unix:letsencrypt:recoveringfrombrokeninstall
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | unix:letsencrypt:recoveringfrombrokeninstall [2016/09/25 23:35] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== LetsEncrypt - recovering from bad install ====== | ||
+ | The script for installing LetsEncrypt can break, especially if you do not watch for errors on your own system. For example, one of our techs did not notice the package installation failed on one of the installs, which resulted in an unusable system. | ||
+ | |||
+ | **NOTE**: The server itself was ok, and no services were affected, but certbot was not able to request or install certificates. After we fixed the errors, attempts to reinstall failed as the installer found the partial install and assumed all was still go. No " | ||
+ | |||
+ | The installation locations are not well documented, but we were able to locate enough of it so we could return the system to a fairly pristine state. Basically ran | ||
+ | <code bash> | ||
+ | find / -name letsencrypt -o -name certbot | ||
+ | </ | ||
+ | to figure out what to do. | ||
+ | |||
+ | <WRAP center round alert 60%> | ||
+ | Do not run the following script if you have successfully installed a certificate via certbot. certbot " | ||
+ | < | ||
+ | </ | ||
+ | |||
+ | Anyway, it did the full, but broken, install. No instructions anyplace | ||
+ | for how to remove it (it will only install dependencies if it is not | ||
+ | installed already). So, I ran | ||
+ | |||
+ | <code bash> | ||
+ | rm -fRv / | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | Once I did that, it appears to have been cleanly uninstalled. | ||
+ | |||
+ | To completely remove the system (**untested**) | ||
+ | <code bash remove_certbot.sh> | ||
+ | cd / | ||
+ | ./ | ||
+ | rm -fRv / | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | ===== Case Study ===== | ||
+ | |||
+ | This is what happened with us. One of the techs did the install but missed a message from apt (debian system) that a repository was missing. The install script continues, but you end up with an unusable certbot install. | ||
+ | |||
+ | I tried rerunning the installer, deleting, then re-downloading the installer, | ||
+ | |||
+ | ./ | ||
+ | ./ | ||
+ | No libaugeas0 version is available that's new enough to run the | ||
+ | |||
+ | These do NOT stop the install; it just continues on, but creating a | ||
+ | broken install. So, I removed it all again and fixed the lsb and libaugeas0 problems with the following: | ||
+ | |||
+ | <code bash fix.sh> | ||
+ | echo 'deb http:// | ||
+ | apt-get update | ||
+ | apt-get install -y lsb-release | ||
+ | </ | ||
+ | |||
+ | **Note:** wheezy-backports has a newer version of libaugeas0, which is required for correct operation of certbot. |
unix/letsencrypt/recoveringfrombrokeninstall.txt · Last modified: 2016/09/25 23:35 by 127.0.0.1