From 657cd28344475a0f82a1fd573df6c6a18befc1b2 Mon Sep 17 00:00:00 2001 From: jknapp Date: Fri, 20 Feb 2026 06:18:14 -0800 Subject: [PATCH] Fix certbot hook script paths and add logging Hook scripts are at /haproxy/scripts/ inside the container (per Dockerfile COPY), not /app/scripts/. Also added logging of certbot stdout/stderr so failures are visible in haproxy-manager.log. Co-Authored-By: Claude Opus 4.6 --- haproxy_manager.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/haproxy_manager.py b/haproxy_manager.py index 3588f53..b0d1d25 100644 --- a/haproxy_manager.py +++ b/haproxy_manager.py @@ -1154,8 +1154,9 @@ def dns_challenge_request(): # Start certbot in background thread def run_certbot(): try: - auth_hook = '/app/scripts/dns-challenge-auth-hook.sh' - cleanup_hook = '/app/scripts/dns-challenge-cleanup-hook.sh' + auth_hook = '/haproxy/scripts/dns-challenge-auth-hook.sh' + cleanup_hook = '/haproxy/scripts/dns-challenge-cleanup-hook.sh' + logger.info(f"Starting certbot DNS-01 for *.{base_domain} with auth_hook={auth_hook}") result = subprocess.run([ 'certbot', 'certonly', '-n', '--manual', '--preferred-challenges', 'dns-01', @@ -1163,10 +1164,11 @@ def dns_challenge_request(): '--manual-auth-hook', auth_hook, '--manual-cleanup-hook', cleanup_hook ], capture_output=True, text=True, timeout=600) + logger.info(f"DNS-01 certbot stdout for *.{base_domain}: {result.stdout}") if result.returncode == 0: logger.info(f"DNS-01 certbot completed successfully for *.{base_domain}") else: - logger.error(f"DNS-01 certbot failed for *.{base_domain}: {result.stderr}") + logger.error(f"DNS-01 certbot failed for *.{base_domain} (rc={result.returncode}): {result.stderr}") except subprocess.TimeoutExpired: logger.error(f"DNS-01 certbot timed out for *.{base_domain}") except Exception as e: