GNU bug report logs - #56678
certbot mcron job fails

Previous Next

Package: guix;

Reported by: Ludovic Courtès <ludovic.courtes <at> inria.fr>

Date: Thu, 21 Jul 2022 08:26:01 UTC

Severity: normal

Merged with 62491

To reply to this bug, email your comments to 56678 AT debbugs.gnu.org.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-guix <at> gnu.org:
bug#56678; Package guix. (Thu, 21 Jul 2022 08:26:01 GMT) Full text and rfc822 format available.
Acknowledgement sent to Ludovic Courtès <ludovic.courtes <at> inria.fr>:
New bug report received and forwarded. Copy sent to bug-guix <at> gnu.org. (Thu, 21 Jul 2022 08:26:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludovic.courtes <at> inria.fr>
To: bug-guix <at> gnu.org
Subject: certbot mcron job fails
Date: Thu, 21 Jul 2022 10:25:44 +0200

Hello,

‘certbot-service-type’ defines an mcron job that invokes ‘certbot’ with
a fairly long list of arguments.  However, that command line appears
to be incorrect, or at least it is on bayfront.guix where I tested it:

--8<---------------cut here---------------start------------->8---
ludo <at> bayfront ~/src/maintenance/hydra$ sudo herd schedule mcron 100|grep -B1 certbot
Thu Jul 21 12:51:00 2022 +0200
/gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
--
Fri Jul 22 00:45:00 2022 +0200
/gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
--
Fri Jul 22 12:36:00 2022 +0200
/gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
ludo <at> bayfront ~/src/maintenance/hydra$ ls -l /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
-r-xr-xr-x 1 root root 789 Jan  1  1970 /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
ludo <at> bayfront ~/src/maintenance/hydra$ sudo less /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
#!/gnu/store/cnfsv9ywaacyafkqdqsv2ry8f01yr7a9-guile-3.0.7/bin/guile --no-auto-compile
!#
(begin (use-modules (ice-9 match)) (let ((code 0)) (for-each (match-lambda ((name . command) (begin (format #t "Acquiring or renewing certificate: ~a~%" name) (set! code (or (apply system* command) code))))) (quote (("bayfront.guix.gnu.org" "/gnu/store/y2n10m4qkyb6vgx980c6jkjd132ln8xx-certbot-1.18.0/bin/certbot" "certonly" "-n" "--agree-tos" "--webroot" "-w" "/var/www" "--cert-name" "bayfront.guix.gnu.org" "-d" "bayfront.guix.gnu.org,bordeaux.guix.gnu.org,logs.guix.gnu.org,bayfront.guix.info,hpc.guix.info,guix-hpc.bordeaux.inria.fr,coordinator.bayfront.guix.gnu.org" "--email" "ludovic.courtes <at> inria.fr" "--deploy-hook" "/gnu/store/1wj7gy7n8r0nfx2i79afpr7n7xyhyzjx-nginx-deploy-hook")))) code))
ludo <at> bayfront ~/src/maintenance/hydra$ sudo su -c /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
Acquiring or renewing certificate: bayfront.guix.gnu.org
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Missing command line flag or config entry for this setting:
Please choose an account
Choices: ['guix-hpc.bordeaux.inria.fr <at> 2017-09-04T08:51:13Z (48c5)', 'localhost <at> 2016-12-03T21:08:38Z (00bc)']
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
--8<---------------cut here---------------end--------------->8---

What should we do about “Please choose an account”?

Thanks,
Ludo’.
Information forwarded to bug-guix <at> gnu.org:
bug#56678; Package guix. (Tue, 28 Mar 2023 21:24:01 GMT) Full text and rfc822 format available.

Message #8 received at 56678 <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Ludovic Courtès <ludovic.courtes <at> inria.fr>
Cc: 56678 <at> debbugs.gnu.org
Subject: Re: bug#56678: certbot mcron job fails
Date: Tue, 28 Mar 2023 17:23:06 -0400

Hi Ludo,

Ludovic Courtès <ludovic.courtes <at> inria.fr> writes:

