Hi Mark, sorry to hear of your troubles using the Confconsole Let's Encrypt DNS-01 module. What you describe is definitely not the intended outcome!

For what it's worth (very little I imagine) I actually explicitly tested it in the v18.0 OpenLDAP appliance (in a VM on Proxmox) just before release. There had been some issues with it on v18.0 (the module was initially written by a community member for v17.x - and it worked fine there). But I did a fairly significant rewrite and it should be the version that you have installed (OpenLDAP was only very recently released and should have shipped with the fixed version).

My guess is that you are actually running it in a LXC container rather than a proper VM (and I overlooked some specific LXC limitation). In theory it should work exactly the same whether a container or "proper" VM, but perhaps not?

My next guess is that there is some networking issue and I'm not handling that case (or at least not properly).

First thing first, please double check that you have the latest version. I.e. just run this:

apt update
apt install confconsole

If the first line (apt update) gives any error messages, there is no use running the second and it's almost certainly a network issue. It's fine if your server isn't publicly available, but it still needs outgoing internet access for this process to work - it needs to download lexicon, lexicon needs to download the provider list and then contact your DNS provider.

If the first line goes ok (no warnings or errors) and the second line says something like "confconsole is already at the latest version", then that's not the issue. TBH I'm expecting either the first line to fail (and you have a network issue) or the second line to say it's already up to date. I'd be surprised if you have any other result.

It might be worth seeing if there are any log files in /var/log/confconsole/ considering what you've reported, I doubt that there will be anything useful in there, but perhaps?

A possible workaround (and/or another way to hopefully find the specific issue) would be to perform the same initial setup steps that confconsole should be performing, except directly in the CLI. This should do it:

rm -rf /usr/local/src/venv/lexicon
mkdir -p /usr/local/src/venv
python3 -m venv /usr/local/src/venv/lexicon
/usr/local/src/venv/lexicon/bin/pip install dns-lexicon[full]
ln -s /usr/local/src/venv/lexicon/bin/lexicon /usr/local/bin/lexicon
ln -s /usr/local/src/venv/lexicon/bin/tldextract /usr/local/bin/tldextract

If that fails at any step, please post back with the error message. Ideally copy/paste the text if possible. But a screenshot is also ok - please edit the top post and attach it and let me know (it won't be visible after you save - a dumb quirk of the website, but if you let me know I can take care of it).

If all those commands complete successfully, then please retry running Confconsole and fingers crossed it should work - please let me know how you go. I did test it fairly extensively, but it's possible I missed an edge case.