+

+# cbwrapper updates Certbot, checks out the latest tagged version (as

+# opposed to the latest commit on master), configures the virtual

+# environment, then passes all of its arguments to the real certbot.

+

+# Unlike certbot-auto, this script does not need to be run as root,

+# but you lose some of the versatility that comes from the fact that

+# certbot-auto has been tested on countless hosts and configurations.

+

+# NOTE: do not use set -eu in this script, because we can't guarantee

+# that venv/bin/activate, which runs in the same shell, is "eu-clean".

+

+# Debian:

+# # apt-get install ca-certificates dialog build-essential \

+# >                 python python-dev python-setuptools \

+# >                 libaugeas0 augeas-lenses libssl-dev libffi-dev

+# # easy_install --upgrade pip virtualenv

+

+# Debian and OpenBSD:

+# # groupadd certbot_

+# # useradd -md /etc/letsencrypt -s /bin/sh -g certbot_ certbot_

+# # mkdir -p /var/lib/letsencrypt /var/log/letsencrypt

+# # chown -R certbot_:certbot_ /var/lib/letsencrypt

+# # chown -R certbot_:certbot_ /var/log/letsencrypt

+# # ( crontab -lu certbot_; echo '13 13 * * * cbwrapper ...' ) | \

+# >   crontab -u certbot_ -

+

+old_directory="$(pwd)"

+run_directory=~/.cbwrapper

+

+mkdir -p "$run_directory"                        && \

+cd "$run_directory"                              && \

+git clone https://github.com/certbot/certbot     || true

+

+cd "$run_directory/certbot"                      && \

+git fetch                                        && \

+git fetch --tags                                 && \

+git checkout master                              && \

+git checkout "$(git describe --abbrev=0)"        && \

+rm -rf venv venv.*.bak                           && \

+tools/venv.sh                                    && \

+. venv/bin/activate                              && \

+cd "$old_directory"                              && \