Bench lets-encrypt setup failing

quinchurch · September 16, 2020, 12:51pm

Whenever I run the following command - it shows that it works, however ssl cert files are never created, which breaks my nginx config.

sudo -H bench setup lets-encrypt erp.mysite.com

Patrick.St · September 16, 2020, 1:33pm

Have you checked the log files? What was the “success” message running the command?

What I normally do is:
sudo -H bench setup lets-encrypt erp.mysite.com --custom-domain erp.mysite.com

quinchurch · September 16, 2020, 1:36pm

virtualenv: error: unrecognized arguments: --no-site-packages
Traceback (most recent call last):
File “”, line 27, in
File “”, line 19, in create_venv
File “/usr/lib/python2.7/subprocess.py”, line 190, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘[‘virtualenv’, ‘–no-site-packages’, ‘–python’, ‘/usr/bin/python2.7’, ‘/opt/eff.org/certbot/venv’]’ returned non-zero exit status 2

quinchurch · September 16, 2020, 1:37pm

This is what I think is causing the problem I believe. When I follow all the prompts, it does everything except create the pem files in /etc/letsencrypt, so the file references in the nginx.conf file are no longer valid

dineshpanchal432 · September 16, 2020, 4:57pm

same problem with me

flexy2ky · September 24, 2020, 9:27am

Has anyone found a solution to this problem?

JeansReal · September 24, 2020, 1:59pm

Hello

The problems comes because lets encrypt is no longer supporting certbot-auto, there is problem in setting up the environment .
This will try to configure the environment for certbot-auto to run.
sudo -H bench setup lets-encrypt erp.mysite.com --custom-domain erp.mysite.com

The nginx config files will be modified but the cert will not be created
See: certbot-auto will fail on ubuntu > 20 · Issue #1073 · frappe/bench · GitHub

For now i have found two workarounds:

run this command: USE_PYTHON_3=1 /opt/certbot-auto
This will install the certbot-auto environment, and then you can request to create the cert…
Follow the certbot installation instructions:
404 Not Found | Certbot
For ubuntu:
Stop the nginx service: sudo service nginx stop
Install cerbot: sudo snap install --classic certbot
Generate cert: sudo certbot certonly --standalone

In both steps the cert will be created in the same dir /etc/letsencrypt/…
Which is the same dir is configured when running
sudo -H bench setup lets-encrypt

So then you only need to do:
sudo service nginx start
sudo service nginx reload

Patrick.St · September 29, 2020, 4:28pm

Thank you very much. As I set up today a new development-server I run into the same issues. Your solution (#2) did the trick for me.

TurkerTunali · October 26, 2020, 10:12am

Thank you very much. Solution #2 also works for me.

Sanath_Udayawansa2 · November 23, 2020, 3:26pm

Thank you very much

Option 2 worked for me

Sanath_Udayawansa2 · November 24, 2020, 11:47am

any idea for below error

sanath@vmi322735:~$ sudo service nginx start
Job for nginx.service failed because the control process exited with error code.
See “systemctl status nginx.service” and “journalctl -xe” for details.
sanath@vmi322735:~$ systemctl status nginx.service
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: en
Active: failed (Result: exit-code) since Tue 2020-11-24 12:33:31 CET; 29s ago
Docs: man:nginx(8)
Process: 3782 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process
lines 1-5/5 (END)

rmeyer · January 5, 2021, 1:36pm

I posted another workaround here:

https://github.com/frappe/bench/issues/1105#issuecomment-754633854