Error during install-letsencrypt-cert.sh: virtualenv: error: unrecognized arguments: --no-site-packages

Dear All,
installed Jitsi Meet on Debian 10 testing, everything smoothly till install of letsencrypt certificate, yielding error described in brief in subject (the details are listed below).

Is there any workaround for this issue?
Many thanks! MS

Creating virtual environment…
usage: virtualenv [–version] [–with-traceback] [-v | -q] [–app-data APP_DATA] [–clear-app-data] [–discovery {builtin}] [-p py] [–creator {builtin,cpython2-posix}] [–seeder {app-data,pip}] [–no-seed] [–activators comma_sep_list]
[–clear] [–system-site-packages] [–symlinks | --copies] [–download | --no-download] [–extra-search-dir d [d …]] [–msgpack version] [–urllib3 version] [–html5lib version] [–progress version] [–requests version]
[–pyparsing version] [–pkg_resources version] [–webencodings version] [–appdirs version] [–six version] [–contextlib2 version] [–lockfile version] [–idna version] [–pep517 version] [–CacheControl version]
[–setuptools version] [–colorama version] [–retrying version] [–certifi version] [–wheel version] [–packaging version] [–chardet version] [–distlib version] [–pytoml version] [–pip version] [–distro version]
[–no-msgpack] [–no-urllib3] [–no-html5lib] [–no-progress] [–no-requests] [–no-pyparsing] [–no-pkg_resources] [–no-webencodings] [–no-appdirs] [–no-six] [–no-contextlib2] [–no-lockfile] [–no-idna] [–no-pep517]
[–no-CacheControl] [–no-setuptools] [–no-colorama] [–no-retrying] [–no-certifi] [–no-wheel] [–no-packaging] [–no-chardet] [–no-distlib] [–no-pytoml] [–no-pip] [–no-distro] [–symlink-app-data] [–prompt prompt]
[-h]
dest
virtualenv: error: unrecognized arguments: --no-site-packages
Traceback (most recent call last):
File “”, line 27, in
File “”, line 19, in create_venv
File “/usr/lib/python2.7/subprocess.py”, line 190, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘[‘virtualenv’, ‘–no-site-packages’, ‘–python’, ‘/usr/bin/python2.7’, ‘/opt/eff.org/certbot/venv’]’ returned non-zero exit status 2

Looks like a certbot-auto issue. Can you try running the command again?

Whoa, how comes that certbox tries to use python2! certbot is now python3 compatible and python2 is obsolete. Python3 should be installed by default, did you remove it ? if python3 don’t work on your system, do a sudo apt install python3 and retry.

Hi, thanks for reply!
I have checked Python3 and repeated the command (see below)
Python3 is installed, maybe some problem with jitsi repository, but otherwise same error:

sudo apt install python3
[sudo] password for shiva:
Reading package lists… Done
Building dependency tree
Reading state information… Done
python3 is already the newest version (3.8.2-3).
python3 set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

