dns), as well as the latest version of Certbot, but they’re not quite officially released yet. They should be soon, though.

In the meantime, acme.sh indeed can be a good choice: https://github.com/acmesh-official/acme.sh/wiki/dnsapi#8-use-luadns-domain-api

I installed certbot-dns-luadns with pip3. I also had to uninstall the apt certbot and install the pip3 certbot as well.

If you want to do this:

sudo apt autoremove certbot # you might have to autoremove the other certbot plugins you manually installed i'm not sure; `apt list --installed *certbot*` to make sure they're all gone
sudo apt install python3-pip # if necessary
sudo -i pip3 install certbot certbot-dns-luadns # don't forget any other plugins you use like certbot-nginx
# restart your shell

You should autoremove so that all dependencies are removed as well because if you don’t, pip3 won’t install those dependencies as they’re already satisfied. But then when you apt autoremove like it always suggests to do, you’ll break your certbot. So be sure to install the pip3 package after autoremoving.

Also you must run pip3 under a root login shell so use the -i option on sudo. Otherwise it’ll install to ~/.local and it won’t work for root!

In my opinion, the certbot site doesn't reflect this. It indeed says just apt install whatever DNS plugin you like, which is obviously false. I think it's rather unlucky to make false claims on an official documentation, as this might result in people not wanting to use certbot.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.