I have a Debian 10 system acting as a load balancer.
Upon certificate renewal when run as a cron job/systemd timer, I get the following message:
2022-03-29 11:40:31,438:WARNING:certbot.renewal:Attempting to renew cert (spfe00.fuettertdasnetz.de) from /etc/letsencrypt/renewal/spfe00.fuettertdasnetz.de.conf produced an unexpected error: Requesting acme-v02.api.letsencrypt.org/directory: Network is unreachable. Skipping.
2022-03-29 11:40:31,439:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 159, in _new_conn
(self._dns_host, self.port), self.timeout, **extra_kw)
File "/usr/lib/python3/dist-packages/urllib3/util/connection.py", line 80, in create_connection
raise err
File "/usr/lib/python3/dist-packages/urllib3/util/connection.py", line 70, in create_connection
sock.connect(sa)
OSError: [Errno 101] Network is unreachable
However, if I run the manual renewal as "sudo certbot renew" I have no issues and the certificate is renewed successfully (dry-run or otherwise).
I realise there must be a network/firewall/configuration issue on my end, but I do not understand why I run into an issue when it's a systemd timer / cron job. Any ideas?