[BUG] 2.10.0 - Hangs at Please set the DNSPLUGIN variable to one of the following:

[usableweb]

Is there an existing issue for this?

• [X] I have searched the existing issues

Current Behavior

After the latest pull, the container hangs during initialization here:

`User UID: 99 User GID: 100 ───────────────────────────────────────

using keys found in /config/keys Variables set: PUID=99 PGID=100 TZ=America/New_York URL=my-domain.net SUBDOMAINS=wildcard EXTRA_DOMAINS= ONLY_SUBDOMAINS=false VALIDATION=dns CERTPROVIDER= DNSPLUGIN=cloudflare EMAIL=my-email@gmail.com STAGING=false

Please set the DNSPLUGIN variable to one of the following:`

Expected Behavior

After reverting to 2.9.0-ls292, normal initialization:

`User UID: 99 User GID: 100 ───────────────────────────────────────

using keys found in /config/keys Variables set: PUID=99 PGID=100 TZ=America/New_York URL=my-domain.net SUBDOMAINS=wildcard EXTRA_DOMAINS= ONLY_SUBDOMAINS=false VALIDATION=dns CERTPROVIDER= DNSPLUGIN=cloudflare EMAIL=my-email@gmail.com STAGING=false

Using Let's Encrypt as the cert provider SUBDOMAINS entered, processing Wildcard cert for my-domain.net will be requested E-mail address entered: my-email@gmail.com dns validation via cloudflare plugin is selected Certificate exists; parameters unchanged; starting nginx . . (normal initialization output) . Server ready `

Steps To Reproduce

Pull :latest.

Last working version was 2.9.0-ls292. I pinned the container to this tag as a workaround.

Environment

- OS: Unraid OS Pro 6.12.9
- System: SuperMicro H8DM8-2 / 8Gb RAM / Quad-core AMD Opteron 2347HE
- uname -a: Linux hydra 6.1.82-Unraid #1 SMP PREEMPT_DYNAMIC Fri Mar 15 15:00:09 PDT 2024 x86_64 Quad-Core AMD Opteron(tm) Processor 2347 HE AuthenticAMD GNU/Linux

NOTE:  I was monitoring the discussion on discord re: lxml and SSE4.2 extensions, but according to cpu-world and a few other sources, this CPU supports SSE4.  And as we know, everything we read on the Internet is true.  ;^)

CPU architecture

x86-64

Docker creation

docker run
  -d
  --name='swag'
  --net='proxynet'
  -e TZ="America/New_York"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="hydra"
  -e HOST_CONTAINERNAME="swag"
  -e 'URL'='my-domain.net'
  -e 'VALIDATION'='dns'
  -e 'SUBDOMAINS'='wildcard'
  -e 'CERTPROVIDER'=''
  -e 'DNSPLUGIN'='cloudflare'
  -e 'PROPAGATION'=''
  -e 'EMAIL'='my-email@gmail.com'
  -e 'ONLY_SUBDOMAINS'='false'
  -e 'EXTRA_DOMAINS'=''
  -e 'STAGING'='false'
  -e 'DOCKER_MODS'='linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-reload|linuxserver/mods:swag-maxmind|linuxserver/mods:swag-auto-proxy'
  -e 'WATCHLIST'='/config/nginx/proxy-confs'
  -e 'DOCKER_HOST'='dockersocket'
  -e 'MAXMINDDB_LICENSE_KEY'='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
  -e 'PUID'='99'
  -e 'PGID'='100'
  -e 'UMASK'='022'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver-ls-logo.png'
  -p '5443:443/tcp'
  -p '5480:80/tcp'
  -v '/mnt/user/appdata/swag':'/config':'rw'
  --cap-add=NET_ADMIN 'lscr.io/linuxserver/swag:latest'
365160706c08a82e2fb45719125cfd5c6b62bd29cae976010496332ae74423aa

Container logs

[mod-init] Running Docker Modification Logic
[mod-init] Adding linuxserver/mods:universal-docker to container
[mod-init] Downloading linuxserver/mods:universal-docker from lscr.io
[mod-init] Installing linuxserver/mods:universal-docker
[mod-init] linuxserver/mods:universal-docker applied to container
[mod-init] Adding linuxserver/mods:swag-auto-reload to container
[mod-init] Downloading linuxserver/mods:swag-auto-reload from lscr.io
[mod-init] Installing linuxserver/mods:swag-auto-reload
[mod-init] linuxserver/mods:swag-auto-reload applied to container
[mod-init] Adding linuxserver/mods:swag-maxmind to container
[mod-init] Downloading linuxserver/mods:swag-maxmind from lscr.io
[mod-init] Installing linuxserver/mods:swag-maxmind
[mod-init] linuxserver/mods:swag-maxmind applied to container
[mod-init] Adding linuxserver/mods:swag-auto-proxy to container
[mod-init] Downloading linuxserver/mods:swag-auto-proxy from lscr.io
[mod-init] Installing linuxserver/mods:swag-auto-proxy
[mod-init] linuxserver/mods:swag-auto-proxy applied to container
[migrations] started
[migrations] 01-nginx-site-confs-default: skipped
[migrations] done
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝

