mirror of
https://github.com/dehydrated-io/dehydrated.git
synced 2026-01-13 07:10:34 +01:00
error when using letsencrypt_acme_dns-01_challenge_hook.sh #459
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @henrylg on GitHub (Jan 18, 2020).
Using debian10 vm and zsh shell. Have created domains.txt and config.sh. Added the bind9 nameserver ip address. Get the following error.
dehydrated -c
INFO: Using main config file /etc/dehydrated/config
INFO: Using additional config file /etc/dehydrated/conf.d/config.sh
INFO: Using additional config file /etc/dehydrated/conf.d/letsencrypt_acme_dns-01_challenge_hook.sh
/etc/dehydrated/conf.d/letsencrypt_acme_dns-01_challenge_hook.sh: line 101: $1: unbound variable
@txr13 commented on GitHub (Jan 19, 2020):
Your hook script is being processed as a config file. Do not put your hook script in the configuration directory.
@henrylg commented on GitHub (Jan 19, 2020):
Ok not sure where to put the hook.sh. If i put in in /etc/dehydrated/hook.sh then dehydrated does not find it. If I put it in /etc/dehydrated/conf.d/hook.sh, along-side the config.sh it gives the error /etc/dehydrated/conf.d/hook.sh: line 101: $1: unbound variable
dehydrated -c
INFO: Using main config file /etc/dehydrated/config
INFO: Using additional config file /etc/dehydrated/conf.d/config.sh
ERROR: Challenge type dns-01 needs a hook script for deployment... cannot continue.
@alainwolf commented on GitHub (Jan 19, 2020):
Dehydrated does not need to "find" it by itself. You set the location in your configuration file.
E.g.:
HOOK="/usr/local/lib/my_dehydrated_hook"#HOOK_CHAIN="no"@henrylg commented on GitHub (Jan 19, 2020):
Thank you for the assistance. Now I have this. # /usr/bin/dehydrated --register --accept-terms
INFO: Using main config file /etc/dehydrated/config
INFO: Using additional config file /etc/dehydrated/conf.d/config.sh
Details:
HTTP/2 403
server: nginx
date: Sun, 19 Jan 2020 14:48:47 GMT
content-type: application/problem+json
content-length: 280
cache-control: public, max-age=0, no-cache
replay-nonce: 0001bTUjgsF2G2RorpHhe-dWQlFPIBnvUixQzLFa0-32f0M
{
"type": "urn:acme:error:unauthorized",
"detail": "Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.",
"status": 403
}
Error registering account key. See message above for more information.
How do I tell dehydrate to use ACMEv2 ?
@henrylg commented on GitHub (Jan 19, 2020):
My bad I found my mistake.Thanks.
@reetp commented on GitHub (Jan 20, 2020):
Sorry - slightly OT for the original issue but I saw this comment.
Can you advise why the EPEL rpm version drops a file called hook.sh in the /etc/dehydrated directory?
Is it meant to run from there or is it just a demonstration?
@txr13 commented on GitHub (Jan 20, 2020):
Well, I can’t really say definitively why that was done, but I can speculate.
The problem doesn’t occur when a hook and the main config file are in the same directory. The problem occurs when the hook is present in the additional config directory, where it will be processed as an additional config file.
I’m assuming that the RPM version you’re referring to uses /etc/dehydrated as a main config directory, not as an additional config directory. The problem would not occur in that setup, and I could see it being placed there as a bulk “all your files should go here” solution. Speaking for myself (and I don’t install dehydrated from package), I use /etc/dehydrated/hooks for my hook scripts. I have more than one hook for different domain requirements, and putting them all in the main config directory gets messy. What I do keep in the root is just my config file, my domains file, and ffdhe2048.txt, with subdirectories for accounts, certs, chains, hooks, etc.