The requested nginx plugin does not appear to be installed

My Nginx run in docker:

docker run --name nginx --restart=always --net=gs-network -p 80:80 -p 443:443 -d -v /home/deva/git/deva-cicd/nginx/:/etc/nginx/ -v web-root:/var/www/html -v certbot-etc:/etc/letsencrypt -v certbot-var:/var/lib/letsencrypt -v letsencrypt-log:/var/log/letsencrypt nginx:latest

When I try running certbot to configure nginx:
docker run --name certbot -it --rm -v ~/nginx/:/etc/nginx/ -v web-root:/var/www/html -v certbot-etc:/etc/letsencrypt -v certbot-var:/var/lib/letsencrypt -v letsencrypt-log:/var/log/letsencrypt ministrbob/certbot-nginx-plugin certonly -vvv --nginx

I get the error:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator nginx and installer nginx
No candidate plugin
No candidate plugin
Selected authenticator None and installer None
Exiting abnormally:
Traceback (most recent call last):
  File "/usr/local/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot', 'console_scripts', 'certbot')())
  File "/opt/certbot/src/certbot/certbot/main.py", line 15, in main
    return internal_main.main(cli_args)
  File "/opt/certbot/src/certbot/certbot/_internal/main.py", line 1574, in main
    return config.func(config, plugins)
  File "/opt/certbot/src/certbot/certbot/_internal/main.py", line 1415, in certonly
    installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly")
  File "/opt/certbot/src/certbot/certbot/_internal/plugins/selection.py", line 228, in choose_configurator_plugins
    diagnose_configurator_problem("authenticator", req_auth, plugins)
  File "/opt/certbot/src/certbot/certbot/_internal/plugins/selection.py", line 332, in diagnose_configurator_problem
    raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The requested nginx plugin does not appear to be installed
The requested nginx plugin does not appear to be installed
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

I build my docker image

FROM certbot/certbot
RUN apk add --no-cache certbot-nginx

It's not help - error the same.

What could be the reason for the error? Why can't the certbot see nginx plugin?

1 Like

Hi @MinistrBob, and welcome to the LE community forum :slight_smile:

Although I'm not a docker expert, I will take a stab at what looks a bit off to me (in hopes of helping you resolve your problem).

Where did you get these instructions?:
[I've never seen this path, nor such explicit detail needed to be used]

1 Like

I don’t understand what you didn’t like about my method. If you look on the internet there are many different ways. And my way is not unusual, I suppose. This is compilation from other methods.

The problem is not in my method, but in the fact that command
certbot certonly --nginx
doesn't work in the official docker image.

In my opinion, the message The requested nginx plugin does not appear to be installed indicates that the certbot does not see the plugin. I'm trying to understand why.

1 Like

I repeat:

So I can't speak to anything that hinges on such a requirement.
I just wondered why you have to explicitly mention the plug-in.

Also: Are those two docker instances?

1 Like

I did this not in docker, but locally. The plugin does all the work for me to set up nginx and immediately configures certificates for all sites.

1 Like

Yes. First - nginx second - certbot and they share volumes

1 Like

Then it seems that the second instance just doesn't have access to the location where the plug-in resides.

1 Like

Exactly so, but in my opinion the plug-in should be inside the official image, I execute the command from there. And I conclude: either the developers did not install this plugin when building the image, or there is an error in the image, the PATHs may be incorrectly specified. Well, either I don't understand something :slight_smile:

1 Like

That doesn't seem like a default path (nor a fully qualified one).

1 Like

I'm not sure if this is even possible? From the official certbot documentation:

Docker is an amazingly simple and quick way to obtain a certificate. However, this mode of operation is unable to install certificates or configure your webserver, because our installer plugins cannot reach your webserver from inside the Docker container.

which you can find here: Get Certbot — Certbot 2.7.0.dev0 documentation

So it seems the certbot team doesn't support the webserver plugins like the nginx plugin for Docker. And with that I'm not sure if there is sufficient knowledge about this available on this Community on how you might get this working even if the certbot team themselves don't know how to make this work.

So even if you can get the certbot program to find the nginx plugin, that's probably useless anyway.

2 Likes

I understand this. I try build my image differently, with
python3.6 -m pip install certbot-nginx

and the error changed

The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.")

I found this topic there advise use --webroot

:disappointed_relieved: and I so wanted everything to be done for me

1 Like

This seems to be a limitation of Docker unfortunately. Maybe due to the fact certbot and nginx are in different containers? I have no experience with Docker, so just guessing here.

2 Likes

Welcome to the Let's Encrypt Community, Dmitry :slightly_smiling_face:

Perhaps this?

1 Like

The laws of human nature.
When presented with a question like:
If faced with a problem... Would you rather have an answer that fixes it or one that is extremely simpler to follow?
Almost everyone makes the right choice.
But when shown multiple "answers" to a problem, they tend to pick the simplest one.
Without even asking/verifying if it actually solves the problem or not.
[I guess we all just assume the best in everything (even when nothing clearly indicates them as such)]

The moral of this (whatever this was) is that we all need to do our due diligence when following guides found on the Internet - your mileage may vary, use only as directed, don't use if allergic to any of its' ingredients, must be 18 or older to order, while supplies last, see store for details.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.