Comments (27)
Will get a new release out in the next day or so :)
from puppet-letsencrypt.
@danzilio - Can we get a release on this? ;)
from puppet-letsencrypt.
New question: should we rename this module to certbot
?
from puppet-letsencrypt.
Thank you! I think I'm going to push one more release of letsencrypt
with a notice that it's deprecated, and then I'll rename this module to certbot
from puppet-letsencrypt.
also, the nightly cron run explodes on a "python error", when I run the commandline manually I get a full screen message (ncurses?) about the cert not needing a renew and waiting for me to click OK. I don't see a CLI option to make it a quiet cron-friendly run. is this fixable with certbot or should I just switch to letsencrypt.sh?
from puppet-letsencrypt.
PR #49 addresses this issue. Feel free to use the repo mentioned in the PR until it is merged into the mainline repo.
from puppet-letsencrypt.
Any word on a release? Thanks.
from puppet-letsencrypt.
Do you have d28c04b (it's not in the latest release)? Alternatively setting allow_virtual => true might make it work.
from puppet-letsencrypt.
No, it has not been released yet. I was hoping someone else had gotten sick of the "action/restart" every 30 mins too. Thanks @domcleal .
There are a significant number of commits since the last release, perhaps we should push out a new release. ;)
from puppet-letsencrypt.
At least add certbot to the description and "tags" ... but it does seem logical to rename and then tag back to letsencrypt as certbot is letsencrypt client, right?
https://www.eff.org/deeplinks/2016/05/announcing-certbot-new-tls-robot
from puppet-letsencrypt.
I agree, it probably should be certbot now.
from puppet-letsencrypt.
certbot seems like the right name.
from puppet-letsencrypt.
Btw, git repohas also be renamed to certbot ( https://github.com/certbot/certbot ) . Same occured for command names (certbot/certbot-auto).
from puppet-letsencrypt.
Just pushed to the certbot
branch: https://github.com/danzilio/puppet-letsencrypt/compare/certbot
from puppet-letsencrypt.
Nice, will give it a try. Any reason to keep v0.4.2 as default version ? certbot is v0.8.1 right now (and should auto update to latest version itself btw).
from puppet-letsencrypt.
I just noticed that. I'll update the version!
from puppet-letsencrypt.
Still testing your branch, but looks like there is no venv neither cerbot vs certbot-auto commands. Basically, I had to set $command
to the same as $command_init
, ie : ${path}/certbot-auto
so that command is :
/opt/certbot/certbot-auto --agree-tos certonly -a webroot --webroot-path /srv/www/certbot -d www.mydomain.com
from puppet-letsencrypt.
One more comment, live directory is still /etc/letsencrypt/live :)
from puppet-letsencrypt.
FYI: We're testing the branch, seems to work quite nice. Only annoying (like @maxenced mentioned) that Certbot itself still has a bunch of "letsencrypt" references in there.
from puppet-letsencrypt.
just saw it does take -q and --non-interactive. can you fit that into the code or should I do a PR?
from puppet-letsencrypt.
Should we wait to release this module until certbot
stabilizes? I'm just worried about the user experience here...
from puppet-letsencrypt.
@seefood I'll add -q
to the cron command!
from puppet-letsencrypt.
I did, and it does not help. the cronjob returns:
An unexpected error occurred:
PythonDialogBug
Please see the logfile 'certbot.log' for more details.
and
[root@puppet ~]# less certbot.log
Traceback (most recent call last):
File "/usr/bin/certbot", line 9, in <module>
load_entry_point('certbot==0.8.1', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 718, in main
cli.possible_deprecation_warning(config)
File "/usr/lib/python2.7/site-packages/certbot/cli.py", line 161, in possible_deprecation_warning
logger.warn("You are running with an old copy of certbot that does "
File "/usr/lib64/python2.7/logging/__init__.py", line 1161, in warning
self._log(WARNING, msg, args, **kwargs)
File "/usr/lib64/python2.7/logging/__init__.py", line 1268, in _log
self.handle(record)
File "/usr/lib64/python2.7/logging/__init__.py", line 1278, in handle
self.callHandlers(record)
File "/usr/lib64/python2.7/logging/__init__.py", line 1318, in callHandlers
hdlr.handle(record)
File "/usr/lib64/python2.7/logging/__init__.py", line 749, in handle
self.emit(record)
File "/usr/lib/python2.7/site-packages/certbot/log.py", line 64, in emit
self.width + self.PADDING_WIDTH)
File "/usr/lib/python2.7/site-packages/dialog.py", line 2675, in infobox
kwargs)
File "/usr/lib/python2.7/site-packages/dialog.py", line 1765, in _widget_with_no_output
widget_name, output))
PythonDialogBug
the commandline is certbot --agree-tos certonly -a webroot --keep-until-expiring --webroot-path /var/www/html/ -d <dom1> --webroot-path /var/www/html/ -d <dom2> -q
When I run it in a terminal it draws a ncurses-like blue screen with a white rectangle:
┌──────────────────────────────────────────────────────────────────────┐
│ You are running with an old copy of certbot that does not receive │
│ updates, and is less reliable than more recent versions. We │
│ recommend upgrading to the latest certbot-auto script, or using │
│ native OS packages. │
how about we move to use a more cron-friendly client, like letsencrypt.sh? the way this is set up, I'm not going to get cert updates 90% of the time without manual intervention, and that's not an option.
from puppet-letsencrypt.
I would recommend using OS native packages? :)
from puppet-letsencrypt.
But I am...
[root@puppet alon]# yum install certbot
Package certbot-0.8.1-1.el7.noarch already installed and latest version
Nothing to do
from puppet-letsencrypt.
@seefood sorry I thought I already responded to this, but I think we need to add --text
to the cron job, there is an upstream bug that might be related certbot/certbot#2882 Sorry... there is also this: https://bugzilla.redhat.com/show_bug.cgi?id=1348391 .. which is a problem with the packages themselves.
I was still getting an error because I was trying to use certonly
and the webserver needs to stop to give up the port (it would need to restart to use the new cert anyhow).
If anyone else here is running EL7, please test and add Karma here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-999186afcf
Thanks,
Tommy
from puppet-letsencrypt.
So after -q --non-interactive
worked nicely, --no-self-upgrade
got rid of the final warning message, and I hope now the cronjob will quiet down till the certs are recreated. Thanks for the clues :-)
from puppet-letsencrypt.
Related Issues (20)
- certbot has a python problem on centos 7 HOT 8
- Cut new version with puppet-epel dependency? HOT 1
- RHEL8 support for dns-rfc2136
- Logrotate for the letsencrypt logs HOT 1
- certbot-auto no longer works on any OS HOT 2
- Adding domains to existing certificate leads to duplicate certs/renewal configs with pattern <cert>-0001,2 etc HOT 3
- Raise compatible puppet version from <7.0 to <8.0 HOT 2
- Drop VCS install method support
- Recent update causes problems with the nginx plugin HOT 1
- CONFIGDIR/renwal/domain.conf not updated HOT 2
- Manage Cron parameter on letsencrypt::certonly will not cleanup resources. HOT 2
- feature request: cron_after_command
- `register-unsafely-without-email` config key is kept when turning `unsafe_registration` back to `false`
- Could not find class ::epel when declaring Letsencrypt class HOT 1
- New release please? HOT 3
- letsencrypt-domain-validation case sensitivity
- Documentation/examples for certonly `suppress_cron_output` not updated after removal of parameter HOT 1
- Circular dependency caused by nginx plugin HOT 2
- No certificate issued
- Unknown resource type: 'ini_setting' HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppet-letsencrypt.