When I try running certbot to configure nginx: docker run --name certbot -it --rm -v ~/nginx/:/etc/nginx/ -v web-root:/var/www/html -v certbot-etc:/etc/letsencrypt -v certbot-var:/var/lib/letsencrypt -v letsencrypt-log:/var/log/letsencrypt ministrbob/certbot-nginx-plugin certonly -vvv --nginx
I get the error:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator nginx and installer nginx
No candidate plugin
No candidate plugin
Selected authenticator None and installer None
Exiting abnormally:
Traceback (most recent call last):
File "/usr/local/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot', 'console_scripts', 'certbot')())
File "/opt/certbot/src/certbot/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/opt/certbot/src/certbot/certbot/_internal/main.py", line 1574, in main
return config.func(config, plugins)
File "/opt/certbot/src/certbot/certbot/_internal/main.py", line 1415, in certonly
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly")
File "/opt/certbot/src/certbot/certbot/_internal/plugins/selection.py", line 228, in choose_configurator_plugins
diagnose_configurator_problem("authenticator", req_auth, plugins)
File "/opt/certbot/src/certbot/certbot/_internal/plugins/selection.py", line 332, in diagnose_configurator_problem
raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The requested nginx plugin does not appear to be installed
The requested nginx plugin does not appear to be installed
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
I build my docker image
FROM certbot/certbot
RUN apk add --no-cache certbot-nginx
It's not help - error the same.
What could be the reason for the error? Why can't the certbot see nginx plugin?
I don’t understand what you didn’t like about my method. If you look on the internet there are many different ways. And my way is not unusual, I suppose. This is compilation from other methods.
The problem is not in my method, but in the fact that command certbot certonly --nginx
doesn't work in the official docker image.
In my opinion, the message The requested nginx plugin does not appear to be installed indicates that the certbot does not see the plugin. I'm trying to understand why.
Exactly so, but in my opinion the plug-in should be inside the official image, I execute the command from there. And I conclude: either the developers did not install this plugin when building the image, or there is an error in the image, the PATHs may be incorrectly specified. Well, either I don't understand something
I'm not sure if this is even possible? From the official certbot documentation:
Docker is an amazingly simple and quick way to obtain a certificate. However, this mode of operation is unable to install certificates or configure your webserver, because our installer plugins cannot reach your webserver from inside the Docker container.
So it seems the certbot team doesn't support the webserver plugins like the nginx plugin for Docker. And with that I'm not sure if there is sufficient knowledge about this available on this Community on how you might get this working even if the certbot team themselves don't know how to make this work.
So even if you can get the certbot program to find the nginx plugin, that's probably useless anyway.
I understand this. I try build my image differently, with python3.6 -m pip install certbot-nginx
and the error changed
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.")
This seems to be a limitation of Docker unfortunately. Maybe due to the fact certbot and nginx are in different containers? I have no experience with Docker, so just guessing here.
The laws of human nature.
When presented with a question like: If faced with a problem... Would you rather have an answer that fixes it or one that is extremely simpler to follow?
Almost everyone makes the right choice.
But when shown multiple "answers" to a problem, they tend to pick the simplest one.
Without even asking/verifying if it actually solves the problem or not.
[I guess we all just assume the best in everything (even when nothing clearly indicates them as such)]
The moral of this (whatever this was) is that we all need to do our due diligence when following guides found on the Internet - your mileage may vary, use only as directed, don't use if allergic to any of its' ingredients, must be 18 or older to order, while supplies last, see store for details.