nginx-proxy-manager icon indicating copy to clipboard operation
nginx-proxy-manager copied to clipboard
Published 3 months ago verified publisher icon NginxProxyManager

Add wedos dns

Open Hadatko opened this issue 1 year ago • 4 comments

Hello, i would like to add another one certbot plugin. How can i test this change?

Hadatko avatar Jun 25 '24 21:06 Hadatko

I tested this by manually updating files in my docker instance. It looks working, but the wedos certbot script need little update.

Hadatko avatar Jun 25 '24 22:06 Hadatko

Docker Image for build 2 is available on DockerHub as jc21/nginx-proxy-manager:github-pr-3827

Note: ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.

nginxproxymanagerci[bot] avatar Jun 29 '24 19:06 nginxproxymanagerci[bot]

Hello, with docker image i am getting error (running certbot from cmd works well, any clue for this behavior when using npm gui?):

image

[6/29/2024] [11:29:56 PM] [Global   ] › ⬤  debug     CMD: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-12" --agree-tos --email "someemail" --domains "somedomain.somehost.eu" --authenticator dns-wedos --dns-wedos-credentials "/etc/letsencrypt/credentials/credentials-12"
[6/29/2024] [11:29:59 PM] [Global   ] › ⬤  debug     CMD: rm -f '/etc/letsencrypt/credentials/credentials-12' || true
[6/29/2024] [11:29:59 PM] [Global   ] › ⬤  debug     CMD: /usr/sbin/nginx -t -g "error_log off;"
[6/29/2024] [11:29:59 PM] [Nginx    ] › ℹ  info      Reloading Nginx
[6/29/2024] [11:29:59 PM] [Global   ] › ⬤  debug     CMD: /usr/sbin/nginx -s reload
[6/29/2024] [11:29:59 PM] [Express  ] › ⚠  warning   Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
An unexpected error occurred:
PermissionError: [Errno 13] Permission denied: '/etc/letsencrypt/live/README'
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

024-06-29 23:29:59,464:INFO:certbot._internal.client:Non-standard path(s), might not work with crontab installed by your operating system package manager
2024-06-29 23:29:59,465:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/certbot/bin/certbot", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1894, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1600, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 528, in obtain_and_enroll_certificate
    return storage.RenewableCert.new_lineage(
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/storage.py", line 1074, in new_lineage
    _write_live_readme_to(base_readme_path, is_base_dir=True)
  File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/storage.py", line 252, in _write_live_readme_to
    with open(readme_path, "w") as f:
         ^^^^^^^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/etc/letsencrypt/live/README'
2024-06-29 23:29:59,466:ERROR:certbot._internal.log:An unexpected error occurred:

Hadatko avatar Jun 29 '24 21:06 Hadatko

archive and live folder were created with owner root:root. When i change them to npm:npm, plugin worked well

So ready for merge

Hadatko avatar Jun 29 '24 22:06 Hadatko

Hi @Hadatko

Thanks a lot for adding this feature!

I just went through setting it up for the first time and I was struggling a bit so I though I'll post here some tips for others...

First of all make sure that the changes implemented in this PR are present in the docker image you're using. As of now, I used the following docker-compose.yml:

services:
  nginx-proxy-manager:
    image: 'jc21/nginx-proxy-manager:github-develop' # TODO: switch to latest; using develop so that I have access to this: https://github.com/NginxProxyManager/nginx-proxy-manager/pull/3827
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

DNS settings to set up before starting the challenge:

SCR-20241003-oqlj

Challenge settings:

Screenshot 2024-10-03 at 16 30 09

With the challenge settings I was slightly confused with the placeholder <wapi_sha256_password>. I first tried to paste there she sha256 sum of my wedos WAPI password:

echo -n 'my_password' | sha256sum

But that didn't work. Eventually, I used my wedos WAPI password (plain text) and that worked.

Note: For a while you might be stuck with a something that looks like an error in the NPM web UI. Just be patient and check your logs. Eventually the certificate landed successfully.

vsisl avatar Oct 03 '24 14:10 vsisl

Hi @vsisl , as you can see my last comment is saying that everything works and then the feature was merged. Happy to see somebody else to try this :D

Hadatko avatar Oct 03 '24 16:10 Hadatko