Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Acme-Dns Server Failing #352

Open
raphael10-collab opened this issue Apr 23, 2024 · 1 comment
Open

Acme-Dns Server Failing #352

raphael10-collab opened this issue Apr 23, 2024 · 1 comment

Comments

@raphael10-collab
Copy link

I tried few times but I get Acme-Dns Server Failures :

root@k8s-eu-1-control-plane-node-1:~# git clone https://github.com/joohoi/acme-dns
Cloning into 'acme-dns'...
remote: Enumerating objects: 6729, done.
remote: Counting objects: 100% (23/23), done.
remote: Compressing objects: 100% (23/23), done.
remote: Total 6729 (delta 1), reused 18 (delta 0), pack-reused 6706
Receiving objects: 100% (6729/6729), 25.90 MiB | 18.18 MiB/s, done.
Resolving deltas: 100% (1507/1507), done.
root@k8s-eu-1-control-plane-node-1:~# cd acme-dns/
root@k8s-eu-1-control-plane-node-1:~/acme-dns# export GOPATH=/tmp/acme-dns
root@k8s-eu-1-control-plane-node-1:~/acme-dns# go build
root@k8s-eu-1-control-plane-node-1:~/acme-dns# sudo mv acme
acme-dns          acme-dns.service  acmetxt.go        
root@k8s-eu-1-control-plane-node-1:~/acme-dns# sudo mv acme-dns /usr/local/bin
root@k8s-eu-1-control-plane-node-1:~/acme-dns# sudo mv config.cfg /etc/acme-dns/config.cfg 
root@k8s-eu-1-control-plane-node-1:~/acme-dns# sudo mv acme-dns.service /etc/systemd/system/acme-dns.service
root@k8s-eu-1-control-plane-node-1:~/acme-dns# cd

root@k8s-eu-1-control-plane-node-1:~# sudo nano /etc/acme-dns/config.cfg 

root@k8s-eu-1-control-plane-node-1:~# cat /etc/acme-dns/config.cfg 
[general]
# DNS interface. Note that systemd-resolved may reserve port 53 on 127.0.0.53
# In this case acme-dns will error out and you will need to define the listening interface
# for example: listen = "127.0.0.1:53"
listen = "127.0.0.1:53"
# protocol, "both", "both4", "both6", "udp", "udp4", "udp6" or "tcp", "tcp4", "tcp6"
protocol = "both"
# domain name to serve the requests off of
domain = "auth.grasp.deals"
# zone name server
nsname = "auth.grasp.deals"
# admin email address, where @ is substituted with .
nsadmin = "admin.grasp.deals"
# predefined records served in addition to the TXT
records = [
    # domain pointing to the public IP of your acme-dns server 
    "auth.grasp.deals. A bb.bbb.bbb.bb",
    # specify that auth.example.org will resolve any *.auth.example.org records
    "auth.grasp.deals. NS auth.grasp.deals.",
]
# debug messages from CORS etc
debug = false

[database]
# Database engine to use, sqlite3 or postgres
engine = "sqlite3"
# Connection string, filename for sqlite3 and postgres://$username:$password@$host/$db_name for postgres
# Please note that the default Docker image uses path /var/lib/acme-dns/acme-dns.db for sqlite3
connection = "/var/lib/acme-dns/acme-dns.db"
# connection = "postgres://user:password@localhost/acmedns_db"

[api]
# listen ip eg. 127.0.0.1
ip = "0.0.0.0"
# disable registration endpoint
disable_registration = false
# listen port, eg. 443 for default HTTPS
port = "443"
# possible values: "letsencrypt", "letsencryptstaging", "cert", "none"
tls = "letsencryptstaging"
# only used if tls = "cert"
tls_cert_privkey = "/etc/tls/example.org/privkey.pem"
tls_cert_fullchain = "/etc/tls/example.org/fullchain.pem"
# only used if tls = "letsencrypt"
acme_cache_dir = "api-certs"
# optional e-mail address to which Let's Encrypt will send expiration notices for the API's cert
notification_email = ""
# CORS AllowOrigins, wildcards can be used
corsorigins = [
    "*"
]
# use HTTP header to get the client ip
use_header = false
# header name to pull the ip address / list of ip addresses from
header_name = "X-Forwarded-For"

[logconfig]
# logging level: "error", "warning", "info" or "debug"
loglevel = "debug"
# possible values: stdout, TODO file & integrations
logtype = "stdout"
# file path for logfile TODO
# logfile = "./acme-dns.log"
# format, either "json" or "text"
logformat = "text"


root@k8s-eu-1-control-plane-node-1:~# sudo adduser --system --gecos "acme-dns Service" --disabled-password --group --home /var/lib/acme-dns acme-dns
Warning: The home dir /var/lib/acme-dns you specified already exists.
The system user `acme-dns' already exists. Exiting.


