use certbot instead of letsencrypt-auto
bubbl opened this issue · comments
Why do you use why not use Letsencrypt github repo instead of CentOS native certbot package?
Name : certbot
Arch : noarch
Version : 0.9.3
Release : 1.el7
Size : 16 k
Repo : epel/x86_64
Summary : A free, automated certificate authority client
URL : https://pypi.python.org/pypi/certbot
License : ASL 2.0
Description : certbot is a free, automated certificate authority that aims
: to lower the barriers to entry for encrypting all HTTP traffic on the internet.
Think it would be a better solution and less stuff would be unintentionally installed/upgraded as it is done now.
by unintentional/unneeded upgrades I mean e.g. Apache update.
On Apache 2.2:
Feb 16 11:58:53 Installed: bc-1.06.95-1.el6.x86_64
Feb 16 11:58:53 Installed: epel-release-6-8.noarch
Feb 16 11:59:16 Updated: openssl-1.0.1e-48.el6_8.3.x86_64
Feb 16 11:59:18 Updated: python-libs-2.6.6-66.el6_8.x86_64
Feb 16 11:59:18 Updated: python-2.6.6-66.el6_8.x86_64
Feb 16 11:59:18 Installed: python-setuptools-0.6.10-3.el6.noarch
Feb 16 11:59:18 Installed: 1:tk-8.5.7-5.el6.x86_64
Feb 16 11:59:18 Installed: 1:tix-8.4.3-5.el6.x86_64
Feb 16 11:59:18 Installed: tkinter-2.6.6-66.el6_8.x86_64
Feb 16 11:59:19 Installed: python-devel-2.6.6-66.el6_8.x86_64
Feb 16 11:59:19 Updated: httpd-tools-2.2.15-56.el6.centos.3.x86_64
Feb 16 11:59:19 Updated: httpd-2.2.15-56.el6.centos.3.x86_64
Feb 16 11:59:19 Installed: libsepol-devel-2.0.41-4.el6.x86_64
Feb 16 11:59:19 Installed: libselinux-devel-2.0.94-7.el6.x86_64
Feb 16 11:59:19 Installed: zlib-devel-1.2.3-29.el6.x86_64
Feb 16 11:59:19 Installed: keyutils-libs-devel-1.4-5.el6.x86_64
Feb 16 11:59:19 Installed: krb5-devel-1.10.3-57.el6.x86_64
Feb 16 11:59:20 Installed: openssl-devel-1.0.1e-48.el6_8.3.x86_64
Feb 16 11:59:20 Updated: 1:mod_ssl-2.2.15-56.el6.centos.3.x86_64
Feb 16 11:59:20 Installed: python-virtualenv-1.10.1-1.el6.noarch
Feb 16 11:59:20 Installed: python-tools-2.6.6-66.el6_8.x86_64
Feb 16 11:59:20 Installed: python-pip-7.1.0-1.el6.noarch
Feb 16 11:59:21 Installed: augeas-libs-1.0.0-10.el6.x86_64
Feb 16 11:59:21 Installed: redhat-rpm-config-9.0.3-51.el6.centos.noarch
Feb 16 11:59:21 Installed: libffi-devel-3.0.5-3.2.el6.x86_64
On Apache 2.4:
Feb 16 13:25:56 Installed: bc-1.06.95-13.el7.x86_64
Feb 16 13:25:56 Installed: epel-release-7-9.noarch
Feb 16 13:26:25 Updated: zlib-1.2.7-17.el7.x86_64
Feb 16 13:26:25 Updated: libgcc-4.8.5-11.el7.x86_64
Feb 16 13:26:25 Installed: mpfr-3.1.1-4.el7.x86_64
Feb 16 13:26:26 Updated: libsepol-2.5-6.el7.x86_64
Feb 16 13:26:26 Updated: libselinux-2.5-6.el7.x86_64
Feb 16 13:26:26 Updated: systemd-libs-219-30.el7_3.6.x86_64
Feb 16 13:26:29 Updated: systemd-219-30.el7_3.6.x86_64
Feb 16 13:26:29 Installed: libmpc-1.0.1-3.el7.x86_64
