Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: docs.jewettfarm.com
I ran this command: podman run -it --rm
--volume certbot-pvc:/etc/letsencrypt:z
--secret=cf-tokem-jf,type=env,target=CLOUDFLARE_API_TOKEN
docker.io/certbot/dns-cloudflare certonly --agree-tos --register-unsafely-without-email
--dns-cloudflare-propagation-seconds 30
--dns-cloudflare
-d docs.jewettfarm.com
It produced this output:
Input the path to your Cloudflare credentials INI file (Enter 'c' to cancel): c
Cloudflare credentials INI file required to proceed.
My web server is (include version): nginx 1.27
The operating system my web server runs on is (include version): Alpine Linux v3.20
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): N/A
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 3.1.0
I read about using a variable to provide my api token, here: Welcome to certbot-dns-cloudflare’s documentation! — certbot-dns-cloudflare 0 documentation
Is this possible? Trying to avoid saving the token in plain text in scripts or ini on the server if at all possible. Trying to utilize docker secrets (Podman in my case) to better secure the token.
Hoping I just have a syntax error. I did verify the variable is set inside the container, and the python plugin is supposed to pick up the value of CLOUDFLARE_API_TOKEN, but certbot still prompts for the ini file.
Thank you