Help test the new letsencrypt-auto again


#1

The new letsencrypt-auto script that many of you helped test before is almost ready for prime time. Do you have time to run 2 commands? If so, you can help us immensely by proving everything is ready to go on your real-world setups.

Again, this new version…

  • Removes our dependency on git
  • Provides a signature-vouched upgrade mechanism for the install script itself
  • Verifies Python packages with sha256 and pins them to prevent regressions
  • Improves performance by avoiding unnecessary installation work
  • Makes many other fixes

The instructions: https://github.com/letsencrypt/letsencrypt/wiki/letsencrypt-auto-test-plan

Please post your results (“It worked on XYZ Linux 4.5!” or “It didn’t, and here’s the output.”) in this thread. Thank you very much!


#2

The following all worked for me, and worked without installing the second time:
Ubuntu 14.04.3 LTS (x86_64)
Ubuntu 12.04.5 LTS (x86_64)
Raspbian 8 (RPi 1 model B)


#3

Worked: Docker image python:2.7, based on debian:jessie. Had to run $ sudo apt-get update once, which is expected.
Worked: Ubuntu 14.04 x86_64 VPS with letsencrypt already in use.

Version popped up right away on the second try on both setups.


#4

Tested with success on:
Debian 7.9 (32 bits)
Debian 8.3 (64 bits)


#5

tested and broken due to CentOS 6.x virtualenv path not being found

Error due to path to virtualenv not found by letsencrypt-auto. Issue submitted at https://github.com/letsencrypt/letsencrypt/issues/2300 and outlined at Client Version 0.3.0

rpm -ql python27-virtualenv | grep bin
/usr/bin/virtualenv-2.7

full error output at https://gist.github.com/centminmod/6ce4253f3075c25092a8


#6

It worked great on Ubuntu 15.10 64-bit.


#7

Hello,

Tried running letsencrypt-auto on FreeBSD in a VM (Hyper-V). Since FBSD is an “experimental” platform, here’s the output:

New packages to be INSTALLED:
   py27-virtualenv: 14.0.0
   augeas: 1.4.0

   The process will require 6 MiB more space.
   3 MiB to be downloaded.
   Fetching py27-virtualenv-14.0.0.txz: 100%    2 MiB   1.1MB/s    00:02
   Fetching augeas-1.4.0.txz: 100%  575 KiB 588.4kB/s    00:01
   Checking integrity... done (0 conflicting)
   [1/2] Installing py27-virtualenv-14.0.0...
   [1/2] Extracting py27-virtualenv-14.0.0: 100%
   [2/2] Installing augeas-1.4.0...
   [2/2] Extracting augeas-1.4.0: 100%
   Checking for new version...
   Creating virtual environment...
   Installing Python packages...
   Requesting root privileges to run letsencrypt...
   sudo /home/jra/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade --debug
   No installers are available on your OS yet; try running "letsencrypt-auto certonly" to get a cert you can install manually

So I think that worked as expected. That last message seems to mean the new version is used like the existing FBSD “py27-letsencrypt-0.1.0” with “certonly”. It worked great before, and anticipate the same in the new version.

I’ll need to run letsencrypt-auto on one of my internet-connected servers to test fetching certificates.


#8

Yep, that’s a success. Since you didn’t pass --version, it tried to actually do its job, hence the “No installers” message. Thanks for testing!


#9

Thanks; great ticket! This doesn’t appear to be a regression from the existing (older) letsencrypt-auto script, but correct me if I’m wrong. Thanks for testing!


#10

Success with OS X 10.11.4 Beta (115E33e)

Initially I had an error in the middle of the script run. When I deleted ~/.local/share/letsencrypt and /usr/local/Cellar/dialog to look like a fresh install, the script ran as expected.

Jeff


#11

I also successfully completed the bonus test and then for even more extra credit, I used the newly updated LetsEncrypt client to update the certificate on my website.

