Summary: | security/py-certbot-nginx: Wrong nginx configuration path set | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | Christer <fbsdbugzilla> |
Component: | Individual Port(s) | Assignee: | Danilo G. Baio <dbaio> |
Status: | Closed Overcome By Events | ||
Severity: | Affects Many People | CC: | dbaio, fbsdbugzilla |
Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(python) |
Version: | Latest | ||
Hardware: | amd64 | ||
OS: | Any | ||
See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233909 |
Description
Christer
2018-04-04 23:56:21 UTC
Followup; seems I was a bit too fast on the "renewals work" trigger. Automatic renewal didn't work when ran from cron. Certbot threw an error (domain name obfuscated for privacy): --- Attempting to renew cert (sub.domain.net) from /usr/local/etc/letsencrypt/renewal/sub.domain.net.conf produced an unexpected error: The nginx plugin is not working; there may be problems with your existing configuration. The error was: NoInstallationError(). Skipping. All renewal attempts failed. The following certs could not be renewed: /usr/local/etc/letsencrypt/live/sub.domain.net/fullchain.pem (failure) 1 renew failure(s), 0 parse failure(s) --- Deleting the port and reinstalling it, and also recreating the symlink from /usr/local/etc/nginx to /etc/nginx restores expected working behavior: ------------------------------------------------------------------------------- Processing /usr/local/etc/letsencrypt/renewal/sub.domain.net.conf ------------------------------------------------------------------------------- Cert is due for renewal, auto-renewing... Plugins selected: Authenticator nginx, Installer nginx Renewing an existing certificate Performing the following challenges: tls-sni-01 challenge for sub.domain.net Waiting for verification... Cleaning up challenges ------------------------------------------------------------------------------- new certificate deployed with reload of nginx server; fullchain is /usr/local/etc/letsencrypt/live/sub.domain.net/fullchain.pem ------------------------------------------------------------------------------- So apparently there's more to this than "just" changing the path in constants.py and recompiling the .py into .pyc/.pyo files. (In reply to Christer from comment #0) Same problem here with # pkg info py27-certbot-nginx py27-certbot-nginx-0.24.0 Name : py27-certbot-nginx Version : 0.24.0 Installed on : Sun May 6 13:37:05 2018 UTC Origin : security/py-certbot-nginx Architecture : FreeBSD:11:* Prefix : /usr/local I suspect that this bugreport never got addressed by maintainer/upstream. Looks like that someone needs to ring the bell. This was fixed since ports r470243. |