Antsle Forum

Welcome to our Antsle community! This forum is to connect all Antsle users to post experiences, make user-generated content available for the entire community and more. 

Please note: This forum is about discussing one specific issue at a time. No generalizations. No judgments. Please check the Forum Rules before posting. If you have specific questions about your Antsle and expect a response from our team directly, please continue to use the appropriate channels (email: [email protected]) so every inquiry is tracked. 

Please or Register to create posts and topics.

Installing certbot on the antsle (not antlets)

lancem@lancem
210 Posts
#1 · December 29, 2018, 11:37 am

I've setup the nignx reverse proxy thing to route http/https traffic based on the site name. I'd like to keep my letsencrypt certs on the antsle so they can be renewed/maintained in one place.

But when I try to install certbot, I get alot of hassle about packages being masked and profile deprecated, etc.

Has anyone got certbot installed?

 

Script started on Sat 29 Dec 2018 01:27:54 PM CST
[1m[7m#[27m[1m[0m [0m[27m[24m[J[32mroot[39m@[31mmyantsle[39m:[34m~[39m # [K[?2004heemerge -av app-crypt/certbot-nginx[?2004l
]0;emerge[31;01m
!!! Your current profile is deprecated and not supported anymore.[39;49;00m
[31;01m!!! Use eselect profile to update your profile.[39;49;00m
[31;01m!!! Please upgrade to the following profile if possible:[39;49;00m

[32;01mdefault/linux/amd64/17.0/no-multilib[39;49;00m

You may use the following command to upgrade:

[32meselect profile set default/linux/amd64/17.0/no-multilib[39;49;00m

[33;01m * IMPORTANT:[39;49;00m 8 news items need reading for repository 'gentoo'.
[33;01m *[39;49;00m Use [32;01meselect news read[39;49;00m to view new items.

[33;01m* IMPORTANT:[39;49;00m 2 config files in '/etc/portage' need updating.
[33;01m*[39;49;00m See the [32mCONFIGURATION FILES[39;49;00m and [32mCONFIGURATION FILES UPDATE TOOLS[39;49;00m
[33;01m*[39;49;00m sections of the [01memerge[39;49;00m man page to learn how to update config files.

[32mThese are the packages that would be merged, in order:[39;49;00m

Calculating dependencies- \ \ / | / - \ - / | / \ \ | | / / | \ | | / \ / | \ | | | | / \ - - | \ \ \ \ | | | - | | / \ | - - / - | - / \ / \ \ / \ \ - \ \ \ / \ | / / / / \ \ - - \ | \ | | \ / / | / | | - \ / / - \ \ / / / \ / | / \ / - - - | \ | / / / / - \ / - \ / \ / \ \ - - \ \ / - - \ \ | - | / / \ / - \ | / / \ | \ / / / - / \ - - / - | \ \ \ / - \ \ \ / \ - - / | - - / | / / | \ / | \ - \ - \ - / / | / - - / | \ / / | | - - | - \ - \ | - | / / - \ / - / \ / \ / - | - / | / - / - \ - - / / | - | - \ \ / \ | / | \ - \ - - | - / \ - | / \ - | | \ - | - \ \ - / - \ \ - | \ / \ / \ | - - | - / | - - | / / / \ \ - \ / | - | \ - | - - / | / | \ / / \ - | - \ | \ / / | - / | - - | - \ / | - \ - - | | \ \ \ | - \ - \ \ \ \ | / / | \ | | / \ / - | \ \ - / - - \ \ / | - | \ / | | | | \ \ / - / \ - | - - \ - / - - | | \ - | | | | | / / \ | \ - / | - / / - | | \ - / / / - / / / | | \ \ / - / - - \ - \ - | | / / \ - | | - / - - \ - \ / / | - | | - - / | / | \ / - / - - \ \ - - / / / - \ | / / - \ | | \ / | - \ / | - - | | - | | / / - / / \ - - \ - \ - - - | | \ | \ | | - - / / - | | \ - / | \ - | | \ | | - | - - | - - / | | | / / \ | / \ - \ | - | | \ \ - - | | / | | \ \ \ \ / | - / / \ \ / / / \ - \ \ \ \ | / \ | / / \ | \ - / / | | / | | / | | / - | - - / | / \ \ - / / | - | \ / \ / / / / - | - - \ \ \ \ | / - | / - | \ \ \ / - / \ / \ | - \ \ | / | / - \ - \ / / - / | - / - \ / - \ | | | \ | | / | \ - - - | | / / \ | | / - | / | | - / \ / - | | / | - / - - \ | / \ | \ - - \ / / \ / \ - - / / - - | - - - - - - | | - / \ \ | | / \ | / / \ | | \ | \ | | | - - \ \ / \ - \ | - | - \ / \ | \ / - \ | - - \ - - / \ - \ \ / \ / \ | / - - - / - | / - | / \ - \ / | | - / | \ \ / - | | \ - | - - \ / | - | | \ / - / / / \ | - - | / | \ \ \ / - | / \ - \ \ / - - / | - | - - \ - - - \ \ | - | \ | - \ | \ / / / | | \ \ - / | | - / / / - | | | | / / / \ / \ | - \ | - - - \ | - - / / - | | \ - / | \ - | / - - | - | - - | - - / | \ / | | | / | - / | - / \ | \ / - - | / - \ \ / |... done!

