debugging

Author: Leechael

custom-domain/dstack-ingress/scripts/certman.py

@@ -86,15 +86,26 @@ def install_plugin(self) -> bool:
 
     def setup_credentials(self) -> bool:
         """Setup credentials file for certbot using provider implementation."""
-        return self.provider.setup_certbot_credentials()
+        print(f"Setting up credentials for {self.provider_type} provider")
+        result = self.provider.setup_certbot_credentials()
+        if result:
+            print(f"Credentials setup successful for {self.provider_type}")
+        else:
+            print(f"Credentials setup failed for {self.provider_type}")
+        return result
 
     def _build_certbot_command(self, action: str, domain: str, email: str) -> List[str]:
         """Build certbot command using provider configuration."""
+        print(f"Building certbot command for action: {action}, domain: {domain}")
+        
         plugin = self.provider.CERTBOT_PLUGIN
+        print(f"Using plugin: {plugin}")
+        
         if not plugin:
             raise ValueError(f"No certbot plugin configured for {self.provider_type}")
 
         propagation_seconds = self.provider.CERTBOT_PROPAGATION_SECONDS
+        print(f"Propagation seconds configured: {propagation_seconds}")
 
         base_cmd = ["certbot", action]
 
@@ -105,37 +116,77 @@ def _build_certbot_command(self, action: str, domain: str, email: str) -> List[s
                 "--non-interactive",
             ]
         )
+        print(f"Added plugin and non-interactive flags")
 
         # Add credentials file if provider has one configured
         if self.provider.CERTBOT_CREDENTIALS_FILE:
             credentials_file = os.path.expanduser(
                 self.provider.CERTBOT_CREDENTIALS_FILE
             )
+            print(f"Credentials file path (expanded): {credentials_file}")
+            
             if os.path.exists(credentials_file):
-                base_cmd.extend([f"--{plugin}-credentials={credentials_file}"])
+                credentials_arg = f"--{plugin}-credentials={credentials_file}"
+                base_cmd.extend([credentials_arg])
+                print(f"Added credentials argument: {credentials_arg}")
+            else:
+                print(f"Warning: Credentials file does not exist: {credentials_file}")
+        else:
+            print(f"No credentials file configured for provider")
 
         if action == "certonly":
             base_cmd.extend(
                 ["--agree-tos", "--no-eff-email", "--email", email, "-d", domain]
             )
+            print(f"Added certonly-specific arguments")
 
+        # Print the final command with masked email
+        masked_cmd = []
+        for i, arg in enumerate(base_cmd):
+            if i > 0 and base_cmd[i-1] == "--email":
+                masked_cmd.append("<email>")
+            else:
+                masked_cmd.append(arg)
+        print(f"Final certbot command: {' '.join(masked_cmd)}")
+        
         return base_cmd
 
     def obtain_certificate(self, domain: str, email: str) -> bool:
         """Obtain a new certificate for the domain."""
-        print(f"Obtaining new certificate for {domain} using {self.provider_type}")
+        print(f"Starting certificate obtaining process for {domain} using {self.provider_type}")
+        
+        # Check if credentials are set up
+        print(f"Checking credentials setup...")
+        if not self.setup_credentials():
+            print(f"Failed to setup credentials for {self.provider_type}", file=sys.stderr)
+            return False
+        print(f"Credentials setup completed")
 
         cmd = self._build_certbot_command("certonly", domain, email)
+        print(f"Executing certbot command...")
 
         try:
-            result = subprocess.run(cmd, capture_output=True, text=True)
+            result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
+            
+            print(f"Certbot command completed with return code: {result.returncode}")
+            
+            if result.stdout:
+                print(f"Certbot stdout: {result.stdout}")
+            
             if result.returncode != 0:
-                print(f"Certificate obtaining failed: {result.stderr}", file=sys.stderr)
+                print(f"Certificate obtaining failed with return code {result.returncode}")
+                if result.stderr:
+                    print(f"Certificate obtaining failed: {result.stderr}", file=sys.stderr)
+                if result.stdout:
+                    print(f"Certificate stdout on failure: {result.stdout}", file=sys.stderr)
                 return False
 
             print(f"Certificate obtained successfully for {domain}")
             return True
 
+        except subprocess.TimeoutExpired:
+            print(f"Certbot command timed out after 300 seconds", file=sys.stderr)
+            return False
         except Exception as e:
             print(f"Error running certbot: {e}", file=sys.stderr)
             return False

custom-domain/dstack-ingress/scripts/dns_providers/namecheap.py

@@ -34,17 +34,38 @@ def __init__(self):
 
     def setup_certbot_credentials(self) -> bool:
         """Setup credentials file for certbot."""
+        print(f"Setting up Namecheap credentials file...")
+        
         try:
             cred_dir = os.path.expanduser("~/.namecheap")
+            print(f"Creating credentials directory: {cred_dir}")
             os.makedirs(cred_dir, exist_ok=True)
 
             cred_file = os.path.join(cred_dir, "namecheap.ini")
+            print(f"Writing credentials file: {cred_file}")
+            
             with open(cred_file, "w") as f:
                 f.write(f"# Namecheap API credentials used by Certbot\n")
                 f.write(f"dns_namecheap_username={self.username}\n")
                 f.write(f"dns_namecheap_api_key={self.api_key}\n")
 
+            print(f"Setting file permissions to 0o600")
             os.chmod(cred_file, 0o600)
+            
+            print(f"Credentials file created successfully: {cred_file}")
+            
+            # Verify file contents (without showing sensitive data)
+            if os.path.exists(cred_file):
+                with open(cred_file, "r") as f:
+                    lines = f.readlines()
+                print(f"Credentials file has {len(lines)} lines")
+                for i, line in enumerate(lines):
+                    if line.startswith('#'):
+                        print(f"Line {i+1}: {line.strip()}")
+                    elif '=' in line:
+                        key = line.split('=')[0]
+                        print(f"Line {i+1}: {key}=<value>")
+            
             return True
         except Exception as e:
             print(f"Error setting up certbot credentials: {e}")