Ensure ACME Server is valid

Starting this container can fail at certbot initialization with this
error (reported at the end of /var/log/letsencrypt/letsencrypt.log):

   HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443):
   Max retries exceeded with url: /directory "[Errno -3] Try again"

which does not tell much about the real problem and it just sounds like
a possible DNS resolution issue.

However, by logging into the container after the error above, a simple:

   wget https://acme-v02.api.letsencrypt.org/directory

usually works. It works also the exact same certbot command
logged in /var/log/letsencrypt/letsencrypt.log.

This has been verified happening for example while installing the
contained on a QNAP NAS with a bridged network setup.

Turns out that on some systems a small delay is required before running
network access operations (e.g. running certbot).

Add a tight look to ckeck for a valid resolution of ACMESERVER.
Report a clearer error in case we cannot resolve the server withing
1 min.
Otherwise, continue with the init script, as soon as nslook is
happy.

No overheads for generic systems: just a local nslookup will be
performed, which response caching will benifit anyway the following
certbot connection.

Signed-off-by: Patrick Bellasi <patrick.bellasi@matbug.net>

root/etc/cont-init.d/50-config

@@ -139,6 +139,15 @@ else
   ACMESERVER="https://acme-v02.api.letsencrypt.org/directory"
 fi
 
+# check for the ACME server to be valid
+ACMEHOST=$(echo $ACMESERVER | awk -F/ '{print $3}')
+echo "Waiting (up to 1min) for [$ACMEHOST] to be reachable..."
+timeout 1m bash -c "until nslookup $ACMEHOST >/dev/null; do sleep 1; done"
+if [ $? -ne 0 ]; then
+  echo "ERROR: Cannot resolv $ACMEHOST"
+  sleep infinity
+fi
+
 # figuring out url only vs url & subdomains vs subdomains only
 if [ -n "$SUBDOMAINS" ]; then
   echo "SUBDOMAINS entered, processing"