home-assistant/addons

Let's Encrypt: unexpected EOF while looking for matching `''

Ezor opened this issue · 47 comments

Ezor commented

Describe the issue you are experiencing

Today, I wanted to renew my HA certificate and I get this error during Let's Encrypt start up :

s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[19:45:16] INFO: Selected http verification
./run: line 317: unexpected EOF while looking for matching `''
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped

Here is my Let's Encrypt configuration :

domains:
  - mydomain.freeboxos.fr
email: my.email.address@me.com
keyfile: privkey.pem
certfile: fullchain.pem
challenge: http
dns: {}

I use the port 8881 for HTTP challenge.

I did not changed anything to the configuration and/or port forwarding since the last update of my certificat 3 month ago.

Do you have any idea of what is happening here ?

What type of installation are you running?

Home Assistant OS

Which operating system are you running on?

Home Assistant Operating System

Which add-on are you reporting an issue with?

Let's Encrypt

What is the version of the add-on?

5.2.2

Steps to reproduce the issue

  1. Start Let's Encrypt
  2. Obtain the error : ./run: line 317: unexpected EOF while looking for matching `''

System Health information

Home Assistant Community Store

GÉRER
GitHub API ok
GitHub Content ok
GitHub Web ok
GitHub API Calls Remaining 4957
Installed Version 1.34.0
Stage running
Available Repositories 1433
Downloaded Repositories 5
Home Assistant Cloud

GÉRER
Connecté false
Accéder au serveur de certificats ok
Accéder au serveur d'authentification ok
Accéder à Home Assistant Cloud ok
Home Assistant Supervisor

Système d'exploitation hôte Home Assistant OS 13.1
Canal de mise à jour stable
Version du Supervisor supervisor-2024.10.2
Version de l'agent 1.6.0
Version de Docker 26.1.4
Taille total du disque 97.7 GB
Taille du disque utilisé 7.3 GB
Sain true
Prise en charge true
host_connectivity true
supervisor_connectivity true
ntp_synchronized true
virtualization kvm
Tableau de bord generic-aarch64
API du Supervisor ok
Version de l'API ok
Modules complémentaires installés Let's Encrypt (5.2.2), File editor (5.8.0)
Dashboards

GÉRER
Tableaux de bord 2
Ressources 0
Vues 6
Mode storage
Recorder

Heure de démarrage de l'exécution la plus ancienne 1 octobre 2024 à 18:24
Heure de démarrage de l'exécution actuelle 14 octobre 2024 à 19:39
Taille estimée de la base de données (en Mio) 186.86 MiB
Moteur de la base de données sqlite
Version de la base de données 3.45.3

Anything in the Supervisor logs that might be useful for us?

No response

Anything in the add-on logs that might be useful for us?

No response

Additional information

No response

I have the same issue (using rfc2136 provider).

I also have this issue

I'm getting the same error, although I have Cloudflare DNS provider. This is strange as looking at the run script it seems like I should have seen additional logging messages related to the Cloudflare selection before the script even got to line 317. These are my logs:

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[20:49:04] INFO: Selected DNS Provider: dns-cloudflare
[20:49:04] INFO: Use propagation seconds: 60
./run: line 317: unexpected EOF while looking for matching `''
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped

I also have this issue

I have tried to re-install the addon without any luck.

My log:

[22:35:06] INFO: Selected http verification
./run: line 317: unexpected EOF while looking for matching `''
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped

Same error here, even after uninstall / reinstall

Same issue here.

Same issue here, reverted to previous version and that works without an issue.

Hello,

Same issue here, reverted to previous version and that works without an issue.

Can you tell me how did you do the rollback ?

Thanks in advance.

For resolution, line 159 seams to miss a double quote.

    PROVIDER_ARGUMENTS+=("--authenticator" "${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" /data/dnsapikey" "--${DNS_PROVIDER}-propagation-seconds" "${PROPAGATION_SECONDS}")

The fix was submitted here: #3800
You can revert by using an add-on backup. I just did it, and it works.

same here. after reverting back to 5.2.1 all OK.

The fix was submitted here: #3800 You can revert by using an add-on backup. I just did it, and it works.

Can't revert if you are doing a new install. New installs of this addon currently result in a broken addon. I see the fix submitted but does not appear to yet be merged :-(

Is there a way to peg the version of the add-on to 5.2.1 to unblock new installs? It seems as if all new installs will be broken and there is no current way to mitigate.

Facing the same issue using DNS challenge.

Addon Version: 5.2.2

Just chiming in - I've encountered the same issue and the version rollback is a good (temporary) workaround for now

same issue here

sam issue here

same here!

Same here!

Same here new installation, http Challenge

same issue for me !

I changed my DNS provider
I switch from DuckDNS to noIP and I still have the same problem

Today, I tried to renew the certificate for Home Assistant, but it didn’t work with Let’s Encrypt version 5.2.2. I received the same error message, so I reverted back to version 5.2.1, and then it worked.

Same for me

Tagging @dim-0 in case you wanna help merge this fix. Or apply the fix yourself.

same issue for me on version: 5.2.2

New install for me last night. So addon is pretty much broken until the fix is merged. I'd rather wait for the fix than have to change my process. I can do without Google integrations for now.

With 5.2.2 i have still the same issue.

./run: line 317: unexpected EOF while looking for matching `''

How is it possible that this could happen?
Sorry, we have 2024 and all programming tools have a syntax check included that will flag a critical issue like this while testing - I'm programming tools in a semiconductor company and our designers would kill us when we would release a software with an easy to discover bug like this.

There are a lot of people relying on this tool and many may not even look here immediately expecting they did the mistake!

is there a way from CLI to revert to the 5.2.1 version and start the working version of the container

How is it possible that this could happen? Sorry, we have 2024 and all programming tools have a syntax check included that will flag a critical issue like this while testing - I'm programming tools in a semiconductor company and our designers would kill us when we would release a software with an easy to discover bug like this.

There are a lot of people relying on this tool and many may not even look here immediately expecting they did the mistake!

It's my fault, and I'm feeling both deeply sorry and embarassed that this happened, especiall because the root cause is that stupid. I could now try to give explanations, excuses and reasons of different kinds, but this unfortunately won't help anyone either.

As soon as I noticed the error, I raised the bugfix in #3800 and wait for it to be merged.

Up until then I can only excuse to everybody for all the different issues that this fuckup has caused and all the time wasted on investigating the issue. I have learnt my lesson.

Ah typos happen Bro. Thanks for taking responsibility & don't let the internets get you down. Glad I can stop trying to fix it now and get on with my day. What timeframe are you working with before a patch is pushed-out to resolve this?

Thank you for your kind words. However, @chichi1967 is right in the point that nowadays with the available tools this kind of errors must not go unnoticed. I'm to blame for not paying enough attention and choosing 'auto-merge' in the PR before doing proper QA.

The patch is available in #3800, ready to be merged. I don't know the timeline, though; I don't have write access, since I'm just a random contributor, who wanted to extend this add-on for good.
I hope it will be merged soon, though.

@dim-0 Stuff Happens, lessons are learned, and if nothing else this should show you how important your stuff is to the HA community. :) Seriously, thanks for donating your time to help improve all of our lives.

Hey @agners can you help validate this PR a lot of us are block because of the previous PR you validated.

thanks

Would be helpful to have this fixed ASAP. I didn't have an automation to renew my cert and it expires in 1 day so I'm kind of sol until this is fixed.

Would be helpful to have this fixed ASAP. I didn't have an automation to renew my cert and it expires in 1 day so I'm kind of sol until this is fixed.

Mine has been down for 3 days now :D

>> FIXED <<

Found a quick fix on this post of the Hassio french community forum:
Go to Settings > Systems > Backups
and restore an old version of the addon

Run the working version and your certificate is renewed!

Quick solution:

  1. Remove the add-on.
  2. Clone this repo and checkout commit for previous version (ed0f4e9).
  3. Copy the addon in your machine running home assistant (for instance, using scp) as it was a custom addon (https://developers.home-assistant.io/docs/add-ons/tutorial/)
  4. Install your new addon

Thank Google for pointing me towards this issue eventually (it is embarrassingly common despite all our advances in tooling).

I thought it was a potential issue with the TransIp provider for this add-on, but now I know it is a harmless mistake that's going to be fixed soon.

6str commented

same here

same here

Yep. Here also the same issue

Quick solution:

1. Remove the add-on.

2. Clone this repo and checkout commit for previous version ([ed0f4e9](https://github.com/home-assistant/addons/commit/ed0f4e9dcc143f646dbca17c12f2fa5c9063f234)).

3. Copy the addon in your machine running home assistant (for instance, using scp) as it was a custom addon (https://developers.home-assistant.io/docs/add-ons/tutorial/)

4. Install your new addon

Hi, not sure if I understand what needs to be done going for this option, since I have a fresh installation so no backups. Where can I read more about installing previous version?

Thanks,
Bruno

Quick solution:

1. Remove the add-on.

2. Clone this repo and checkout commit for previous version ([ed0f4e9](https://github.com/home-assistant/addons/commit/ed0f4e9dcc143f646dbca17c12f2fa5c9063f234)).

3. Copy the addon in your machine running home assistant (for instance, using scp) as it was a custom addon (https://developers.home-assistant.io/docs/add-ons/tutorial/)

4. Install your new addon

Hi, not sure if I understand what needs to be done going for this option, since I have a fresh installation so no backups. Where can I read more about installing previous version?

Thanks, Bruno

If you have a fresh installation, you can't install a previous version. You have to wait for the fix.

Quick solution:

1. Remove the add-on.

2. Clone this repo and checkout commit for previous version ([ed0f4e9](https://github.com/home-assistant/addons/commit/ed0f4e9dcc143f646dbca17c12f2fa5c9063f234)).

3. Copy the addon in your machine running home assistant (for instance, using scp) as it was a custom addon (https://developers.home-assistant.io/docs/add-ons/tutorial/)

4. Install your new addon

Hi, not sure if I understand what needs to be done going for this option, since I have a fresh installation so no backups. Where can I read more about installing previous version?
Thanks, Bruno

If you have a fresh installation, you can't install a previous version. You have to wait for the fix.

That is not what was meant in the quoted Quick Solution. This solution (which I imagine would work) is not to restore the add-on from a previous backup as others have suggested, but rather to download the previous version that worked from this github, physically transfer it over to your HA install and then add it as a "Local Add-on" instead of the version from the "Add-on Store". You'd then have to uninstall THAT and re-install the Store version once it is fixed.

Fixed by #3800, sorry about the delay!

Sorry. Does not seem to be fixed. I just did a first time install of Let's Encrypt. Version 5.2.2 was installed. I set it up to a Godaddy DNS authentication and get the following error in the log. My web search brings me to this bug report.

s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
[16:19:39] INFO: Selected DNS Provider: dns-godaddy
[16:19:39] INFO: Use propagation seconds: 60
./run: line 317: unexpected EOF while looking for matching `''
s6-rc: info: service legacy-services successfully started
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped

@trv-in-3d version 5.2.3 has the fix.
5.2.2 is the one with the bug.
At least after updating to 5.2.3 the add-on appears to function as normal.