Letsencrypt not installing in ubuntu virtualenv

Hi. I have tried to install Letsencrypt using the tutorial by mf_social “https://home-assistant.io/docs/ecosystem/certificates/lets_encrypt/#0---gain-a-basic-level-of-understanding-around-ip-addresses-port-numbers-and-port-forwarding”.

I have configured port forwarding 8123 to 8123, 80 to 80, and 443 to 443 on my HA server.
I have set up duckdns so that using http://[myname].duckdns.org:8123 opens my HA web page.

As the user “home assistant” I get as far as “./certbot-auto certonly --standalone --preferred-challenges http-01 --email [email protected] -d examplehome.duckdns.org” and it asks for the sudo password ( I have added “home assistant” to sudoers). There isn’t a password for this user.

As the user that I SSH into the server, having set up the the certbot/certbot-auto in this user’s directory when I type in “./certbot-auto certonly --standalone --preferred-challenges http-01 --email [email protected] -d examplehome.duckdns.org” I get the following response:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for [myname].duckdns.org
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.

The directory /etc/letsencrypt/ has been added but the contents consist only of:
. … accounts renewal renewal-hooks
No directory or file called “live”. I get “Permission denied” when I try to look in any of the directories as either user, so I can’t see if “live” is hiding in them somewhere.

I can’t open the log file, I can’t get access either as “home assistant” or as the user I SSH into the server with.

I have checked what is occupying port 80 (I read that that one cause of getting stuck at this stage was something else using port 80) using ~/certbot$ sudo netstat -tupln | grep :80 and get:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1224/apache2

I have stopped apache2 but perhaps unsurprisingly this doesn’t help (I am a novice).

Any suggestions gratefully appreciated. I have spent a few days on this and because I am a novice I have been going around in circles.
Thank you for your help.

Did you shutdown your home assistant instance while running cert?

Thanks Bartem for your quick reply. I had not shutdown the home assistant instance. I shut it down, closed the autostart, rebooted the server, checked HA wasn’t running and then as the SSH user I tried (with my details in the right places)
./certbot-auto certonly --standalone --preferred-challenges http-01 --email [email protected] -d examplehome.duckdns.org

Unfortunately the same result:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for [myname].duckdns.org
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.

Thanks again for your suggestion.

I am by no means an expert either but just curious if you tried running Certbot just as your regular username with sudo command? I don’t remember running mine as The Homeassistant user just from my normal terminal believe.

Also someone else may be able to clear this up but I don’t believe you want homeAssistant in the sudoers group… I think it’s a security risk and you just want to NOT have a password set for it… someone please correct me if I’m wrong…

Thanks for the advice Bartem.
I have tried both homeassistant and my regular username (this is the one I use to SSH into Ubuntu).
I added the homeassistant user to sudoer because this was advised in another thread. This did not help because I was still asked for the sudo password and my homeassistant has no password.
I have since removed homeassistant from the sudoer list.
Thanks again.