certbot/tests/letstest/scripts/test_letsencrypt_auto_certonly_standalone.sh

#!/bin/bash -x
set -eo pipefail

# $PUBLIC_IP $PRIVATE_IP $PUBLIC_HOSTNAME are dynamically set at execution

# with curl, instance metadata available from EC2 metadata service:
#public_host=$(curl -s http://169.254.169.254/2014-11-05/meta-data/public-hostname)
#public_ip=$(curl -s http://169.254.169.254/2014-11-05/meta-data/public-ipv4)
#private_ip=$(curl -s http://169.254.169.254/2014-11-05/meta-data/local-ipv4)

cd letsencrypt
LE_AUTO_DIR="/usr/local/bin"
LE_AUTO_PATH="$LE_AUTO_DIR/letsencrypt-auto"
sudo cp letsencrypt-auto-source/letsencrypt-auto "$LE_AUTO_PATH"
sudo chown root "$LE_AUTO_PATH"
sudo chmod 0755 "$LE_AUTO_PATH"
export PATH="$LE_AUTO_DIR:$PATH"

# Since certbot-auto is deprecated, we expect certbot-auto to error and
# refuse to install Certbot.
set +o pipefail
if ! letsencrypt-auto --debug --version | grep "Certbot cannot be installed."; then
    echo "letsencrypt-auto didn't report being uninstallable."
    exit 1
fi
if [ ${PIPESTATUS[0]} != 1 ]; then
    echo "letsencrypt-auto didn't exit with status 1 as expected"
    exit 1
fi
initial commit of scripts 2015-12-04 09:32:24 -05:00			`#!/bin/bash -x`
Test farm improvements (#5088) * prevent regressions of #5082 * Fix test_leauto_upgrades.sh test_leauto_upgrades.sh has been incorrectly been succeeding because while peep doesn't work with newer versions of pip and letsencrypt-auto would crash, the output included the version number so we reported the test as passing. This updates letsencrypt-auto to the oldest version that still works for the purpose of the test and sets pipefail so errors are properly reported. * Test symlink creation in test_leauto_upgrades.sh * Pin dependencies in test_sdists.sh. * Fix permissions errors in test_tests.sh 2017-09-07 20:54:40 -04:00			`set -eo pipefail`
initial commit of scripts 2015-12-04 09:32:24 -05:00
Fix test farm tests by using a local Pebble instance (#8561) [As discussed in Mattermost](https://opensource.eff.org/eff-open-source/pl/yhtp4qu4zpfczm5wxmzxhndrto), our Apache test farm tests are failing because the CA certificate in the old version of boulder we have pinned expired over the weekend. This PR fixes that by running a local Pebble instance instead of an external boulder instance. * switch from external boulder to local pebble * add --http-01-port to run_acme_server 2020-12-22 13:24:20 -05:00			`# $PUBLIC_IP $PRIVATE_IP $PUBLIC_HOSTNAME are dynamically set at execution`
passing in instance data as environment variables 2015-12-04 17:35:57 -05:00
			`# with curl, instance metadata available from EC2 metadata service:`
			`#public_host=$(curl -s http://169.254.169.254/2014-11-05/meta-data/public-hostname)`
			`#public_ip=$(curl -s http://169.254.169.254/2014-11-05/meta-data/public-ipv4)`
			`#private_ip=$(curl -s http://169.254.169.254/2014-11-05/meta-data/local-ipv4)`
initial commit of scripts 2015-12-04 09:32:24 -05:00
WIP 2016-12-23 02:07:00 -05:00			`cd letsencrypt`
Print warning when certbot-auto has insecure permissions. (#6995) This PR attempts to better inform people about the problem identified at https://community.letsencrypt.org/t/certbot-auto-deployment-best-practices/91979/. I was hesitant to add the flag --no-permissions-check, however, if there's some obscure distro out there (or custom user setup) that has a strange users and groups, I didn't want us to either: Have to put out a bug fix release Refuse to fix the problem and let them deal with warnings on every run * add check_permissions.py * Update letsencrypt-auto.template. * build letsencrypt-auto * Add test_permissions_warnings to auto_test * Allow uid/gid < 1000. * Add --no-permissions-check to Certbot. * Add --no-permissions-check to certbot-auto. * Add test farm test that letsencrypt-auto is quiet. As a bonus, this new test will catch problems like the one that the caused 0.33.1 point release. * Update CHANGELOG about permissions check. * Update permissions comment. * Fix symlink handling. * Use a better default in auto_test.py. 2019-04-30 13:45:03 -04:00			`LE_AUTO_DIR="/usr/local/bin"`
			`LE_AUTO_PATH="$LE_AUTO_DIR/letsencrypt-auto"`
			`sudo cp letsencrypt-auto-source/letsencrypt-auto "$LE_AUTO_PATH"`
			`sudo chown root "$LE_AUTO_PATH"`
			`sudo chmod 0755 "$LE_AUTO_PATH"`
			`export PATH="$LE_AUTO_DIR:$PATH"`

Completely deprecate certbot-auto (#8489) Fixes #8296 * Completely deprecate certbot-auto * Add changelog 2020-12-07 18:18:00 -05:00			`# Since certbot-auto is deprecated, we expect certbot-auto to error and`
			`# refuse to install Certbot.`
			`set +o pipefail`
			`if ! letsencrypt-auto --debug --version \| grep "Certbot cannot be installed."; then`
			`echo "letsencrypt-auto didn't report being uninstallable."`
Move venv symlink check out of leauto_upgrades. (#6830) * Move venv symlink check out of leauto_upgrades. * Add back double venv check. 2019-04-10 21:24:32 -04:00			`exit 1`
			`fi`
Completely deprecate certbot-auto (#8489) Fixes #8296 * Completely deprecate certbot-auto * Add changelog 2020-12-07 18:18:00 -05:00			`if [ ${PIPESTATUS[0]} != 1 ]; then`
			`echo "letsencrypt-auto didn't exit with status 1 as expected"`
Print warning when certbot-auto has insecure permissions. (#6995) This PR attempts to better inform people about the problem identified at https://community.letsencrypt.org/t/certbot-auto-deployment-best-practices/91979/. I was hesitant to add the flag --no-permissions-check, however, if there's some obscure distro out there (or custom user setup) that has a strange users and groups, I didn't want us to either: Have to put out a bug fix release Refuse to fix the problem and let them deal with warnings on every run * add check_permissions.py * Update letsencrypt-auto.template. * build letsencrypt-auto * Add test_permissions_warnings to auto_test * Allow uid/gid < 1000. * Add --no-permissions-check to Certbot. * Add --no-permissions-check to certbot-auto. * Add test farm test that letsencrypt-auto is quiet. As a bonus, this new test will catch problems like the one that the caused 0.33.1 point release. * Update CHANGELOG about permissions check. * Update permissions comment. * Fix symlink handling. * Use a better default in auto_test.py. 2019-04-30 13:45:03 -04:00			`exit 1`
			`fi`