我有一个运行 Amazon Linux 版本 2(Karoo)的 EC2 VM,我该如何获取certbot
?
它附带awscli
安装的工具,这些工具似乎与certbot
epel 中的不兼容:
$ sudo bash
# yum install -y epel-release
# yum-config-manager --enable epel
# yum install certbot certbot-dns-route53
# certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d mysite.com
An unexpected error occurred:
ContextualVersionConflict: (botocore 1.13.36 (/usr/lib/python2.7/site-packages), Requirement.parse('botocore<1.6.0,>=1.5.0'), set(['boto3']))
Please see the logfile '/tmp/tmpVO1RPd/log' for more details.
这里简要讨论一下:https://community.letsencrypt.org/t/contextualversionconflict-botocore-1-12-92/94922和这里:https://unix.stackexchange.com/questions/415874/certbot-and-awscli-require-different-versions-of-botocore/456362#456362但这些修复对我来说不起作用(并且我想同时拥有 awscli)。
因此我尝试将其安装在 Python venv 中,这样我就可以拥有 certbot 和 awscli,但我得到了这个:
$ sudo bash
# yum install pip
# pip install virtualenv
# virtualenv env
# source env/bin/activate
# pip install certbot certbot-dns-route53
# certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d mysite.com
Traceback (most recent call last):
File "/home/ec2-user/certbot-venv/env/bin/certbot", line 5, in <module>
from certbot.main import main
File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/certbot/main.py", line 2, in <module>
from certbot._internal import main as internal_main
File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/certbot/_internal/main.py", line 21, in <module>
from certbot._internal import cert_manager
File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/certbot/_internal/cert_manager.py", line 16, in <module>
from certbot._internal import storage
File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/certbot/_internal/storage.py", line 79, in <module>
def add_time_interval(base_time, interval, textparser=parsedatetime.Calendar()):
File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/parsedatetime/__init__.py", line 270, in __init__
self.ptc = Constants()
File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/parsedatetime/__init__.py", line 2381, in __init__
self.locale = get_icu(self.localeID)
File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/parsedatetime/pdt_locales/icu.py", line 56, in get_icu
result['icu'] = icu = pyicu.Locale(locale)
AttributeError: 'module' object has no attribute 'Locale'
有人知道该怎么修复吗?我尝试安装一些与 Locale 相关的东西,但还是没成功。
答案1
Python 3
这对我有用:
yum groupinstall -y "Development Tools"
yum install -y python3-devel libicu-devel
python3 -m venv /opt/certbot-venv
cd /opt/certbot-venv
source bin/activate
pip install --upgrade certbot certbot-dns-route53 pyicu-binary
然后运行它:
source /opt/certbot-venv/bin/activate
certbot renew ...
Python 2
警告:这将为你提供旧版本的 certbot
这可能是依赖库“parsedatetime”中的一个错误。我有一个补丁https://github.com/bear/parsedatetime/issues/251这为我解决了这个问题。
以下现在对我有用:
yum install -y python-pip
pip install --upgrade pip
pip install virtualenv pipenv
mkdir /opt/certbot-venv && cd /opt/certbot-venv
virtualenv .
source bin/activate
pip install --upgrade certbot certbot-dns-route53 pyicu-binary
cat >parsedatetime-patch <<'END'
index e09f517..c6f277d 100644
--- a/parsedatetime/pdt_locales/icu.py
+++ b/parsedatetime/pdt_locales/icu.py
@@ -12,13 +12,7 @@ try:
except NameError:
pass
-try:
- import icu as pyicu
-except ImportError:
- try:
- import PyICU as pyicu
- except ImportError:
- pyicu = None
+import PyICU as pyicu
def icu_object(mapping):
END
( cd lib/python2.7/site-packages ; git apply ../../../parsedatetime-patch )
(我想知道使用 pip 将 parsedatetime 降级到旧版本是否比修补其源更可靠,但这对我来说有效。)
答案2
我切换到 CentOS 7(https://aws.amazon.com/marketplace/pp/B00O7WM7QW),根据@Michael Hampton 的建议,它几乎可以开箱即用。
以下几乎有效:
$ sudo bash
# yum install -y awscli certbot certbot-dns-route53
# certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d myapp.com
An unexpected error occurred:
DistributionNotFound: futures>=2.2.0,<4.0.0
# yum install python2-pip
# pip install futures
# certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d myapp.com
... now works
# aws sts get-caller-identity
... also works
... 实际上,awscli 的版本yum
相当旧,缺少一些 AWS 命令。我已通过 pip 重新安装了它,它是一个较新的版本。
但后来我得到了https://github.com/certbot/certbot/issues/6328
AttributeError: 'module' object has no attribute 'pyopenssl'