can someone help with instructions to install certbot to automatically renew ssl certificates on my Raspberry Pi 4 running Anthias? I think since nginx is running inside a docker container, certbot can’t find it. Here is the error:
$ sudo certbot --nginx
“The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(“Could not find a usable ‘nginx’ binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.”)”
Thank you for the suggestion. I tried your instructions. It ran bash in the correct container, installed certbot, but unfortunately the last command results in the same kind or error as before:
root@0485028c74d8:/# sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The requested nginx plugin does not appear to be installed
I can verify that the package above exists for the NGINX Docker container by running apt info python3-certbot-nginx:
root@48a11fec5ac2:/# apt info python3-certbot-nginx
Package: python3-certbot-nginx
Version: 2.1.0-2
Priority: optional
Section: python
Source: python-certbot-nginx
Maintainer: Debian Let's Encrypt <team+letsencrypt@tracker.debian.org>
Installed-Size: 175 kB
Depends: certbot, nginx, python3-acme-abi-2 (>= 2.1), python3-certbot-abi-2 (>= 2.1), python3-acme, python3-certbot, python3-openssl, python3-pkg-resources, python3-pyparsing, python3:any
Suggests: python-certbot-nginx-doc
Homepage: https://letsencrypt.org/
Download-Size: 37.4 kB
APT-Sources: http://archive.raspbian.org/raspbian bookworm/main armhf Packages
Description: Nginx plugin for Certbot
The objective of Certbot, Let's Encrypt, and the ACME (Automated
Certificate Management Environment) protocol is to make it possible
to set up an HTTPS server and have it automatically obtain a
browser-trusted certificate, without any human intervention. This is
accomplished by running a certificate management agent on the web
server.
.
This agent is used to:
.
- Automatically prove to the Let's Encrypt CA that you control the website
- Obtain a browser-trusted certificate and set it up on your web server
- Keep track of when your certificate is going to expire, and renew it
- Help you revoke the certificate if that ever becomes necessary.
.
This package contains the Nginx plugin to the main application.
@sul, after running sudo apt-get install python3-certbot-nginx, sudo apt-get install -y certbot, and then sudo certbot --nginx, it seems that the certbot installation succeeded, at least given the following output:
$ sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel):
Thank you for the instructions. I was able to install python3-certbox-nginx successfully as well as certbot. Although certbot ran fine, it complained about an ‘A’ record being missing since I am using cname in my dns–this is probably a separate issue altogether. Regardless, unfortunately, anthias seems to have broken along the way because I can no longer see the admin website. I will reformat and reinstall anthias on the RPi 4 again. Will let you know what happens.
Good news, you do not need certbot for this anymore. The enable_ssl.sh script that ships with Anthias sets up HTTPS for you, and if you give it a domain name it will automatically obtain and renew a free Let’s Encrypt certificate, with no certbot and no fiddling inside the container. Marking this as solved. If you would like help running it for your setup, tell us your domain arrangement and we will point you to the right options.