Hook script output during execution of --manual-auth-hook (and cleanup) for DNS challenge

Hello

During certbot "--manual-auth-hook my_script.sh" execution nothing happens on the screen and then when the script is finished all the "buffered(?)" output is dumped on the screen. Same situation for "--manual-cleanup-hook"

In my script there are many intermittent sleep sections with printf on the screen to notify user that the script is proceeding as expected (or errors are happening). It's inconvenient when those are visible only after whole script finished in one go.

When I execute those scripts outside certbot, then there are no problems and output is gradually printed on the screen as per scripts logic without delay.

Is this expected behaviour? Or maybe it can be changed by some swithch?

Certbot 2.9.0 from Ubuntu 24.04.

Welcome @jan77 My guess is that is a result of how Certbot invokes the script. Probably as an "exec" for your script and captures the output when complete. Certbot is written in python which I don't know well but perhaps another volunteer will know for sure. Other languages work like this.

My suggestion is just to put those in your own script instead to get the output as you wish.

Make MyCertbotScript.sh and run it instead of Certbot directly.

your pre-hook code
Certbot command (use "fake" --manual-auth-hook to avoid warning msg)
your post-hook code

You can setup your own cronjob (or timer) to run your script in the same manner that Certbot runs its renew. You could then disable Certbot's automated one if you always use your own custom script. See: User Guide — Certbot 3.1.0.dev0 documentation

3 Likes