root@k8s-eu-1-control-plane-node-1:~# sudo systemctl daemon-reload
root@k8s-eu-1-control-plane-node-1:~# sudo systemctl enable acme-dns.service
root@k8s-eu-1-control-plane-node-1:~# sudo systemctl start acme-dns.service

root@k8s-eu-1-control-plane-node-1:~# sudo systemctl status acme-dns.service
× acme-dns.service - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely
     Loaded: loaded (/etc/systemd/system/acme-dns.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Tue 2024-04-23 09:16:19 CEST; 3min 14s ago
    Process: 367426 ExecStart=/usr/local/bin/acme-dns (code=exited, status=1/FAILURE)
   Main PID: 367426 (code=exited, status=1/FAILURE)
        CPU: 5ms

Apr 23 09:16:19 k8s-eu-1-control-plane-node-1 systemd[1]: acme-dns.service: Scheduled restart job, restart counter is at 5.
Apr 23 09:16:19 k8s-eu-1-control-plane-node-1 systemd[1]: Stopped Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
Apr 23 09:16:19 k8s-eu-1-control-plane-node-1 systemd[1]: acme-dns.service: Start request repeated too quickly.
Apr 23 09:16:19 k8s-eu-1-control-plane-node-1 systemd[1]: acme-dns.service: Failed with result 'exit-code'.
Apr 23 09:16:19 k8s-eu-1-control-plane-node-1 systemd[1]: Failed to start Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.


root@k8s-eu-1-control-plane-node-1:~# cat /etc/systemd/system/multi-user.target.wants/acme-dns.service 
[Unit]
Description=Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely
After=network.target

[Service]
User=acme-dns
Group=acme-dns
AmbientCapabilities=CAP_NET_BIND_SERVICE
WorkingDirectory=~
ExecStart=/usr/local/bin/acme-dns
#Restart=on-failure
StartLimitInterval=30

[Install]
WantedBy=multi-user.target

root@k8s-eu-1-control-plane-node-1:~# cat /etc/systemd/system/multi-user.target.wants/acme-dns.service 
[Unit]
Description=Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely
After=network.target

[Service]
User=acme-dns
Group=acme-dns
AmbientCapabilities=CAP_NET_BIND_SERVICE
WorkingDirectory=~
ExecStart=/usr/local/bin/acme-dns
#Restart=on-failure
StartLimitInterval=30

[Install]
WantedBy=multi-user.target
root@k8s-eu-1-control-plane-node-1:~# 
root@k8s-eu-1-control-plane-node-1:~# sudo systemctl status acme-dns.service
× acme-dns.service - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely
     Loaded: loaded (/etc/systemd/system/acme-dns.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Tue 2024-04-23 09:21:34 CEST; 10min ago
    Process: 369729 ExecStart=/usr/local/bin/acme-dns (code=exited, status=1/FAILURE)
   Main PID: 369729 (code=exited, status=1/FAILURE)
        CPU: 10ms

Apr 23 09:21:34 k8s-eu-1-control-plane-node-1 systemd[1]: Started Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
Apr 23 09:21:34 k8s-eu-1-control-plane-node-1 acme-dns[369729]: time="2024-04-23T09:21:34+02:00" level=info msg="Using config file" file=/etc/acme-dns/config.cfg
Apr 23 09:21:34 k8s-eu-1-control-plane-node-1 acme-dns[369729]: time="2024-04-23T09:21:34+02:00" level=error msg="Error in DB upgrade" error="Binary was compiled with 'CGO_ENABLED=0', go-sqlite3 requires cgo to work. This is a stub"
Apr 23 09:21:34 k8s-eu-1-control-plane-node-1 acme-dns[369729]: time="2024-04-23T09:21:34+02:00" level=error msg="Could not open database [Binary was compiled with 'CGO_ENABLED=0', go-sqlite3 requires cgo to work. This is a stub]"
Apr 23 09:21:34 k8s-eu-1-control-plane-node-1 systemd[1]: acme-dns.service: Main process exited, code=exited, status=1/FAILURE
Apr 23 09:21:34 k8s-eu-1-control-plane-node-1 systemd[1]: acme-dns.service: Failed with result 'exit-code'.

OS: Ubuntu 22.10

@maddes-b
Copy link

Just read the last lines of the log and you get the solution. Please close the issue then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants