#bash script from automation quietly failing

1 messages · Page 1 of 1 (latest)

woeful jetty
#

Trying to automate ssl cert renewal - the script works fine when ran manually via terminal add-on, but when trying to run it from an automation it says" Action ran successfully" but the script doesn't run.

automation:

description: ""
triggers:
  - trigger: calendar
    entity_id: calendar.calendar_my_local
    event: start
    offset: "0:0:0"
    id: trigger1
conditions:
  - condition: template
    value_template: "{{ trigger1.calendar_event.summary == 'SSL Certificate Renewal' }}"
actions:
  - action: shell_command.renew_ssl_certificate
    data: {}
mode: single```

**configuration.yaml entry:**
```shell_command:
  renew_ssl_certificate: /bin/bash /root/homeassistant/certbot/renewSSL.sh```

**bash script (anonymised):**
```#!/bin/bash

#renew certificate
certbot --manual certonly --preferred-challenges dns -d "haos.mydomain.com" --email myemail@mailprovider.com

#Saving debug log to /var/log/letsencrypt/letsencrypt.log

#migrate files

cp /etc/letsencrypt/archive/haos.mydomain.com/cert1.pem /root/homeassistant/certbot/cert.pem
cp /etc/letsencrypt/archive/haos.mydomain.com/chain1.pem /root/homeassistant/certbot/chain.pem
cp /etc/letsencrypt/archive/haos.mydomain.com/fullchain1.pem /root/homeassistant/certbot/fullchain.pem
cp /etc/letsencrypt/archive/haos.mydomain.com/privkey1.pem /root/homeassistant/certbot/privkey.pem```
#

(file permissions should be fine)

image.png
remote lintel
#

I doubt your home assistant instance can access to root folder?

#

is it HAOS or docker or how are you running HA?

#

I think usually scripts are placed inside the /config/ folder, but not fully sure what HA can access

woeful jetty
#

haos, installed from the (vmware) .ova

remote lintel
#

HA is running in docker container, afaik and it most probably cannot access to /root

#

For HAOS there should be some letsencrypt addons available

https://community.home-assistant.io/t/automate-lets-encrypt-certificate-renewals/509668

Home Assistant Community
Automate Let's Encrypt Certificate Renewals

This guide (with commentary) is meant to provide one way to manually configure automatic renewal (with a later automatic HA restart, as necessary) of your Let’s Encrypt certificate via the HAOS GUI after initial configuration has been completed. This guide is fairly complicated and may seem daunting, but completing it could teach you multiple n...

woeful jetty
#

no clue why this tangleweb exists but I'm sure there's a good reason

#

I'll try moving things around

woeful jetty
#

but I tried a few methods to getting it to work in the first place and just certboting from command line was the only one that worked

remote lintel
#

Okay, I cannot say how it should be done correctly. I'm using nginx reverse proxy to create https connection

#

I think it is also commonly used as addon

https://theprivatesmarthome.com/how-to/set-up-nginx-proxy-manager-in-home-assistant/

The Private Smart Home
How to Set Up Nginx Proxy Manager in Home Assistant

If you wish to have secure connections to Home Assistant, you may set up a reverse proxy for Home Assistant. Secure connections are required for certain features such as Z-Wave Smart Start. There is a NGINX Home Assistant SSL proxy add-on but it does not generate any certificates. By using the Nginx Proxy Manager add-on, it can handle generating...

woeful jetty
woeful jetty
proper grove
#

There is no variable named trigger1

#

Use a script or remove the condition to get everything working first, then you can focus on the automation part of the problem afterwards

woeful jetty
#

though I ended up just yeeting the summary part and making a dedicated calendar and using a second script that runs via ASWT to get this to work