cont.

Author: Leechael

custom-domain/dstack-ingress/scripts/certman.py

@@ -106,12 +106,38 @@ def install_plugin(self) -> bool:
                 test_result = subprocess.run(test_cmd, capture_output=True, text=True, timeout=10)
 
                 if test_result.returncode == 0 and "dns-namecheap" in test_result.stdout:
-                    print(f"Plugin {self.provider.CERTBOT_PLUGIN} is available in certbot")
+                    print(f"✓ Plugin {self.provider.CERTBOT_PLUGIN} is available in certbot")
                     return True
                 else:
                     print(f"Warning: dns-namecheap plugin not found in certbot plugins list")
                     if test_result.stderr:
                         print(f"Plugin test stderr: {test_result.stderr}")
+                    
+                    # Debug plugin registration
+                    self._debug_plugin_registration()
+                    
+                    # Try force reinstall to fix plugin registration
+                    print("Attempting to fix plugin registration...")
+                    try:
+                        import sys
+                        force_cmd = [sys.executable, "-m", "pip", "install", "--force-reinstall", 
+                                   "--no-deps", self.provider.CERTBOT_PACKAGE]
+                        print(f"Running: {' '.join(force_cmd)}")
+                        force_result = subprocess.run(force_cmd, capture_output=True, text=True)
+                        
+                        if force_result.returncode == 0:
+                            # Test again after reinstall
+                            retest_result = subprocess.run(test_cmd, capture_output=True, text=True, timeout=10)
+                            if retest_result.returncode == 0 and "dns-namecheap" in retest_result.stdout:
+                                print(f"✓ Plugin registration fixed after reinstall")
+                                return True
+                            else:
+                                print(f"Plugin still not registered, may work anyway")
+                        else:
+                            print(f"Force reinstall failed: {force_result.stderr}")
+                    except Exception as fix_error:
+                        print(f"Plugin fix attempt failed: {fix_error}")
+                    
                     # Continue anyway - may work in Docker environments
                     return True
 
@@ -121,6 +147,45 @@ def install_plugin(self) -> bool:
 
         return True
 
+    def _debug_plugin_registration(self) -> None:
+        """Debug why plugin is not being registered by certbot."""
+        try:
+            import pkg_resources
+            print("=== Plugin Registration Debug ===")
+            
+            # Check entry points
+            try:
+                entry_points = list(pkg_resources.iter_entry_points('certbot.plugins'))
+                print(f"Found {len(entry_points)} certbot plugins:")
+                for ep in entry_points:
+                    print(f"  - {ep.name}: {ep.module_name}")
+                
+                # Look specifically for dns-namecheap
+                namecheap_eps = [ep for ep in entry_points if ep.name == 'dns-namecheap']
+                if namecheap_eps:
+                    print(f"✓ Found dns-namecheap entry point: {namecheap_eps[0]}")
+                else:
+                    print(f"✗ dns-namecheap entry point not found")
+            except Exception as ep_error:
+                print(f"Entry point check failed: {ep_error}")
+            
+            # Check if certbot can import the plugin module
+            try:
+                from certbot_dns_namecheap import dns_namecheap
+                print(f"✓ Plugin module can be imported")
+                
+                # Check if it has the right class
+                if hasattr(dns_namecheap, 'Authenticator'):
+                    print(f"✓ Authenticator class found")
+                else:
+                    print(f"✗ Authenticator class not found")
+            except Exception as import_error:
+                print(f"✗ Plugin module import failed: {import_error}")
+            
+            print("=== End Debug ===")
+        except Exception as debug_error:
+            print(f"Debug failed: {debug_error}")
+    
     def _validate_provider_credentials(self) -> bool:
         """Validate provider credentials by testing API access."""
         print(f"Validating {self.provider_type} API credentials...")
@@ -204,10 +269,24 @@ def obtain_certificate(self, domain: str, email: str) -> bool:
                 return True
             else:
                 print(f"✗ Certificate obtaining failed (exit code: {result.returncode})")
-                if result.stderr.strip():
-                    print(f"Error details: {result.stderr.strip()}")
-                if result.stdout.strip():
-                    print(f"Output: {result.stdout.strip()}")
+                
+                # Check for specific error patterns
+                error_output = result.stderr.strip() if result.stderr else ""
+                stdout_output = result.stdout.strip() if result.stdout else ""
+                
+                if "unrecognized arguments" in error_output:
+                    print(f"Plugin arguments not recognized by certbot")
+                    print(f"This suggests the plugin is not properly registered")
+                elif "DNS problem" in error_output or "DNS problem" in stdout_output:
+                    print(f"DNS validation failed - check domain configuration")
+                elif "Rate limited" in error_output or "Rate limited" in stdout_output:
+                    print(f"Rate limited by Let's Encrypt")
+                
+                if error_output:
+                    print(f"stderr: {error_output}")
+                if stdout_output:
+                    print(f"stdout: {stdout_output}")
+                
                 return False
 
         except subprocess.TimeoutExpired:
@@ -233,9 +312,31 @@ def renew_certificate(self, domain: str) -> Tuple[bool, bool]:
         cmd = self._build_certbot_command("renew", domain, "")
 
         try:
-            result = subprocess.run(cmd, capture_output=True, text=True)
-            if result.returncode != 0:
-                print(f"Certificate renewal failed: {result.stderr}", file=sys.stderr)
+            result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
+            
+            if result.returncode == 0:
+                print(f"✓ Certificate renewal completed")
+                return True, True
+            else:
+                error_output = result.stderr.strip() if result.stderr else ""
+                stdout_output = result.stdout.strip() if result.stdout else ""
+                
+                print(f"✗ Certificate renewal failed (exit code: {result.returncode})")
+                
+                # Check for specific error patterns
+                if "unrecognized arguments" in error_output:
+                    print(f"Plugin arguments not recognized by certbot")
+                elif "No renewals were attempted" in stdout_output:
+                    print(f"No certificates need renewal")
+                    return True, False  # Success but no renewal needed
+                elif "DNS problem" in error_output or "DNS problem" in stdout_output:
+                    print(f"DNS validation failed during renewal")
+                
+                if error_output:
+                    print(f"stderr: {error_output}")
+                if stdout_output:
+                    print(f"stdout: {stdout_output}")
+                
                 return False, False
 
             # Check if no renewals were needed