Package: certbot Version: 0.31.0-1 Severity: wishlist Dear Maintainer,
as discussed in https://github.com/certbot/certbot/issues/7584 Debian packages don't run `certbot plugins --prepare` in postinst, thus some important configuration files are missing in /etc/letsencrypt. This is not a problem when the user uses built-in nginx/apache plugin directly, as that one handles the situation itself, but becomes problematic, if the user generates configuration from templates (the upstream tools have no way of configuring that) or does some other special thing. >From the discussion I learned that the content of those files depends on versions of installed packages. Thus, I propose to run the command in postinst of certbot and add triggers to re-run it when nginx, apache, python3-certbot-nginx, python3-certbot-apache or openssl updates. I'm not sure if it's better to use activates update-certbot directive in those five packages or add file-based triggers to certbot. I think you're more experienced in deciding that and I don't care about this detail at all. People could implement monitoring by themselves, but it might be useful having it in Debian directly in order to avoid duplication. For the record, I've previously sent an e-mail wit similar wording to the Debian Letsencrypt team. Harlan Lieberman-Berg replied saying it's a good idea and asked me to file this bug. Notable change between that e-mail and this report is addition of the plugins to the list of triggering packages as I expect them to be important too and forgot to mention them previously. -- System Information: Debian Release: 10.3 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.100-1.pvops.qubes.x86_64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages certbot depends on: ii python3 3.7.3-1 ii python3-certbot 0.31.0-1 certbot recommends no packages. Versions of packages certbot suggests: pn python-certbot-doc <none> pn python3-certbot-apache <none> ii python3-certbot-nginx 0.31.0-1 -- no debconf information