mirror of
https://github.com/certbot/certbot.git
synced 2026-01-21 19:01:07 +03:00
54c74a6d2f
the letsencrypt-auto script was missing the sudo parameter on call to ExperimentalBootstrap for amazon linux. also added comment to mac entry to clarify why it lacks the parameter
206 lines
7.5 KiB
Bash
Executable File
206 lines
7.5 KiB
Bash
Executable File
#!/bin/sh -e
|
|
#
|
|
# A script to run the latest release version of the Let's Encrypt in a
|
|
# virtual environment
|
|
#
|
|
# Installs and updates the letencrypt virtualenv, and runs letsencrypt
|
|
# using that virtual environment. This allows the client to function decently
|
|
# without requiring specific versions of its dependencies from the operating
|
|
# system.
|
|
|
|
# Note: you can set XDG_DATA_HOME or VENV_PATH before running this script,
|
|
# if you want to change where the virtual environment will be installed
|
|
XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share}
|
|
VENV_NAME="letsencrypt"
|
|
VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"}
|
|
VENV_BIN=${VENV_PATH}/bin
|
|
# The path to the letsencrypt-auto script. Everything that uses these might
|
|
# at some point be inlined...
|
|
LEA_PATH=`dirname "$0"`
|
|
BOOTSTRAP=${LEA_PATH}/bootstrap
|
|
|
|
# This script takes the same arguments as the main letsencrypt program, but it
|
|
# additionally responds to --verbose (more output) and --debug (allow support
|
|
# for experimental platforms)
|
|
for arg in "$@" ; do
|
|
# This first clause is redundant with the third, but hedging on portability
|
|
if [ "$arg" = "-v" ] || [ "$arg" = "--verbose" ] || echo "$arg" | grep -E -- "-v+$" ; then
|
|
VERBOSE=1
|
|
elif [ "$arg" = "--debug" ] ; then
|
|
DEBUG=1
|
|
fi
|
|
done
|
|
|
|
# letsencrypt-auto needs root access to bootstrap OS dependencies, and
|
|
# letsencrypt itself needs root access for almost all modes of operation
|
|
# The "normal" case is that sudo is used for the steps that need root, but
|
|
# this script *can* be run as root (not recommended), or fall back to using
|
|
# `su`
|
|
if test "`id -u`" -ne "0" ; then
|
|
if command -v sudo 1>/dev/null 2>&1; then
|
|
SUDO=sudo
|
|
else
|
|
echo \"sudo\" is not available, will use \"su\" for installation steps...
|
|
# Because the parameters in `su -c` has to be a string,
|
|
# we need properly escape it
|
|
su_sudo() {
|
|
args=""
|
|
# This `while` loop iterates over all parameters given to this function.
|
|
# For each parameter, all `'` will be replace by `'"'"'`, and the escaped string
|
|
# will be wrap in a pair of `'`, then append to `$args` string
|
|
# For example, `echo "It's only 1\$\!"` will be escaped to:
|
|
# 'echo' 'It'"'"'s only 1$!'
|
|
# │ │└┼┘│
|
|
# │ │ │ └── `'s only 1$!'` the literal string
|
|
# │ │ └── `\"'\"` is a single quote (as a string)
|
|
# │ └── `'It'`, to be concatenated with the strings followed it
|
|
# └── `echo` wrapped in a pair of `'`, it's totally fine for the shell command itself
|
|
while [ $# -ne 0 ]; do
|
|
args="$args'$(printf "%s" "$1" | sed -e "s/'/'\"'\"'/g")' "
|
|
shift
|
|
done
|
|
su root -c "$args"
|
|
}
|
|
SUDO=su_sudo
|
|
fi
|
|
else
|
|
SUDO=
|
|
fi
|
|
|
|
ExperimentalBootstrap() {
|
|
# Arguments: Platform name, boostrap script name, SUDO command (iff needed)
|
|
if [ "$DEBUG" = 1 ] ; then
|
|
if [ "$2" != "" ] ; then
|
|
echo "Bootstrapping dependencies for $1..."
|
|
if [ "$3" != "" ] ; then
|
|
"$3" "$BOOTSTRAP/$2"
|
|
else
|
|
"$BOOTSTRAP/$2"
|
|
fi
|
|
fi
|
|
else
|
|
echo "WARNING: $1 support is very experimental at present..."
|
|
echo "if you would like to work on improving it, please ensure you have backups"
|
|
echo "and then run this script again with the --debug flag!"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
DeterminePythonVersion() {
|
|
if command -v python2.7 > /dev/null ; then
|
|
export LE_PYTHON=${LE_PYTHON:-python2.7}
|
|
elif command -v python27 > /dev/null ; then
|
|
export LE_PYTHON=${LE_PYTHON:-python27}
|
|
elif command -v python2 > /dev/null ; then
|
|
export LE_PYTHON=${LE_PYTHON:-python2}
|
|
elif command -v python > /dev/null ; then
|
|
export LE_PYTHON=${LE_PYTHON:-python}
|
|
else
|
|
echo "Cannot find any Pythons... please install one!"
|
|
fi
|
|
|
|
PYVER=`$LE_PYTHON --version 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//'`
|
|
if [ $PYVER -eq 26 ] ; then
|
|
ExperimentalBootstrap "Python 2.6"
|
|
elif [ $PYVER -lt 26 ] ; then
|
|
echo "You have an ancient version of Python entombed in your operating system..."
|
|
echo "This isn't going to work; you'll need at least version 2.6."