Feb 16 13:26:30 Installed: 1:tk-8.5.13-6.el7.x86_64
Feb 16 13:26:30 Updated: libffi-3.0.13-18.el7.x86_64
Feb 16 13:26:30 Installed: 1:tix-8.4.3-12.el7.x86_64
Feb 16 13:26:32 Installed: cpp-4.8.5-11.el7.x86_64
Feb 16 13:26:32 Installed: libsepol-devel-2.5-6.el7.x86_64
Feb 16 13:26:32 Installed: zlib-devel-1.2.7-17.el7.x86_64
Feb 16 13:26:32 Updated: libgomp-4.8.5-11.el7.x86_64
Feb 16 13:26:32 Installed: pcre-devel-8.32-15.el7_2.1.x86_64
Feb 16 13:26:32 Installed: libselinux-devel-2.5-6.el7.x86_64
Feb 16 13:26:34 Updated: ca-certificates-2015.2.6-73.el7.noarch
Feb 16 13:26:34 Updated: 1:openssl-libs-1.0.1e-60.el7.x86_64
Feb 16 13:26:34 Updated: krb5-libs-1.14.1-27.el7_3.x86_64
Feb 16 13:26:36 Updated: python-libs-2.7.5-48.el7.x86_64
Feb 16 13:26:36 Updated: python-2.7.5-48.el7.x86_64
Feb 16 13:26:36 Installed: tkinter-2.7.5-48.el7.x86_64
Feb 16 13:26:36 Installed: python-backports-1.0-8.el7.x86_64
Feb 16 13:26:36 Installed: python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch
Feb 16 13:26:37 Installed: python-setuptools-0.9.8-4.el7.noarch
Feb 16 13:26:37 Installed: python-devel-2.7.5-48.el7.x86_64
Feb 16 13:26:37 Installed: libkadm5-1.14.1-27.el7_3.x86_64
Feb 16 13:26:37 Updated: 1:openssl-1.0.1e-60.el7.x86_64
Feb 16 13:26:37 Updated: httpd-tools-2.4.6-45.el7.centos.x86_64
Feb 16 13:26:38 Updated: httpd-2.4.6-45.el7.centos.x86_64
Feb 16 13:26:38 Installed: perl-srpm-macros-1-8.el7.noarch
Feb 16 13:26:38 Installed: dwz-0.11-3.el7.x86_64
Feb 16 13:26:38 Installed: libverto-devel-0.2.5-4.el7.x86_64
Feb 16 13:26:38 Installed: keyutils-libs-devel-1.5.8-3.el7.x86_64
Feb 16 13:26:38 Installed: krb5-devel-1.14.1-27.el7_3.x86_64
Feb 16 13:26:38 Installed: 1:openssl-devel-1.0.1e-60.el7.x86_64
Feb 16 13:26:38 Installed: redhat-rpm-config-9.1.0-72.el7.centos.noarch
Feb 16 13:26:38 Updated: mod_ldap-2.4.6-45.el7.centos.x86_64
Feb 16 13:26:39 Updated: 1:mod_ssl-2.4.6-45.el7.centos.x86_64
Feb 16 13:26:39 Installed: python-virtualenv-1.10.1-3.el7.noarch
Feb 16 13:26:39 Installed: python2-pip-8.1.2-5.el7.noarch
Feb 16 13:26:40 Installed: python-tools-2.7.5-48.el7.x86_64
Feb 16 13:26:40 Updated: systemd-sysv-219-30.el7_3.6.x86_64
Feb 16 13:26:43 Installed: gcc-4.8.5-11.el7.x86_64
Feb 16 13:26:43 Installed: libffi-devel-3.0.13-18.el7.x86_64
Feb 16 13:26:43 Updated: libselinux-utils-2.5-6.el7.x86_64
Feb 16 13:26:43 Installed: augeas-libs-1.4.0-2.el7.x86_64
Hi Bart, the thing is we have various of containers running in production since 2011, installation of LE from github works for most of them, moreover the plan was to make this LE package compatible with any distribution, not only centos (for latest versions)
I agree, when I started to modify the script I remembered there are dinosaurs that do not have certbot in repos...