ACME DNS plugin lua not working

B

bemesser

Member
Proxmox Subscriber
Dec 8, 2021
2
0
6
64
Hi,

my ACME-configuration ends up in an error message:
[Sat Dec 30 16:35:23 CET 2023] Error add txt for domain:_acme-challenge.pve1.xy.com
TASK ERROR: command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup lua pve1.xy.com' failed: exit code 1

What I did:
  1. Configure an ACME account "Staging" for the cluster
  2. Configure the DNS plugin for LUA named "luadns" with API-Data:
    LUA_Key="mykey"
    LUA_Email="postmaster@xy.com"
  3. Configured Node Domian on node as pve1.xy.com
  4. On trying to get a certificate, I get an error message as shown above.
What I checked:
  1. pvenode acme account info Staging responds with correct account data
  2. pvenode acme plugin list gives back luadns (and standalone) as expected
  3. pvenode acme plugin config luadns shows the correct API data
  4. pvenode acme cert order --force results in the error
root@pve1:~# pvenode acme cert order --force
Loading ACME account details
Placing ACME order
Order URL: https://acme-v02.api.letsencrypt.org/acme/order/123

Getting authorization details from 'https://acme-v02.api.letsencrypt.org/acme/authz-v3/123'
The validation for pve1.xy.com is pending!
[Sat Dec 30 16:12:44 CET 2023] invalid domain
[Sat Dec 30 16:12:44 CET 2023] Error add txt for domain:_acme-challenge.pve1.xy.com
command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup lua pve1.xy.com' failed: exit code 1
Task command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup lua pve1.xy.com' failed: exit code 1
root@pve1:~#

After "Google"-ing I did not find any hint.
Anybody out there having some ideas?
 
bemesser said:
Hi,

my ACME-configuration ends up in an error message:
[Sat Dec 30 16:35:23 CET 2023] Error add txt for domain:_acme-challenge.pve1.xy.com
TASK ERROR: command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup lua pve1.xy.com' failed: exit code 1

What I did:
  1. Configure an ACME account "Staging" for the cluster
  2. Configure the DNS plugin for LUA named "luadns" with API-Data:
    LUA_Key="mykey"
    LUA_Email="postmaster@xy.com"
  3. Configured Node Domian on node as pve1.xy.com
  4. On trying to get a certificate, I get an error message as shown above.
What I checked:
  1. pvenode acme account info Staging responds with correct account data
  2. pvenode acme plugin list gives back luadns (and standalone) as expected
  3. pvenode acme plugin config luadns shows the correct API data
  4. pvenode acme cert order --force results in the error
root@pve1:~# pvenode acme cert order --force
Loading ACME account details
Placing ACME order
Order URL: https://acme-v02.api.letsencrypt.org/acme/order/123

Getting authorization details from 'https://acme-v02.api.letsencrypt.org/acme/authz-v3/123'
The validation for pve1.xy.com is pending!
[Sat Dec 30 16:12:44 CET 2023] invalid domain
[Sat Dec 30 16:12:44 CET 2023] Error add txt for domain:_acme-challenge.pve1.xy.com
command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup lua pve1.xy.com' failed: exit code 1
Task command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup lua pve1.xy.com' failed: exit code 1
root@pve1:~#

After "Google"-ing I did not find any hint.
Anybody out there having some ideas?
Click to expand...

@bemesser I experienced the exact same issue and came across this post and it seems that it was the problem for me, make sure you don't have any " character in your Lua_Key and Lua_Email field as apparently the '=' character is the delimiter and there is not much processing beyond find the delimiter and taking everything after the '=' character.

HTH
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back