> Hello,
>
> ‘certbot-service-type’ defines an mcron job that invokes ‘certbot’ with
> a fairly long list of arguments.  However, that command line appears
> to be incorrect, or at least it is on bayfront.guix where I tested it:
>
> ludo <at> bayfront ~/src/maintenance/hydra$ sudo herd schedule mcron 100|grep -B1 certbot
> Thu Jul 21 12:51:00 2022 +0200
> /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
> --
> Fri Jul 22 00:45:00 2022 +0200
> /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
> --
> Fri Jul 22 12:36:00 2022 +0200
> /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
> ludo <at> bayfront ~/src/maintenance/hydra$ ls -l /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
> -r-xr-xr-x 1 root root 789 Jan  1  1970 /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
> ludo <at> bayfront ~/src/maintenance/hydra$ sudo less /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
> #!/gnu/store/cnfsv9ywaacyafkqdqsv2ry8f01yr7a9-guile-3.0.7/bin/guile --no-auto-compile
> !#
> (begin (use-modules (ice-9 match)) (let ((code 0)) (for-each (match-lambda ((name . command) (begin (format #t "Acquiring or renewing certificate: ~a~%" name) (set! code (or (apply system* command) code))))) (quote (("bayfront.guix.gnu.org" "/gnu/store/y2n10m4qkyb6vgx980c6jkjd132ln8xx-certbot-1.18.0/bin/certbot" "certonly" "-n" "--agree-tos" "--webroot" "-w" "/var/www" "--cert-name" "bayfront.guix.gnu.org" "-d" "bayfront.guix.gnu.org,bordeaux.guix.gnu.org,logs.guix.gnu.org,bayfront.guix.info,hpc.guix.info,guix-hpc.bordeaux.inria.fr,coordinator.bayfront.guix.gnu.org" "--email" "ludovic.courtes <at> inria.fr" "--deploy-hook" "/gnu/store/1wj7gy7n8r0nfx2i79afpr7n7xyhyzjx-nginx-deploy-hook")))) code))
> ludo <at> bayfront ~/src/maintenance/hydra$ sudo su -c /gnu/store/r8hx1sdy3hkw9xpgsb92lh1kjs558876-certbot-command
> Acquiring or renewing certificate: bayfront.guix.gnu.org
> Saving debug log to /var/log/letsencrypt/letsencrypt.log
> Missing command line flag or config entry for this setting:
> Please choose an account
> Choices: ['guix-hpc.bordeaux.inria.fr <at> 2017-09-04T08:51:13Z (48c5)', 'localhost <at> 2016-12-03T21:08:38Z (00bc)']
> Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
>
> What should we do about “Please choose an account”?

Apologies for not seeing this one before opening #62491  I guess they
are the same?  If so, let's merge the reports.

-- 
Thanks,
Maxim
Merged 56678 62491. Request was from Maxim Cournoyer <maxim.cournoyer <at> gmail.com> to control <at> debbugs.gnu.org. (Wed, 29 Mar 2023 00:43:02 GMT) Full text and rfc822 format available.
Information forwarded to bug-guix <at> gnu.org:
bug#56678; Package guix. (Wed, 29 Mar 2023 08:15:02 GMT) Full text and rfc822 format available.

Message #13 received at 56678 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludovic.courtes <at> inria.fr>
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: 56678 <at> debbugs.gnu.org
Subject: Re: bug#56678: certbot mcron job fails
Date: Wed, 29 Mar 2023 10:14:43 +0200

Hello,

Maxim Cournoyer <maxim.cournoyer <at> gmail.com> skribis:

>> What should we do about “Please choose an account”?
>
> Apologies for not seeing this one before opening #62491  I guess they
> are the same?  If so, let's merge the reports.

Indeed, I had forgotten about that one, thanks!

Ludo’.
Information forwarded to bug-guix <at> gnu.org:
bug#56678; Package guix. (Thu, 04 May 2023 16:47:01 GMT) Full text and rfc822 format available.

Message #16 received at 56678 <at> debbugs.gnu.org (full text, mbox):

From: Bruno Victal <mirai <at> makinata.eu>
To: Ludovic Courtès <ludovic.courtes <at> inria.fr>,
 Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: 56678 <at> debbugs.gnu.org
Subject: Re: bug#56678: certbot mcron job fails
Date: Thu, 4 May 2023 17:45:50 +0100

Hi,

I've found out about step-ca <https://github.com/smallstep/certificates> which has a ACME server
implementation and could be used to write a self contained system test for certbot / ACME clients.

I didn't have much success packaging this for guix (it's written in go), perhaps someone more
acquainted with the go-build-system could look at this direction? Having automated tests for
certbot-service-type seems a worthwhile endeavor.


Cheers,
Bruno
Information forwarded to bug-guix <at> gnu.org:
bug#56678; Package guix. (Fri, 05 May 2023 06:53:02 GMT) Full text and rfc822 format available.

Message #19 received at 56678 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludovic.courtes <at> inria.fr>
To: Bruno Victal <mirai <at> makinata.eu>
Cc: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>, 56678 <at> debbugs.gnu.org
Subject: Re: bug#56678: certbot mcron job fails
Date: Fri, 05 May 2023 08:52:03 +0200

Hi Bruno,

Bruno Victal <mirai <at> makinata.eu> skribis:

> I've found out about step-ca <https://github.com/smallstep/certificates> which has a ACME server
> implementation and could be used to write a self contained system test for certbot / ACME clients.
>
> I didn't have much success packaging this for guix (it's written in go), perhaps someone more
> acquainted with the go-build-system could look at this direction? Having automated tests for
> certbot-service-type seems a worthwhile endeavor.

Yes, that sounds like a good idea!  We need a champion to tackle it…

Ludo’.
This bug report was last modified 2 years and 39 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.