Are you OK with your IP being logged?

Is there a command line option to accept by default the logging of our IP?

–agree-tos has no effect.

Command line I am using (with Docker):

docker run -it --rm -p 443:443 -p 80:80 --name letsencrypt
-v “/Users/username/letsencrypt/etc/letsencrypt:/etc/letsencrypt”
-v “/Users/username/letsencrypt/var/lib/letsencrypt:/var/lib/letsencrypt”
quay.io/letsencrypt/letsencrypt:latest auth -a manual --agree-dev-preview --server
https://acme-v01.api.letsencrypt.org/directory -m user@email.tld --agree-tos -d mysite.mydomain.tld

then I am getting the “Are you OK with your IP being logged?” question

and each time I have to select Yes before getting the manual lines:

mkdir -p /tmp/letsencrypt/public_html/.well-known/acme-challenge
cd /tmp/letsencrypt/public_html
printf "%s" TGV0c2VuY3J5cHQgaXMgdmVyeSBjb29sLg== > .well-known/acme-challenge/TGV0c2VuY3J5cHQgaXMgdmVyeSBjb29sLg==
# run only once per server:
$(command -v python2 || command -v python2.7 || command -v python2.6) -c \
"import BaseHTTPServer, SimpleHTTPServer; \
SimpleHTTPServer.SimpleHTTPRequestHandler.extensions_map = {'': 'text/plain'}; \
s = BaseHTTPServer.HTTPServer(('', 80), SimpleHTTPServer.SimpleHTTPRequestHandler); \
s.serve_forever()"

Add the flag
--manual-public-ip-logging-ok

2 Likes

I checked man certbot twice before I googled for this. I think they should change the documentation from:

        --manual-public-ip-logging-ok
                              Automatically allows public IP logging (default: Ask)

to:

        --manual-public-ip-logging-ok
                              Automatically agree to allow public IP logging (default: Ask)

Yes, the difference is subtle, but for those of us who use /search for everything, this makes it easier to find. (A search for “ip” has too low signal-to-noise due to length.)