Mostly the same with my ncpi, except I do NOT use letsencrypt (so far). It seems as if it doesn’t check for that case and thereby “demands” using let’s encrypt.

Downloading updates
Performing updates
Running letsencrypt
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mycloud.ownyourbits.com
Using the webroot path /var/www/nextcloud for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. mycloud.ownyourbits.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: dns :: DNS problem: NXDOMAIN looking up A for mycloud.ownyourbits.com
IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: mycloud.ownyourbits.com
   Type:   connection
   Detail: dns :: DNS problem: NXDOMAIN looking up A for
   mycloud.ownyourbits.com

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

I noticed that within ncp-config there is a * at the menu item letsencrypt suggesting it is activated, though, as I mentioned, I haven’t activated it at any time.

Is there something I can do to successfully update anyway?

From the downloaded update.sh it looks like

fix LE cron

is_active_app letsencrypt && run_app letsencrypt

is always being run.

Good point, and it appears that this line was introduced in 1.9.1, so maybe me, having that issue despite

is_active_app letsencrypt

may correlate with letsencrypt being falsely displayed as active in my ncp-config menu.
Is there a way to correct the status of the app letsencrypt?

My certificates are placed in /etc/letsencrypt/live/my.domain.com/

I created a link from my certificates accordingly

sudo ln -s /etc/letsencrypt/live/my.domain.com/ /etc/letsencrypt/letsencrypt-auto

and then again when I try to ncp-update I get

Downloading updates
Performing updates
Running letsencrypt
/usr/local/bin/ncp/NETWORKING/letsencrypt.sh: line 62: /etc/letsencrypt/letsencrypt-auto: Is a directory

That looks like a bug (and you can remove the link you created).

/etc/letsencrypt/letsencrypt-auto looks to be where the letsencrypt/certbot executable files should now to be located .

However from /usr/local/bin/ncp/NETWORKING/letsencrypt.sh letsencrypt (as a parameter) is set to point to this directory:

letsencrypt=/etc/letsencrypt/letsencrypt-auto

And in line 62 is used:

$letsencrypt certonly -n --no-self-upgrade --webroot -w $ncdir --hsts --agree-tos -m $EMAIL -d $DOMAIN && {

Which should be $letsencrypt/[COMMAND] -params … etc.

Which is why you are getting your error.

what is the output of find /etc/letsencrypt/live/ for you?

The error output, while ncp-update, is

find: ‘/etc/letsencrypt/live/’: No such file or directory

GCsFfoz5 so is there something I could do to workaround this bug? Or do u believe I should just wait for the next update?

I would expect line 62 to read something like

$letsencrypt/certbot certonly -n --no-self-upgrade --webroot -w $ncdir --hsts --agree-tos -m $EMAIL -d $DOMAIN

I see, easy fix. Please try again

If you don’t have this file /etc/letsencrypt/letsencrypt-auto, then you have taken too long to update, so now you are stuck with the old letsencrypt

Try this snippet to install the latest version

  source /usr/local/etc/library.sh                                                                                                                                                                                                                                                                                               

  [[ -f /etc/letsencrypt/certbot-auto ]] || {

    [[ -f /.docker-image ]] && mv "$(readlink /etc/letsencrypt)" /etc/letsencrypt-old
    [[ -f /.docker-image ]] || mv /etc/letsencrypt /etc/letsencrypt-old
    rm -f /etc/letsencrypt
    apt-get remove -y letsencrypt
    apt-get autoremove -y
    install_app letsencrypt
    [[ -f /etc/letsencrypt-old/live ]] && cp -raT /etc/letsencrypt-old/live /etc/letsencrypt/live
    [[ -d /etc/letsencrypt/archive ]] || \
   cp -ravT /etc/letsencrypt-old/archive /etc/letsencrypt/archive &>/dev/null
    [[ -f /.docker-image ]] && persistent_cfg /etc/letsencrypt
    [[ -f /etc/cron.weekly/letsencrypt-ncp ]] && run_app letsencrypt
  }

re-installing letsencrypt makes no difference to the 1.9.1 update.

It still runs letsencrypt and fails reporting empty domain.

[ nc-update ]
Downloading updates
Performing updates
Running letsencrypt
[ letsencrypt ]
empty domain
empty domain

As /etc/cron.weekly/letsencrypt-ncp does not exist on my system is there anything else that can be done to completely disable letsencrypt?

Fixed my issue, works like a charm. Thank you very much.

@GCsFfoz5 No luck with changing line 62. Actually I sudo nano and change the line as you advice but when I go into the file again the change is not saved. of course running again ncp-update gives the same result.

@nachoparker I also did not have the file etc/letsencrypt/letsencrypt-auto . Was there a version between 1.8.0 and 1.9.1? I created a script with the code snippet for reinstalling letsencrypt but what I get is

./reletsencrypt.sh: 1: ./reletsencrypt.sh: source: not found
./reletsencrypt.sh: 3: ./reletsencrypt.sh: [[: not found
./reletsencrypt.sh: 5: ./reletsencrypt.sh: [[: not found
./reletsencrypt.sh: 6: ./reletsencrypt.sh: [[: not found
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages will be REMOVED:
letsencrypt
0 upgraded, 0 newly installed, 1 to remove and 38 not upgraded.
After this operation, 30.7 kB disk space will be freed.
(Reading database … 43882 files and directories currently installed.)
Removing letsencrypt (0.28.0-1~deb9u1) …
Reading package lists… Done
Building dependency tree
Reading state information… Done
0 upgraded, 0 newly installed, 0 to remove and 38 not upgraded.
./reletsencrypt.sh: 10: ./reletsencrypt.sh: install_app: not found
./reletsencrypt.sh: 11: ./reletsencrypt.sh: [[: not found
./reletsencrypt.sh: 14: ./reletsencrypt.sh: [[: not found./reletsencrypt.sh: 12: ./reletsencrypt.sh: [[: not found
./reletsencrypt.sh: 15: ./reletsencrypt.sh: [[: not found
cp: cannot create directory ‘/etc/letsencrypt/archive’: No such file or directory

guys sorry but my knowledge of linux is limited so some things I say or do may not make sense

With what @nachoparker posted above the original script is correct.

If you run the snippet above it will install the new letsencrypt binaries

After that you can re-run the original script.

SOLUTION (for me)

1. To de-activate letsencrypt from NextCloudPi Panel

If letsencrypt is showing as active in NextCloudPi Panel. I.e. has a tick by it, you can de-activate it by
moving, renaming or deleting the config file /usr/local/etc/ncp-config.d/letsencrypt.cfg

2. To get NextCloudPi to upgrade from 1.8.0.to 1.9.1 (after a failed upgrade)

backup anything you need in /etc/letsencrypt

remove all contents of /etc/letsencrypt

run ncp-config (fails)

remove all contents of /etc/letsencrypt

run the snippet above from @nachoparker

run ncp-config (succeeds)

T h a n k You! I really appreciate you taking the time to write a step by step solution! It worked!

EDIT: I was trying to quote GCsFfoz5 but it copied Nacho’s text.

After having done this things were looking good in terms of activity happening in the terminal, but now it’s telling me blank domain with no place to enter a domain.

And now I’m unable to connect at all. :,(

If you mean empty domain as in the OP then it depends if you are expecting NCP to do your certificates for you.

If you are then you can go to the NCP panel and enter your domain information in networking/letsencrypt.

If you are not you might want to remove /usr/local/etc/ncp-config.d/letsencrypt.cfg if it exists.