Recent versions of certbot-auto won't run on Debian 7 out of the box, but it's relatively simple to work around.