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
|
|
# virtualenv call is not idempotent: it overwrites pip upgraded in
|
|
# later steps, causing "ImportError: cannot import name unpack_url"
|
|
if [ ! -d $VENV_PATH ]
|
|
then
|
|
if [ ! -f $BOOTSTRAP/debian.sh ] ; then
|
|
echo "Cannot find the letsencrypt bootstrap scripts in $BOOTSTRAP"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -f /etc/debian_version ] ; then
|
|
echo "Bootstrapping dependencies for Debian-based OSes..."
|
|
$SUDO $BOOTSTRAP/_deb_common.sh
|
|
elif [ -f /etc/redhat-release ] ; then
|
|
echo "Bootstrapping dependencies for RedHat-based OSes..."
|
|
$SUDO $BOOTSTRAP/_rpm_common.sh
|
|
elif `grep -q openSUSE /etc/os-release` ; then
|
|
echo "Bootstrapping dependencies for openSUSE-based OSes..."
|
|
$SUDO $BOOTSTRAP/_suse_common.sh
|
|
elif [ -f /etc/arch-release ] ; then
|
|
if [ "$DEBUG" = 1 ] ; then
|
|
echo "Bootstrapping dependencies for Archlinux..."
|
|
$SUDO $BOOTSTRAP/archlinux.sh
|
|
else
|
|
echo "Please use pacman to install letsencrypt packages:"
|
|
echo "# pacman -S letsencrypt letsencrypt-apache"
|
|
echo
|
|
echo "If you would like to use the virtualenv way, please run the script again with the"
|
|
echo "--debug flag."
|
|
exit 1
|
|
fi
|
|
elif [ -f /etc/manjaro-release ] ; then
|
|
ExperimentalBootstrap "Manjaro Linux" manjaro.sh "$SUDO"
|
|
elif [ -f /etc/gentoo-release ] ; then
|
|
ExperimentalBootstrap "Gentoo" _gentoo_common.sh "$SUDO"
|
|
elif uname | grep -iq FreeBSD ; then
|
|
ExperimentalBootstrap "FreeBSD" freebsd.sh "$SUDO"
|
|
elif uname | grep -iq Darwin ; then
|
|
ExperimentalBootstrap "Mac OS X" mac.sh # homebrew doesn't normally run as root
|
|
elif grep -iq "Amazon Linux" /etc/issue ; then
|
|
ExperimentalBootstrap "Amazon Linux" _rpm_common.sh "$SUDO"
|
|
else
|
|
echo "Sorry, I don't know how to bootstrap Let's Encrypt on your operating system!"
|
|
echo
|
|
echo "You will need to bootstrap, configure virtualenv, and run a pip install manually"
|
|
echo "Please see https://letsencrypt.readthedocs.org/en/latest/contributing.html#prerequisites"
|
|
echo "for more info"
|
|
fi
|
|
|
|
DeterminePythonVersion
|
|
echo "Creating virtual environment..."
|
|
if [ "$VERBOSE" = 1 ] ; then
|
|
virtualenv --no-site-packages --python $LE_PYTHON $VENV_PATH
|
|
else
|
|
virtualenv --no-site-packages --python $LE_PYTHON $VENV_PATH > /dev/null
|
|
fi
|
|
else
|
|
DeterminePythonVersion
|
|
fi
|
|
|
|
|
|
printf "Updating letsencrypt and virtual environment dependencies..."
|
|
if [ "$VERBOSE" = 1 ] ; then
|
|
echo
|
|
$VENV_BIN/pip install -U setuptools
|
|
$VENV_BIN/pip install -U pip
|
|
$VENV_BIN/pip install -r "$LEA_PATH"/py26reqs.txt -U letsencrypt letsencrypt-apache
|
|
# nginx is buggy / disabled for now, but upgrade it if the user has
|
|
# installed it manually
|
|
if $VENV_BIN/pip freeze | grep -q letsencrypt-nginx ; then
|
|
$VENV_BIN/pip install -U letsencrypt letsencrypt-nginx
|
|
fi
|
|
else
|
|
$VENV_BIN/pip install -U setuptools > /dev/null
|
|
printf .
|
|
$VENV_BIN/pip install -U pip > /dev/null
|
|
printf .
|
|
# nginx is buggy / disabled for now...
|
|
$VENV_BIN/pip install -r "$LEA_PATH"/py26reqs.txt > /dev/null
|
|
printf .
|
|
$VENV_BIN/pip install -U letsencrypt > /dev/null
|
|
printf .
|
|
$VENV_BIN/pip install -U letsencrypt-apache > /dev/null
|
|
if $VENV_BIN/pip freeze | grep -q letsencrypt-nginx ; then
|
|
printf .
|
|
$VENV_BIN/pip install -U letsencrypt-nginx > /dev/null
|
|
fi
|
|
echo
|
|
fi
|
|
|
|
# Explain what's about to happen, for the benefit of those getting sudo
|
|
# password prompts...
|
|
echo "Running with virtualenv:" $SUDO $VENV_BIN/letsencrypt "$@"
|
|
$SUDO $VENV_BIN/letsencrypt "$@"
|