Renew-hook script not found in PATH but it is there

WoJ · December 8, 2019, 8:47pm

Hello,

I filed what I believe is a malfunction of certbot (or a dumb error on my side) (see https://github.com/certbot/certbot/issues/7635), I would be grateful for some feedback if the problem is on my side:

My operating system is (include version):

Ubuntu 18.04

I installed Certbot with (certbot-auto, OS package manager, pip, etc):

docker (image is certbot/dns-ovh)

I ran this command and it produced this output:

# /usr/bin/docker run \
--rm \
-v /etc/docker/container-data/certbot/etc/letsencrypt:/etc/letsencrypt \
-v /etc/docker/container-data/certbot/var/lib/letsencrypt:/var/lib/letsencrypt \
-v /etc/docker/container-data/certbot/var/log/letsencrypt:/var/log/letsencrypt \
-v /tmp:/hook \
certbot/dns-ovh \
certonly \
-n \
--server https://acme-v02.api.letsencrypt.org/directory \
--dns-ovh \
--dns-ovh-credentials /etc/letsencrypt/ovh.ini \
-d *.something.something \
--email someone@somewhere \
--agree-tos \
--renew-hook "/usr/local/bin/docker-compose -f /etc/docker/docker-compose.d/10-caddy.yaml restart"

Unable to find renew-hook command /usr/local/bin/docker-compose in the PATH.
(PATH is /usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)

Certbot’s behavior differed from what I expected because:

The renew hook script is in the PATH:

 # ll /usr/local/bin/docker-compose
-rwxr-xr-x 1 root root 16M May  3  2019 /usr/local/bin/docker-compose

_az · December 8, 2019, 9:44pm

Cross-posting my answer from GitHub:

The --renew-hook runs inside the Docker container, not on your Docker host.

/usr/local/bin/docker-compose is not included with the certbot/dns-ovh image, so the error message is correct.

If you wanted to do this, you would need to mount both docker-compose and your Docker daemon socket inside the container.

WoJ · December 9, 2019, 7:49am

Thank you very much, you are absolutely correct - I completely forgot that the command would run in the container.

The solution is to update the command with

(...)
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/local/bin/docker-compose:/usr/local/bin/docker-compose \
-v /etc/docker/docker-compose.d/10-caddy.yaml:/tmp/caddy.yaml \
(...)
--renew-hook "/usr/local/bin/docker-compose -f /tmp/caddy.yaml restart"

system · January 8, 2020, 7:49am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Pre-hook script not found in PATH Help	3	878	July 14, 2020
Unable to renew certbot with dockers Help	15	2718	April 1, 2018
Certbot renew --pre-hook --post-hook \| Unable to find pre-hook command [RESOLVED] Help	10	389	August 11, 2024
Renewing: unable to find renew-hook Server	4	4733	December 6, 2016
Renew_hook in in the /renewal/domain.conf file? Help	13	2195	August 2, 2023

Renew-hook script not found in PATH but it is there

My operating system is (include version):

I installed Certbot with (certbot-auto, OS package manager, pip, etc):

I ran this command and it produced this output:

Certbot’s behavior differed from what I expected because:

Related topics