@OlivierR @ivanbliminse obviously we are missing something because it breaks for some people.
Would you be so kind to tell me the exact contents of these folders so we can provide a fix for everyone?
Thanks
Hi,
after my renaming action I now have the following folder content:
root@nextcloudpi:/etc/letsencrypt/live# ls -l -R
.:
total 4
drwxr-xr-x 2 root root 4096 Jan 11 20:41 XXXXXXXXXXXXko4d.myfritz.net./XXXXXXXXXXXXko4d.myfritz.net:
total 4
ā¦ Jan 11 20:41 README
ā¦ Jan 11 20:41 cert.pem ā ā¦/ā¦/archive/XXXXXXXXXXXXko4d.myfritz.net/cert1.pem
ā¦ Jan 11 20:41 chain.pem ā ā¦/ā¦/archive/XXXXXXXXXXXXko4d.myfritz.net/chain1.pem
ā¦Jan 11 20:41 fullchain.pem ā ā¦/ā¦/archive/XXXXXXXXXXXXko4d.myfritz.net/fullchain1.pem
ā¦Jan 11 20:41 privkey.pem ā ā¦/ā¦/archive/XXXXXXXXXXXXko4d.myfritz.net/privkey1.pem
and
root@nextcloudpi:/etc/letsencrypt/archive# ls -l -R
.:
total 4
drwxr-xr-x 2 root root 4096 Jan 11 20:41 XXXXXXXXXXXXko4d.myfritz.net./XXXXXXXXXXXXko4d.myfritz.net:
total 16
-rw-rār-- 1 root root 1948 Jan 11 20:41 cert1.pem
-rw-rār-- 1 root root 1647 Jan 11 20:41 chain1.pem
-rw-rār-- 1 root root 3595 Jan 11 20:41 fullchain1.pem
-rw-rār-- 1 root root 1704 Jan 11 20:41 privkey1.pem
and (sorry for the long list, you wanted to have it:-) )
root@nextcloudpi:/etc/letsencrypt-new# ls -l -R
.:
total 428
ā¦ got rid of non-interesting lines
./archive:
total 4
drwxr-xr-x 2 root root 4096 Jan 11 20:41 XXXXXXXXXXXXko4d.myfritz.net./archive/XXXXXXXXXXXXko4d.myfritz.net:
total 16
-rw-rār-- 1 root root 1948 Jan 11 20:41 cert1.pem
-rw-rār-- 1 root root 1647 Jan 11 20:41 chain1.pem
-rw-rār-- 1 root root 3595 Jan 11 20:41 fullchain1.pem
-rw-rār-- 1 root root 1704 Jan 11 20:41 privkey1.pem./certbot:
total 488
ā¦ got rid of non-interesting lines.
Puh, if I look at the long list I deleted, maybe I better should paste the certs into the new folder structureā¦
thanks, that really helps. Right now if you run an update you might run into the same issue again, so itās better to fix it properly.
What about the contents of letsencrypt-new/live?
This folder just doesnāt exist.
I canceled the renaming and copy/paste the folder into new version ā works.
Then we can see on a future update wether it works or not.
@nachoparker
cron doesnt know where to find new letsencrypt certbot:
/etc/cron.weekly/letsencrypt-ncp:
/etc/cron.weekly/letsencrypt-ncp: line 4: /usr/bin/certbot: No such file or directory
Hi @nachoparker sorry for the delay.
Here is my letsencrypt content :
pi@nextcloudpi:~$ ls /etc/letsencrypt/live/cloud.****.**/
README cert.pem chain.pem fullchain.pem privkey.pempi@nextcloudpi:~$ ls /etc/letsencrypt/archive/
ls: cannot open directory ā/etc/letsencrypt/archive/ā: Permission denied
pi@nextcloudpi:~$ sudo ls /etc/letsencrypt/archive/
pi@nextcloudpi:~$pi@nextcloudpi:~$ ls /etc/letsencrypt-old/
accounts archive cli.ini csr keys live renewal renewal-hooks
pi@nextcloudpi:~$pi@nextcloudpi:~$ sudo mv /etc/letsencrypt /etc/letsencrypt-broken
pi@nextcloudpi:~$ sudo mv /etc/letsencrypt-old /etc/letsencrypt
pi@nextcloudpi:~$ sudo /etc/init.d/apache2 start
[ ok ] Starting apache2 (via systemctl): apache2.service.
pi@nextcloudpi:~$
I didnāt check the log but my nextcloudpi instance stay in 1.3.0 version so i can retry as many time you need
A reason can be that i try too many letsencrypt generation certificat? (5 per week max)
it would be great if you could try the update again, it should work.
Im sorry,after update I stay in 1.3.0 and apache doesnāt start. Feel free to ask me any log or else!
the output from sudo ncp-update would be great. Still in the same situation? (empty archive folder)?
I 've done 2 update without restarting nextcloudpi. The actual version seems to be 1.5.1 but the second attemp has some error.
