I have been trying for hours to fix an issue when running this command sudo -H bench setup lets-encrypt erp.example.com
Still I cannot find a solution for my problem. I am using:
Clean CentOS 7
Followed Easy Install script
All setup Processes went fine without any error.
Site is accessible and working as expected.
This is the error when I run the command sudo -H bench setup lets-encrypt erp.example.com
sudo -H bench setup lets-encrypt erp.example.com
Running this will stop the nginx service temporarily causing your sites to go offline
Do you want to continue? [y/N]: y
$ sudo systemctl stop nginx
$ /opt/certbot-auto --config /etc/letsencrypt/configs/erp.example.com.cfg certonly
Bootstrapping dependencies for RedHat-based OSes⌠(you can skip this with --no-bootstrap)
dnf is /bin/dnf
dnf is hashed (/bin/dnf)
Last metadata expiration check: 12:41:39 ago on Thu 21 May 2020 03:23:23 PM +03.
Package gcc-4.8.5-39.el7.x86_64 is already installed.
Package augeas-libs-1.4.0-9.el7_8.1.x86_64 is already installed.
Package openssl-1:1.0.2k-19.el7.x86_64 is already installed.
Package openssl-devel-1:1.0.2k-19.el7.x86_64 is already installed.
Package libffi-devel-3.0.13-19.el7.x86_64 is already installed.
Package redhat-rpm-config-9.1.0-88.el7.centos.noarch is already installed.
Package ca-certificates-2019.2.32-76.el7_7.noarch is already installed.
Package python-devel-2.7.5-88.el7.x86_64 is already installed.
Package python-virtualenv-15.1.0-4.el7_7.noarch is already installed.
Package python-tools-2.7.5-88.el7.x86_64 is already installed.
Package python2-pip-8.1.2-12.el7.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Creating virtual environmentâŚ
Traceback (most recent call last):
File â/usr/lib/python2.7/site-packages/virtualenv.pyâ, line 2327, in
main()
File â/usr/lib/python2.7/site-packages/virtualenv.pyâ, line 712, in main
symlink=options.symlink)
File â/usr/lib/python2.7/site-packages/virtualenv.pyâ, line 944, in create_environment
download=download,
File â/usr/lib/python2.7/site-packages/virtualenv.pyâ, line 900, in install_wheel
call_subprocess(cmd, show_stdout=False, extra_env=env, stdin=SCRIPT)
File â/usr/lib/python2.7/site-packages/virtualenv.pyâ, line 796, in call_subprocess
% (cmd_desc, proc.returncode))
OSError: Command /opt/eff.org/certbot/venv/bin/python2.7 - setuptools pip wheel failed with error code 1
Traceback (most recent call last):
File ââ, line 27, in
File ââ, line 19, in create_venv
File â/usr/lib64/python2.7/subprocess.pyâ, line 542, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command â[âvirtualenvâ, ââno-site-packagesâ, ââpythonâ, â/bin/python2.7â, â/opt/eff.org/certbot/venvâ]â returned non-zero exit status 1
nginx.conf already exists and this will overwrite it. Do you want to continue? [y/N]: y
$ sudo systemctl start nginx
Job for nginx.service failed because the control process exited with error code. See âsystemctl status nginx.serviceâ and âjournalctl -xeâ for details.
I have searched the forum but no luck on how to fix this issue. All fixes are not working in my environment.
Performing this command systemctl status nginx.service -l gives this message:
May 22 17:33:13 erp.example.com nginx[24224]: nginx: [warn] the âsslâ directive is deprecated, use the âlisten ⌠sslâ directive instead in /etc/nginx/conf.d/e rpnext-prd.conf:32
May 22 17:33:13 erp.example.com nginx[24224]: nginx: [emerg] cannot load certifi cate â/etc/letsencrypt/live/erp.example.com/fullchain.pemâ: BIO_new_file() faile d (SSL: error:02001002:system library:fopen:No such file or directory:fopen(â/et c/letsencrypt/live/erp.example.com/fullchain.pemâ,ârâ) error:2006D080:BIO routin es:BIO_new_file:no such file)
May 22 17:33:13 systemd[1]: nginx.service: control process exite d, code=exited status=1
May 22 17:33:13 systemd[1]: Failed to start nginx - high perform ance web server.
May 22 17:33:13 systemd[1]: Unit nginx.service entered failed st ate.
May 22 17:33:13 systemd[1]: nginx.service failed.
My main concern is not with nginx. I would say I can fix the issue in nginx config file. However, I want to get SSL working for my server. So the issue could be in this error (from my original post):
OSError: Command /opt/eff.org/certbot/venv/bin/python2.7 - setuptools pip wheel failed with error code 1
Traceback (most recent call last):
File ââ, line 27, in
File ââ, line 19, in create_venv
File â/usr/lib64/python2.7/subprocess.pyâ, line 542, in check_call raise CalledProcessError(retcode, cmd) > subprocess.CalledProcessError: Command â[âvirtualenvâ, ââno-site-packagesâ, ââpythonâ, â/bin/python2.7â, â/opt/eff.org/certbot/venvâ]â returned non-zero exit status 1
So how can I get this command sudo -H bench setup lets-encrypt erp.domain.com works successfully?
In my experience, you command would only work if you had previously renamed the site1.local site to your erp.domain.com.
However, if you used the bench setup add-domain command to get your erp.domain.com to be recognized, then you would need to change your syntax.
If site1.local still exists as a directory in the ~/frappe-bench/sites/ location then you might want to try this version of the Letâs Encrypt command:
When doing it this way you do not have to rename the site directory and you can easily change the URL reference if you needed to without upsetting the system.
sudo wget https://raw.githubusercontent.com/frappe/bench/develop/install.py sudo python3 install.py --production --site erp.domain.com --user erpnext --bench-name erpnext-prd --verbose Then the software installed successfully. No failed tasks. All services are working cd /home/erpnext/erpnext-prd sudo bench config dns_multitenant on sudo -H bench setup lets-encrypt erp.domain.com
I would say that the issue is related to packages compatibility. But I really donât know how to deal with these things as I am new to linux. I am trying to read here an there with no luck.
I think the issue was because bench uses virtualenv v16.x while Certbot script needs virtualenv v15.x to work in case it was run using Python 2. So I fixed the issue in two ways:
Uninstalled virtualenv V16 and ran the certbot-script from the original path
sudo /opt/certbot-auto --renew
In this case, I had to configure the nginx.conf file and set the auto renewal in cron job.
The other way is to force the certbot to be run using Python3 as per the following steps:
cd /opt/
sudo wget https://dl.eff.org/certbot-auto
USE_PYTHON_3=1 /opt/certbot-auto --version //this command will create the venv using python 3