search

dlapiduz / certbot-s3front

Certbot CLI plugin for S3/CloudFront validation and installation
MIT License
584 stars 70 forks source link

[source] ImportError: No module named interface #20

Closed Rjs37 closed 8 years ago

Rjs37 commented 8 years ago

I'm currently trying to generate a certificate with this plugin for my S3 bucket which is being used solely as a CDN (just image files) being served from a subdomain on my website.

This is running on a Laravel Forge server where letsencrypt had already been installed and then used to generate a certificate for a domain on the server. This is something that Forge handled itself.

Due to this, I was going off what was said in #8 and ran the source command prior to installing s3front, but when I try to generate the certificate I receive the following error:

Traceback (most recent call last):
  File "/usr/local/bin/letsencrypt", line 7, in <module>
    from letsencrypt.cli import main
  File "/usr/local/lib/python2.7/dist-packages/letsencrypt/cli.py", line 18, in <module>
    import zope.component
  File "/usr/local/lib/python2.7/dist-packages/zope/component/__init__.py", line 16, in <module>
    from zope.interface import Interface
ImportError: No module named interface

Any suggestions? I've got no prior experience with using source/virtualenv. Should I be installing any other pip packages under source?

I also previously managed to manually generate a certificate for my S3 bucket using the below command:

sudo -H /root/letsencrypt/letsencrypt-auto certonly -a manual -d $bucket --rsa-key-size 2048 --server https://acme-v01.api.letsencrypt.org/directory --agree-tos --manual-public-ip-logging-ok

I had to obviously upload that manually using awscli but that's not very practical. Would rather be able to get a less manual solution in place and this seemed like an ideal solution. Especially if the auto renew will work.

andreas-venturini commented 8 years ago

Try uninstalling any previous installations of the plugin 

pip uninstall letsencrypt-s3front && pip uninstall letsencrypt

Then reinstall by using the workaround command mentioned in #8:

source /home/<username>/.local/share/letsencrypt/bin/activate
git clone https://github.com/dlapiduz/letsencrypt-s3front.git
cd letsencrypt-s3front
python setup.py install

After, create cf-letsencrypt.sh in your home folder with the following contents:

source /home/<username>/.local/share/letsencrypt/bin/activate

AWS_ACCESS_KEY_ID=XXXXXXXXXX \
AWS_SECRET_ACCESS_KEY=XXXXXXXXXXX \
letsencrypt --agree-tos -a letsencrypt-s3front:auth \
--letsencrypt-s3front:auth-s3-bucket <s3-bucket-name> \
--letsencrypt-s3front:auth-s3-region <bucket-region> \
-i letsencrypt-s3front:installer \
--letsencrypt-s3front:installer-cf-distribution-id <cf-id> \
-d <domain>

After, run bash cf-letsencrypt.sh (depending on your distribution you might have to grant your user write access to the letsencrypt log file)

Rjs37 commented 8 years ago

Cheers for baring with me. I've found what my main problem was!

Laravel Forge during the server config turns off the ability to access the server over SSH via root and instead sets up a user called forge to use.

The install commands needed root access so I was prepending them with sudo not realizing that was conflicting with / overriding the source command.

By using sudo -s to switch to root first, I was then able to run the install commands as source, and after that it worked fine under root. And cheers for the tip about write access, I've just come up against that when running it under the forge user!

Might be worth adding a note to the docs that the install (or at least the workaround) should be done under root. Also slight typo in your workaround: 

cd letsencrypt-s3front

Thanks again!