The first attempt :
Downloading updates
Performing updates
Running nc-automount
automount enabled
Running nc-autoupdate-nc
automatic Nextcloud updates enabled
Installing nc-backup
Get:1 http://security.debian.org stretch/updates InRelease [94.3 kB]
Ign:3 Index of /debian stretch InRelease
Get:4 Index of /debian stretch-updates InRelease [91.0 kB]
Get:5 Index of /php/ stretch InRelease [6934 B]
Get:6 Index of /debian stretch-backports InRelease [91.8 kB]
Hit:2 https://apt.armbian.com stretch InRelease
Hit:7 Index of /debian stretch Release
Get:8 Index of /php/ stretch/main armhf Packages [103 kB]
Fetched 387 kB in 2s (145 kB/s)
Reading package listsā¦
Reading package listsā¦
Building dependency treeā¦
Reading state informationā¦
pigz is already the newest version (2.3.4-1).
0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.
Installing nc-restore
updating letsencryptā¦
Reading package listsā¦
Building dependency treeā¦
Reading state informationā¦
Package āletsencryptā is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.
Reading package listsā¦
Building dependency treeā¦
Reading state informationā¦
0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.
Installing letsencrypt
Hit:1 http://security.debian.org stretch/updates InRelease
Ign:3 Index of /debian stretch InRelease
Hit:4 Index of /debian stretch-updates InRelease
Hit:5 Index of /debian stretch-backports InRelease
Hit:6 Index of /debian stretch Release
Hit:7 Index of /php/ stretch InRelease
Hit:2 https://apt.armbian.com stretch InRelease
Reading package listsā¦
Reading package listsā¦
Building dependency treeā¦
Reading state informationā¦
python3-minimal is already the newest version (3.5.3-1).
0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.
letsencrypt-auto [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ā¦
Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
certificate. The most common SUBCOMMANDS and flags are:obtain, install, and renew certificates:
(default) run Obtain & install a certificate in your current webserver
certonly Obtain or renew a certificate, but do not install it
renew Renew all previously obtained certificates that are near
expiry
enhance Add security enhancements to your existing configuration
-d DOMAINS Comma-separated list of domains to obtain a certificate forāapache Use the Apache plugin for authentication & installation
āstandalone Run a standalone webserver for authentication
ānginx Use the Nginx plugin for authentication & installation
āwebroot Place files in a serverās webroot folder for authentication
āmanual Obtain certificates interactively, or using shell script
hooks-n Run non-interactively
ātest-cert Obtain a test certificate from a staging server
ādry-run Test ārenewā or ācertonlyā without saving any certificates
to diskmanage certificates:
certificates Display information about certificates you have from Certbot
revoke Revoke a certificate (supply --cert-path or --cert-name)
delete Delete a certificatemanage your account with Letās Encrypt:
register Create a Letās Encrypt ACME account
update_account Update a Letās Encrypt ACME account
āagree-tos Agree to the ACME serverās Subscriber Agreement
-m EMAIL Email address for important account notificationsMore detailed help:
-h, --help [TOPIC] print this message, or detailed help on a topic;
the available TOPICS are:all, automation, commands, paths, security, testing, or any of the
subcommands or plugins (certonly, renew, install, register, nginx,
apache, standalone, webroot, etc.)
Running letsencrypt
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for cloud.**************
Using the webroot path /var/www/nextcloud for all unmatched domains.
Waiting for verificationā¦
Cleaning up challenges
live directory exists for cloud.****************
IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
The second :
Downloading updates
Performing updates
Running nc-automount
automount enabled
Running nc-autoupdate-nc
automatic Nextcloud updates enabled
Installing nc-backup
Hit:1 http://security.debian.org stretch/updates InRelease
Ign:2 Index of /debian stretch InRelease
Hit:3 Index of /debian stretch-updates InRelease
Hit:4 Index of /debian stretch-backports InRelease
Hit:5 Index of /debian stretch Release
Hit:6 Index of /php/ stretch InRelease
Err:8 http://apt.armbian.com stretch InRelease
Cannot initiate the connection to apt.armbian.com:80 (2001:bb8:4008:ff:5054:ff:fea8:96fc). - connect (101: Network is unreachable) [IP: 2001:bb8:4008:ff:5054:ff:fea8:96fc 80]
Reading package listsā¦ Done
W: Failed to fetch http://apt.armbian.com/dists/stretch/InRelease Cannot initiate the connection to apt.armbian.com:80 (2001:bb8:4008:ff:5054:ff:fea8:96fc). - connect (101: Network is unreachable) [IP: 2001:bb8:4008:ff:5054:ff:fea8:96fc 80]
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package listsā¦ Done
Building dependency tree
Reading state informationā¦ Done
pigz is already the newest version (2.3.4-1).
0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.
Installing nc-restore
NextCloudPi updated to version v1.5.1
1 Like
thank you, that looks good to me
1 Like