I am trying to use SWAG for a new docker setp but for some reason the gandi DNS validation is not working.
For reference this is my docker-config.yml:
---
services:
swag:
image: lscr.io/linuxserver/swag:latest
container_name: swag
cap_add:
- NET_ADMIN
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
- URL=<mydomain>
- VALIDATION=dns
- SUBDOMAINS=wildcard
- DNSPLUGIN=gandi
- EMAIL=<myemail>
volumes:
- /home/<user>/docker/swag/config:/config
ports:
- 443:443
- 80:80 #optional
- 443:443/udp #optional
restart: unless-stopped
Now I have set my gandi PAT in the /config/dns-conf/gandi.ini file.
When I run docker compose up I get the following:
swag | Using Let's Encrypt as the cert provider
swag | Using Let's Encrypt as the cert provider
swag | SUBDOMAINS entered, processing
swag | Wildcard cert for <mydomain> will be requested
swag | SUBDOMAINS entered, processing
swag | Wildcard cert for <mydomain> will be requested
swag | E-mail address entered: <myemail>
swag | E-mail address entered: <myemail>
swag | dns validation via gandi plugin is selected
swag | Generating new certificate
swag | dns validation via gandi plugin is selected
swag | Generating new certificate
swag | Saving debug log to /config/log/letsencrypt/letsencrypt.log
swag | Saving debug log to /config/log/letsencrypt/letsencrypt.log
swag | Requesting a certificate for <mydomain> and *.<mydomain>
swag | Requesting a certificate for <mydomain> and *.<mydomain>
swag | Unsafe permissions on credentials configuration file: /config/dns-conf/gandi.ini
swag | Unsafe permissions on credentials configuration file: /config/dns-conf/gandi.ini
swag | Unable to find or delete the DNS TXT record: Unable to get base domain for "<mydomain>"
swag | Unable to find or delete the DNS TXT record: Unable to get base domain for "<mydomain>"
swag | Unable to find or delete the DNS TXT record: Unable to get base domain for "<mydomain>"
swag | Unable to find or delete the DNS TXT record: Unable to get base domain for "<mydomain>"
swag | An error occurred adding the DNS TXT record: Unable to get base domain for "<mydomain>"
swag | Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /config/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
swag | An error occurred adding the DNS TXT record: Unable to get base domain for "<mydomain>"
swag | Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /config/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
swag | ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the /config/dns-conf/gandi.ini file.
swag | ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the /config/dns-conf/gandi.ini file.
I initially thought the issue was with my Gandi PAT, so I have installed certbot on the pc and managed to successfully create a cert with it using the same PAT, which means it is soemthing other than an authentication issue.
Has anyone else had this issue with gandi and managed to fix it?