search

jlesage / docker-nginx-proxy-manager

Docker container for Nginx Proxy Manager
MIT License
755 stars 166 forks source link

[Bug] Can not login to UI and unable to renew certificate #304

Open JanM0 opened 9 months ago

JanM0 commented 9 months ago

Current Behavior

Running v23.08.1 on an Unraid OS 6.12.4. I am not able to login to UI.

Logs show 

[app         ] [9/6/2023] [1:43:57 PM] [Migrate  ] › ℹ  info      Current database version: none
[app         ] [9/6/2023] [1:43:58 PM] [Global   ] › ✖  error     Command failed: pip install --no-cache-dir certbot-dns-route53==$(certbot --version | grep -Eo '[0-9](\.[0-9]+)+') 
[app         ] An unexpected error occurred:
[app         ] pkg_resources.ContextualVersionConflict: (urllib3 2.0.4 (/usr/lib/python3.10/site-packages), Requirement.parse('urllib3<1.27,>=1.25.4'), {'botocore'})
[app         ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-ka2_ng49/log or re-run Certbot with -v for more details.
[app         ] ERROR: Could not find a version that satisfies the requirement certbot-dns-route53== (from versions: 0.15.0.dev0, 0.15.0, 0.16.0, 0.17.0, 0.18.0, 0.18.1, 0.18.2, 0.19.0, 0.20.0, 0.21.0, 0.21.1, 0.22.0, 0.22.1, 0.22.2, 0.23.0, 0.24.0, 0.25.0, 0.25.1, 0.26.0, 0.26.1, 0.27.0, 0.27.1, 0.28.0, 0.29.0, 0.29.1, 0.30.0, 0.30.1, 0.30.2, 0.31.0, 0.32.0, 0.33.0, 0.33.1, 0.34.0, 0.34.1, 0.34.2, 0.35.0, 0.35.1, 0.36.0, 0.37.0, 0.37.1, 0.37.2, 0.38.0, 0.39.0, 0.40.0, 0.40.1, 1.0.0, 1.1.0, 1.2.0, 1.3.0, 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.13.0, 1.14.0, 1.15.0, 1.16.0, 1.17.0, 1.18.0, 1.19.0, 1.20.0, 1.21.0, 1.22.0, 1.23.0, 1.24.0, 1.25.0, 1.26.0, 1.27.0, 1.28.0, 1.29.0, 1.30.0, 1.31.0, 1.32.0, 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0)
[app         ] ERROR: No matching distribution found for certbot-dns-route53==

Manually ran pip install --no-cache-dir certbot-dns-route53==$(certbot --version | grep -Eo '[0-9](\.[0-9]+)+') and I was able to login again. But renewing just shows Internal Error.

Logs show

[app         ] [9/15/2023] [9:04:51 PM] [Express  ] › ⚠  warning   Command failed: AWS_CONFIG_FILE='/etc/letsencrypt/credentials/credentials-5' certbot renew --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-5" --disable-hook-validation --no-random-sleep-on-renew 
[app         ] Another instance of Certbot is already running.
[app         ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-rwkmcm9q/log or re-run Certbot with -v for more details.
[app         ] [9/15/2023] [9:05:00 PM] [SSL      ] › ✖  error     Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --preferred-challenges "dns,http" --disable-hook-validation  
[app         ] Failed to renew certificate npm-3 with error: Unable to locate credentials
[app         ] To use certbot-dns-route53, configure credentials as described at https://boto3.readthedocs.io/en/latest/guide/configuration.html#best-practices-for-configuring-credentials and add the necessary permissions for Route53 access.
[app         ] All renewals failed. The following certificates could not be renewed:
[app         ]   /etc/letsencrypt/live/npm-3/fullchain.pem (failure)
[app         ] 1 renew failure(s), 0 parse failure(s)
[app         ]     at ChildProcess.exithandler (node:child_process:402:12)
[app         ]     at ChildProcess.emit (node:events:513:28)
[app         ]     at maybeClose (node:internal/child_process:1100:16)
[app         ]     at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)

But now I don´t know how to kill/restart certbot

Expected Behavior

Login to UI and renewal of certificates work fine

Steps To Reproduce

No response

Environment

Container creation

I just installed the App via Unraid GUI https://forums.unraid.net/topic/76460-support-djoss-nginx-proxy-manager/

Container log

[app         ] [9/6/2023] [1:43:57 PM] [Migrate  ] › ℹ  info      Current database version: none
[app         ] [9/6/2023] [1:43:58 PM] [Global   ] › ✖  error     Command failed: pip install --no-cache-dir certbot-dns-route53==$(certbot --version | grep -Eo '[0-9](\.[0-9]+)+') 
[app         ] An unexpected error occurred:
[app         ] pkg_resources.ContextualVersionConflict: (urllib3 2.0.4 (/usr/lib/python3.10/site-packages), Requirement.parse('urllib3<1.27,>=1.25.4'), {'botocore'})
[app         ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-ka2_ng49/log or re-run Certbot with -v for more details.
[app         ] ERROR: Could not find a version that satisfies the requirement certbot-dns-route53== (from versions: 0.15.0.dev0, 0.15.0, 0.16.0, 0.17.0, 0.18.0, 0.18.1, 0.18.2, 0.19.0, 0.20.0, 0.21.0, 0.21.1, 0.22.0, 0.22.1, 0.22.2, 0.23.0, 0.24.0, 0.25.0, 0.25.1, 0.26.0, 0.26.1, 0.27.0, 0.27.1, 0.28.0, 0.29.0, 0.29.1, 0.30.0, 0.30.1, 0.30.2, 0.31.0, 0.32.0, 0.33.0, 0.33.1, 0.34.0, 0.34.1, 0.34.2, 0.35.0, 0.35.1, 0.36.0, 0.37.0, 0.37.1, 0.37.2, 0.38.0, 0.39.0, 0.40.0, 0.40.1, 1.0.0, 1.1.0, 1.2.0, 1.3.0, 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.13.0, 1.14.0, 1.15.0, 1.16.0, 1.17.0, 1.18.0, 1.19.0, 1.20.0, 1.21.0, 1.22.0, 1.23.0, 1.24.0, 1.25.0, 1.26.0, 1.27.0, 1.28.0, 1.29.0, 1.30.0, 1.31.0, 1.32.0, 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0)
[app         ] ERROR: No matching distribution found for certbot-dns-route53==
[app         ] [9/15/2023] [9:04:51 PM] [Express  ] › ⚠  warning   Command failed: AWS_CONFIG_FILE='/etc/letsencrypt/credentials/credentials-5' certbot renew --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-5" --disable-hook-validation --no-random-sleep-on-renew 
[app         ] Another instance of Certbot is already running.
[app         ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-rwkmcm9q/log or re-run Certbot with -v for more details.
[app         ] [9/15/2023] [9:05:00 PM] [SSL      ] › ✖  error     Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --preferred-challenges "dns,http" --disable-hook-validation  
[app         ] Failed to renew certificate npm-3 with error: Unable to locate credentials
[app         ] To use certbot-dns-route53, configure credentials as described at https://boto3.readthedocs.io/en/latest/guide/configuration.html#best-practices-for-configuring-credentials and add the necessary permissions for Route53 access.
[app         ] All renewals failed. The following certificates could not be renewed:
[app         ]   /etc/letsencrypt/live/npm-3/fullchain.pem (failure)
[app         ] 1 renew failure(s), 0 parse failure(s)
[app         ]     at ChildProcess.exithandler (node:child_process:402:12)
[app         ]     at ChildProcess.emit (node:events:513:28)
[app         ]     at maybeClose (node:internal/child_process:1100:16)
[app         ]     at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)

Container inspect

No response

Anything else?

No response

cwesterfield commented 9 months ago

I have the same issue with latest on docker (in debian).

The login screen gave the error "Bad Gateway." The Pip command above allowed me to login, but I stopped there.

JanM0 commented 9 months ago

With ps -ef you can list all running processes. You are looking for a process named "certb" something. Infront of every process is the corresponding ID, eg: 752. With kill 752 you would kill the process with the ID 752. That worked for me in order to be able to renew my certificates again.