The new letsencrypt-auto script that many of you helped test before is almost ready for prime time. Do you have time to run 2 commands? If so, you can help us immensely by proving everything is ready to go on your real-world setups.
Again, this new version…
Removes our dependency on git
Provides a signature-vouched upgrade mechanism for the install script itself
Verifies Python packages with sha256 and pins them to prevent regressions
Improves performance by avoiding unnecessary installation work
The following all worked for me, and worked without installing the second time:
Ubuntu 14.04.3 LTS (x86_64)
Ubuntu 12.04.5 LTS (x86_64)
Raspbian 8 (RPi 1 model B)
Worked: Docker image python:2.7, based on debian:jessie. Had to run $ sudo apt-get update once, which is expected. Worked: Ubuntu 14.04 x86_64 VPS with letsencrypt already in use.
Version popped up right away on the second try on both setups.
Tried running letsencrypt-auto on FreeBSD in a VM (Hyper-V). Since FBSD is an “experimental” platform, here’s the output:
New packages to be INSTALLED:
py27-virtualenv: 14.0.0
augeas: 1.4.0
The process will require 6 MiB more space.
3 MiB to be downloaded.
Fetching py27-virtualenv-14.0.0.txz: 100% 2 MiB 1.1MB/s 00:02
Fetching augeas-1.4.0.txz: 100% 575 KiB 588.4kB/s 00:01
Checking integrity... done (0 conflicting)
[1/2] Installing py27-virtualenv-14.0.0...
[1/2] Extracting py27-virtualenv-14.0.0: 100%
[2/2] Installing augeas-1.4.0...
[2/2] Extracting augeas-1.4.0: 100%
Checking for new version...
Creating virtual environment...
Installing Python packages...
Requesting root privileges to run letsencrypt...
sudo /home/jra/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade --debug
No installers are available on your OS yet; try running "letsencrypt-auto certonly" to get a cert you can install manually
So I think that worked as expected. That last message seems to mean the new version is used like the existing FBSD “py27-letsencrypt-0.1.0” with “certonly”. It worked great before, and anticipate the same in the new version.
I’ll need to run letsencrypt-auto on one of my internet-connected servers to test fetching certificates.
Thanks; great ticket! This doesn’t appear to be a regression from the existing (older) letsencrypt-auto script, but correct me if I’m wrong. Thanks for testing!
Initially I had an error in the middle of the script run. When I deleted ~/.local/share/letsencrypt and /usr/local/Cellar/dialog to look like a fresh install, the script ran as expected.
I also successfully completed the bonus test and then for even more extra credit, I used the newly updated LetsEncrypt client to update the certificate on my website.
On Ubuntu 14.10 LTS it works, but it doesn’t upgrade LetsEncrypt or Python. It just outputs the version…perhaps everything else was somehow already up to date?
david@dalton:~$ mv letsencrypt/ letsencrypt-old
david@dalton:~$ mkdir letsencrypt
david@dalton:~$ cd letsencrypt
david@dalton:~/letsencrypt$ wget https://raw.githubusercontent.com/letsencrypt/letsencrypt/v0.3.0/letsencrypt-auto-source/letsencrypt-auto
--2016-02-02 11:16:26-- https://raw.githubusercontent.com/letsencrypt/letsencrypt/v0.3.0/letsencrypt-auto-source/letsencrypt-auto
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 23.235.40.133
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|23.235.40.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 64445 (63K) [text/plain]
Saving to: ‘letsencrypt-auto’
100%[======================================>] 64,445 --.-K/s in 0.05s
2016-02-02 11:16:27 (1.24 MB/s) - ‘letsencrypt-auto’ saved [64445/64445]
david@dalton:~/letsencrypt$ ll
total 72
drwxrwxr-x 2 david david 4096 Feb 2 11:16 ./
drwxr-xr-x 45 david david 4096 Feb 2 11:16 ../
-rw-rw-r-- 1 david david 64445 Feb 2 11:16 letsencrypt-auto
david@dalton:~/letsencrypt$ chmod a+x letsencrypt-auto
david@dalton:~/letsencrypt$ ./letsencrypt-auto --version
Checking for new version...
Requesting root privileges to run letsencrypt...
sudo /home/david/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade --version
letsencrypt 0.3.0
david@dalton:~/letsencrypt$
After installing xCode on Mac, I tried again. Got as far as:
==> Caveats
Pip and setuptools have been installed. To update them
pip install --upgrade pip setuptools
You can install Python packages with
pip install <package>
They will install into the site-package directory
/usr/local/lib/python2.7/site-packages
See: https://github.com/Homebrew/homebrew/blob/master/share/doc/homebrew/Homebrew-and-Python.md
.app bundles were installed.
Run `brew linkapps python` to symlink these to /Applications.
Error: An unexpected error occurred during the `brew link` step
The formula built, but is not symlinked into /usr/local
Permission denied - /usr/local/Frameworks
Error: Permission denied - /usr/local/Frameworks
Then ran:
$ sudo brew linkapps python
Password:
Linking /usr/local/Cellar/python/2.7.10/IDLE.app to /Applications.
Linking /usr/local/Cellar/python/2.7.10/Python Launcher.app to /Applications.
$ ./letsencrypt-auto --debug --version
grep: /etc/os-release: No such file or directory
Bootstrapping dependencies via Mac OS X…
Warning: augeas-1.3.0 already installed
Warning: You are using OS X 10.11.
We do not provide support for this pre-release version.
You may encounter build failures or other breakage.
Warning: dialog-1.2-20130928 already installed
Warning: You are using OS X 10.11.
We do not provide support for this pre-release version.
You may encounter build failures or other breakage.
pip Not Installed
Installing python from Homebrew…
Warning: python-2.7.10 already installed, it’s just not linked
Warning: You are using OS X 10.11.
We do not provide support for this pre-release version.
You may encounter build failures or other breakage.
virtualenv Not Installed
Installing with pip
./letsencrypt-auto: line 364: pip: command not found
Ok, so trying:
$ sudo ./letsencrypt-auto --debug --version
grep: /etc/os-release: No such file or directory
Bootstrapping dependencies via Mac OS X...
Error: Cowardly refusing to `sudo brew install`
You can use brew with sudo, but only if the brew executable is owned by root.
However, this is both not recommended and completely unsupported so do so at
your own risk.
Worked flawlessly on a Gentoo GNU/Linux (Base System release 2.2) with Linux kernel 4.0.0-gentoo (where 0.2.0 is working in production fully automated with nginx using --cert-only).
./letsencrypt-auto certonly --standalone-supported-challenges tls-sni-01
Checking for new version...
Requesting root privileges to run letsencrypt...
/root/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade certonly --standalone-supported-challenges tls-sni-01
Then manually configured /etc/nginx/sites-enables/mysite.conf to listen on port 443.
I don’t suppose you ever succeeded in running the previous letsencrypt-auto either. (Please correct me if I’m wrong.) It sounds like you have some permissions issues, namely that /usr/local/Frameworks is not owned by your user, so brew fails to install various things. Maybe try removing and reinstalling brew?