WARNING: One or more updates/rebuilds have been skipped due to a dependency conflict:

dev-python/six:0

([32mdev-python/six-1.11.0:0/0::gentoo[39;49;00m, ebuild scheduled for merge) conflicts with
dev-python/six[python_targets_python2_7(-),python_targets_python3_4(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] required by ([34mdev-python/packaging-16.8:0/0::gentoo[39;49;00m, installed)

>=dev-python/six-1.5[python_targets_python2_7(-),python_targets_python3_4(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] required by ([34mdev-python/python-dateutil-2.4.2-r1:0/0::gentoo[39;49;00m, installed)

>=dev-python/six-1.10.0[python_targets_python2_7(-),python_targets_python3_4(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] required by ([34mdev-python/setuptools-34.0.2-r1:0/0::gentoo[39;49;00m, installed)

>=dev-python/six-1.4[python_targets_python2_7(-),python_targets_python3_4(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-),-python_single_target_python3_7(-)] required by ([34mdev-python/unittest2-1.1.0:0/0::gentoo[39;49;00m, installed)

The following packages are causing rebuilds:

([32msys-libs/zlib-1.2.11-r2:0/1::gentoo[39;49;00m, ebuild scheduled for merge) causes rebuilds for:
([32mdev-lang/python-3.4.8:3.4/3.4m::gentoo[39;49;00m, ebuild scheduled for merge)
([32mmedia-libs/openjpeg-2.3.0:2/7::gentoo[39;49;00m, ebuild scheduled for merge)
([32mdev-lang/python-2.7.15:2.7/2.7::gentoo[39;49;00m, ebuild scheduled for merge)
([32mdev-libs/libxml2-2.9.8:2/2::gentoo[39;49;00m, ebuild scheduled for merge)
([32mapp-text/ghostscript-gpl-9.25:0/0::gentoo[39;49;00m, ebuild scheduled for merge)
([32mnet-misc/openssh-7.7_p1-r9:0/0::gentoo[39;49;00m, ebuild scheduled for merge)
([32mx11-libs/libpciaccess-0.14:0/0::gentoo[39;49;00m, ebuild scheduled for merge)
([32mmedia-libs/libpng-1.6.34:0/16::gentoo[39;49;00m, ebuild scheduled for merge)

The following [31;01mkeyword changes[39;49;00m are necessary to proceed:
(see "package.accept_keywords" in the portage(5) man page for more details)
# required by app-crypt/certbot-nginx-0.27.1::gentoo
# required by app-crypt/certbot-nginx (argument)
[32m=app-crypt/acme-0.28.0 ~amd64[39;49;00m
[01m
Would you like to add these changes to your config files?[39;49;00m [[32;01mYes[39;49;00m/[31;01mNo[39;49;00m] Y

Autounmask changes successfully written.

[33;01m* IMPORTANT:[39;49;00m 3 config files in '/etc/portage' need updating.
[33;01m*[39;49;00m See the [32mCONFIGURATION FILES[39;49;00m and [32mCONFIGURATION FILES UPDATE TOOLS[39;49;00m
[33;01m*[39;49;00m sections of the [01memerge[39;49;00m man page to learn how to update config files.

[33;01m*[39;49;00m In order to avoid wasting time, backtracking has terminated early
[33;01m*[39;49;00m due to the above autounmask change(s). The --autounmask-backtrack=y
[33;01m*[39;49;00m option can be used to force further backtracking, but there is no
[33;01m*[39;49;00m guarantee that it will produce a solution.

!!! [31;01mAll ebuilds that could satisfy [39;49;00m[32m">=dev-python/six-1.9.0[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)]"[39;49;00m[31;01m have been masked.[39;49;00m
!!! One of the following masked packages is required to complete your request:
- dev-python/six-1.11.0::gentoo (masked by: backtracking: slot conflict)
- dev-python/six-1.10.0::gentoo (masked by: backtracking: slot conflict)

(dependency required by "[32mapp-crypt/acme-0.28.0::gentoo[39;49;00m" [ebuild])
(dependency required by "[32mapp-crypt/certbot-nginx-0.27.1::gentoo[39;49;00m" [ebuild])
(dependency required by "[32mapp-crypt/certbot-nginx[39;49;00m" [argument])
For more information, see the MASKED PACKAGES section in the emerge
man page or refer to the Gentoo Handbook.

]0;root@:~[1m[7m#[27m[1m[0m [0m[27m[24m[J[32mroot[39m@[31mmyantsle[39m:[34m~[39m # [K[?2004h[?2004l

Script done on Sat 29 Dec 2018 01:29:37 PM CST

Click for thumbs down.0Click for thumbs up.0
barduino@barduino
20 Posts
#2 · January 10, 2019, 8:27 am

Same here...

Just gave up.

What I do to get the certs on nginx is to point to the directory inside the antlet, something like this

server {

  listen 443 ssl;

  ssl on;

  ssl_certificate /antlets/plex/etc/letsencrypt/live/yyy.xxx.net/fullchain.pem;

  ssl_certificate_key /antlets/plex/etc/letsencrypt/live/yyy.xxx.net/privkey.pem;
Click for thumbs down.0Click for thumbs up.0
lancem@lancem
210 PostsTopic Author
#3 · January 10, 2019, 5:51 pm

Thanks.  I guess I can do that for my LXCs, but I don't think it'll work for KVMs.

Click for thumbs down.0Click for thumbs up.0
barduino@barduino
20 Posts
#4 · January 11, 2019, 4:25 am

Yes, very manual process and not ideal at all.

Click for thumbs down.0Click for thumbs up.0
TheGarnet@thegarnet
16 Posts
#5 · January 5, 2021, 10:36 pm

I gave up on Certbot.

I was able to get GetSSL bash script to get the Let's Encrypt SSL crt and keys for me.

Click for thumbs down.0Click for thumbs up.1
lancem has reacted to this post.
lancem
narsters@narsters
1 Post
#6 · April 21, 2021, 5:21 pm

How did you get the GetSSL bash script to work, I get an error:

getssl: this script requires one of: dig nslookup drill host

Maybe need to upgrade edgeLinux?

Click for thumbs down.0Click for thumbs up.0