   Brought to you by linuxserver.io
───────────────────────────────────────

To support the app dev(s) visit:
Certbot: https://supporters.eff.org/donate/support-work-on-certbot

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    99
User GID:    100
───────────────────────────────────────

using keys found in /config/keys
Variables set:
PUID=99
PGID=100
TZ=America/New_York
URL=my-domain.net
SUBDOMAINS=wildcard
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=false
VALIDATION=dns
CERTPROVIDER=
DNSPLUGIN=cloudflare
EMAIL=my-email@gmail.com
STAGING=false

Please set the DNSPLUGIN variable to one of the following:

[github-actions[bot]]

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

[Roxedus]

Which cpu do you have?

[usableweb]

Which cpu do you have?

As per Environment in report: Quad-core AMD Opteron 2347HE

[j0nnymoe]

Your cpu was released in 2007, there was a package update to lxml requiring SSE 4.2 which your CPU does not have as a feature.

[usableweb]

Your cpu was released in 2007, there was a package update to lxml requiring SSE 4.2 which your CPU does not have as a feature.

Yes - I was monitoring the conversation on discord, however but according to cpu-world and a few other sources, this CPU supports SSE4 extensions. Am I misreading the information?

[j0nnymoe]

4.2 is newer than 4: The first AMD CPUs with SSE 4.2 support were launched in October 2011. https://www.cpu-world.com/Glossary/S/SSE4.2.html

[usableweb]

Looks like lxml will be the death of my current frame. (sigh) Next stop: ebay.

[gadolf66]

Hum, I get the same error as @usableweb and my cpu seems to support only sse2 ...

gustavo@srv2:~/docker/ttrss$ cat /proc/cpuinfo | grep sse
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl cpuid aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm xsave lahf_lm pti tpr_shadow vnmi flexpriority vpid dtherm
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl cpuid aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm xsave lahf_lm pti tpr_shadow vnmi flexpriority vpid dtherm

Sad and without budget to upgrade the mobo

I think I'll have to stick with version 2.9.0 for a long time...

[jacgl]

Unfortunately, it also means no support for bunch of Wyse thin clients D10/D90 based on quite popular AMD GT48E. This processor suports AMD specific sse4a: flags: sse sse2 sse3 sse4a

[michaelborn]

Ok, this issue happened to me even though my CPU supports sse4. Here's the writeup.

TLDR: you may have borked your DNS configuration and need to adjust it in config/etc/letsencrypt/cli.ini.

Consider this case:

1. You copy the environment variables out of docker-compose.yml into a .env file, then set that in the container via the env_file: syntax.
2. You neglect to comment out any env vars with the # optional comment: PROPAGATION= #optional

When the container starts up, you will have an invalid PROPAGATION value copied into your DNS configuration in config/etc/letsencrypt/cli.ini:

// etc, etc....
dns-cloudflare-propagation-seconds=#optional

This then breaks the call to certbot plugins --authenticators line, so no valid DNS plugin values are found:

/# certbot plugins --authenticators
usage: 
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate. 
certbot: error: argument --dns-cloudflare-propagation-seconds: invalid int value: '#optional'

This could be solved or greatly improved by better error handling around the certbot plugins --authenticators check. If CERTBOT_DNS_AUTHENTICATORS is an empty string, something's not right.

https://github.com/linuxserver/docker-swag/blob/210134745de99783924c9eceae239cafdf3fe48c/root/etc/s6-overlay/s6-rc.d/init-certbot-config/run#L35

[toddke]

Ok, this issue happened to me even though my CPU supports sse4. Here's the writeup.

TLDR: you may have borked your DNS configuration and need to adjust it in config/etc/letsencrypt/cli.ini.

Consider this case:

1. You copy the environment variables out of docker-compose.yml into a .env file, then set that in the container via the env_file: syntax.
2. You neglect to comment out any env vars with the # optional comment: PROPAGATION= #optional

It's not even that difficult. I previously used Google Domains as my DNS provider. When they sold out to Squarespace, I transferred my domain to Cloud Flare.

After this, my cli.ini contained entries from both cloudflare.ini and google-domains.ini. This eventually led to very similar behaviour:

/# certbot plugins --authenticators
usage:
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: unrecognized arguments: --dns-google-domains-credentials=/config/dns-conf/google-domains.ini

I had to manually edit cli.ini to remove the deprecated google domains credentials.