Jeff


#12

You should add a final line to install to just say

Letsencrypt successfully installed.

or something :slight_smile:


#13

On Ubuntu 14.10 LTS it works, but it doesn’t upgrade LetsEncrypt or Python. It just outputs the version…perhaps everything else was somehow already up to date?

david@dalton:~$ mv letsencrypt/ letsencrypt-old
david@dalton:~$ mkdir letsencrypt
david@dalton:~$ cd letsencrypt
david@dalton:~/letsencrypt$ wget https://raw.githubusercontent.com/letsencrypt/letsencrypt/v0.3.0/letsencrypt-auto-source/letsencrypt-auto
--2016-02-02 11:16:26--  https://raw.githubusercontent.com/letsencrypt/letsencrypt/v0.3.0/letsencrypt-auto-source/letsencrypt-auto
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 23.235.40.133
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|23.235.40.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 64445 (63K) [text/plain]
Saving to: ‘letsencrypt-auto’

100%[======================================>] 64,445      --.-K/s   in 0.05s

2016-02-02 11:16:27 (1.24 MB/s) - ‘letsencrypt-auto’ saved [64445/64445]

david@dalton:~/letsencrypt$ ll
total 72
drwxrwxr-x  2 david david  4096 Feb  2 11:16 ./
drwxr-xr-x 45 david david  4096 Feb  2 11:16 ../
-rw-rw-r--  1 david david 64445 Feb  2 11:16 letsencrypt-auto
david@dalton:~/letsencrypt$ chmod a+x letsencrypt-auto
david@dalton:~/letsencrypt$ ./letsencrypt-auto --version
Checking for new version...
Requesting root privileges to run letsencrypt...
   sudo /home/david/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade --version
letsencrypt 0.3.0
david@dalton:~/letsencrypt$

#14

Yes, everything was already up to date. Thanks for testing!


#15

Do you still have the error recorded, perchance?


#17

Worked like a charm for me on Amazon Linux AMI 2015.09.1 x86_64 HVM GP2!


#19

After installing xCode on Mac, I tried again. Got as far as:

==> Caveats
Pip and setuptools have been installed. To update them
  pip install --upgrade pip setuptools

You can install Python packages with
  pip install <package>

They will install into the site-package directory
  /usr/local/lib/python2.7/site-packages

See: https://github.com/Homebrew/homebrew/blob/master/share/doc/homebrew/Homebrew-and-Python.md

.app bundles were installed.
Run `brew linkapps python` to symlink these to /Applications.
Error: An unexpected error occurred during the `brew link` step
The formula built, but is not symlinked into /usr/local
Permission denied - /usr/local/Frameworks
Error: Permission denied - /usr/local/Frameworks

Then ran:

$ sudo brew linkapps python
Password:
Linking /usr/local/Cellar/python/2.7.10/IDLE.app to /Applications.
Linking /usr/local/Cellar/python/2.7.10/Python Launcher.app to /Applications.

$ ./letsencrypt-auto --debug --version
grep: /etc/os-release: No such file or directory
Bootstrapping dependencies via Mac OS X…
Warning: augeas-1.3.0 already installed
Warning: You are using OS X 10.11.
We do not provide support for this pre-release version.
You may encounter build failures or other breakage.
Warning: dialog-1.2-20130928 already installed
Warning: You are using OS X 10.11.
We do not provide support for this pre-release version.
You may encounter build failures or other breakage.
pip Not Installed
Installing python from Homebrew…
Warning: python-2.7.10 already installed, it’s just not linked
Warning: You are using OS X 10.11.
We do not provide support for this pre-release version.
You may encounter build failures or other breakage.
virtualenv Not Installed
Installing with pip
./letsencrypt-auto: line 364: pip: command not found

Ok, so trying:

$ sudo ./letsencrypt-auto --debug --version
grep: /etc/os-release: No such file or directory
Bootstrapping dependencies via Mac OS X...
Error: Cowardly refusing to `sudo brew install`
You can use brew with sudo, but only if the brew executable is owned by root.
However, this is both not recommended and completely unsupported so do so at
your own risk.

and I’m stuck.


#20

Worked flawlessly on a Gentoo GNU/Linux (Base System release 2.2) with Linux kernel 4.0.0-gentoo (where 0.2.0 is working in production fully automated with nginx using --cert-only).


#21

Worked OK on Ubuntu 14.04.3 LTS 64 bit. Was running nginx so used standalone method as follows:

./letsencrypt-auto --version
(Installed python packages without issue)

./letsencrypt-auto --version
(returned correct 0.3.0 version)

./letsencrypt-auto certonly --standalone-supported-challenges tls-sni-01
Checking for new version…
Requesting root privileges to run letsencrypt…
/root/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade certonly --standalone-supported-challenges tls-sni-01

Then manually configured /etc/nginx/sites-enables/mysite.conf to listen on port 443.


#22

I don’t suppose you ever succeeded in running the previous letsencrypt-auto either. (Please correct me if I’m wrong.) It sounds like you have some permissions issues, namely that /usr/local/Frameworks is not owned by your user, so brew fails to install various things. Maybe try removing and reinstalling brew?