sudo certbot-auto
Bootstrapping dependencies for Debian-based OSes… (you can skip this with --no-bootstrap)
Hit:1 http://deb.debian.org/debian buster InRelease
Hit:2 http://security.debian.org/debian-security testing-security InRelease
Hit:3 https://repo.skype.com/deb stable InRelease
Hit:4 http://deb.debian.org/debian testing InRelease
Hit:5 https://updates.signal.org/desktop/apt xenial InRelease
Hit:6 http://deb.debian.org/debian buster-backports InRelease
Hit:7 http://ftp.debian.org/debian testing InRelease
Hit:9 https://packages.riot.im/debian buster InRelease
Ign:8 https://dl.bintray.com/etcher/debian stable InRelease
Get:10 https://dl.bintray.com/etcher/debian stable Release [3,674 B]
Ign:12 https://download.jitsi.org unstable/ InRelease
Get:13 https://download.jitsi.org unstable/ Release [985 B]
Get:14 https://download.jitsi.org unstable/ Release.gpg [581 B]
Ign:14 https://download.jitsi.org unstable/ Release.gpg
Reading package lists… Done
W: GPG error: https://download.jitsi.org unstable/ Release: Detached signature file ‘/var/lib/apt/lists/partial/download.jitsi.org_unstable_Release.gpg’ is in unsupported binary format
E: The repository ‘https://download.jitsi.org unstable/ Release’ is no longer signed.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
apt-get update hit problems but continuing anyway…
Reading package lists… Done
Building dependency tree
Reading state information… Done
ca-certificates is already the newest version (20190110).
python-virtualenv is already the newest version (15.1.0+ds-2).
augeas-lenses is already the newest version (1.12.0-2).
libaugeas0 is already the newest version (1.12.0-2).
gcc is already the newest version (4:9.2.1-3.1).
libffi-dev is already the newest version (3.3-4).
libssl-dev is already the newest version (1.1.1f-1).
openssl is already the newest version (1.1.1f-1).
python is already the newest version (2.7.17-2).
python-dev is already the newest version (2.7.17-2).
virtualenv is already the newest version (20.0.17-1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Creating virtual environment…
usage: virtualenv [–version] [–with-traceback] [-v | -q] [–app-data APP_DATA] [–clear-app-data] [–discovery {builtin}] [-p py] [–creator {builtin,cpython2-posix}] [–seeder {app-data,pip}] [–no-seed] [–activators comma_sep_list]
[–clear] [–system-site-packages] [–symlinks | --copies] [–download | --no-download] [–extra-search-dir d [d …]] [–msgpack version] [–urllib3 version] [–html5lib version] [–progress version] [–requests version]
[–pyparsing version] [–pkg_resources version] [–webencodings version] [–appdirs version] [–six version] [–contextlib2 version] [–lockfile version] [–idna version] [–pep517 version] [–CacheControl version]
[–setuptools version] [–colorama version] [–retrying version] [–certifi version] [–wheel version] [–packaging version] [–chardet version] [–distlib version] [–pytoml version] [–pip version] [–distro version]
[–no-msgpack] [–no-urllib3] [–no-html5lib] [–no-progress] [–no-requests] [–no-pyparsing] [–no-pkg_resources] [–no-webencodings] [–no-appdirs] [–no-six] [–no-contextlib2] [–no-lockfile] [–no-idna] [–no-pep517]
[–no-CacheControl] [–no-setuptools] [–no-colorama] [–no-retrying] [–no-certifi] [–no-wheel] [–no-packaging] [–no-chardet] [–no-distlib] [–no-pytoml] [–no-pip] [–no-distro] [–symlink-app-data] [–prompt prompt]
[-h]
dest
virtualenv: error: unrecognized arguments: --no-site-packages
Traceback (most recent call last):
File “”, line 27, in
File “”, line 19, in create_venv
File “/usr/lib/python2.7/subprocess.py”, line 190, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘[‘virtualenv’, ‘–no-site-packages’, ‘–python’, ‘/usr/bin/python2.7’, ‘/opt/eff.org/certbot/venv’]’ returned non-zero exit status 2

on my Debian 10 testing both python2 and python3 are installed
found online the command for checking dependencies, cannot find “virtualenv” with python2 but with v3, however without any dependencies indicated, so virtualenv obviously uses still python2.
How to change that?

apt rdepends python3 --installed
python3
Reverse Depends:

Depends: python3-lib2to3 (>= 3.7.1-1~)
Depends: python3-distutils (<< 3.8)
Depends: virtualenv
Depends: python3-virtualenv
** Dep**ends: python3-reportlab-accel (>= 3.7~)
Depends: python3-reportlab-accel (<< 3.8)

Yuck, why is it using python 2 ??
Try with USE_PYTHON_3 certbot-auto

can you please write me precise command? (use_python_3 certbot-auto) is not recognized…(I am not that advanced)

well yeah sorry about that I wrote too fast, it’s
USE_PYTHON_3=1 certbot-auto
it’s an environement variable.

Many thanks!
now another error:

Creating virtual environment…
Traceback (most recent call last):
File “”, line 27, in
File “”, line 23, in create_venv
File “/usr/lib/python3.8/subprocess.py”, line 364, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘[’/usr/bin/python3’, ‘-m’, ‘venv’, ‘/opt/eff.org/certbot/venv’]’ returned non-zero exit status 1.

yuck !!
try sudo rm /opt/eff.org -rf and try again
if it fails, try with the --verbose flag.

almost there!!!
terminal went through endless pages, I confirmed my domain at letsencrypt, however something with “nginx restart failed”:

Calling registered functions
Cleaning up challenges
Exiting abnormally:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
load_entry_point(‘letsencrypt==0.7.0’, ‘console_scripts’, ‘letsencrypt’)()
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/main.py”, line 15, in main
return internal_main.main(cli_args)
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/_internal/main.py”, line 1347, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/_internal/main.py”, line 1100, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/_internal/main.py”, line 121, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/_internal/client.py”, line 410, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/_internal/client.py”, line 344, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/_internal/client.py”, line 391, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/_internal/auth_handler.py”, line 70, in handle_authorizations
resps = self.auth.perform(achalls)
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot_nginx/_internal/configurator.py”, line 1119, in perform
self.restart()
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot_nginx/_internal/configurator.py”, line 916, in restart
nginx_restart(self.conf(‘ctl’), self.nginx_conf)
File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot_nginx/_internal/configurator.py”, line 1187, in nginx_restart
raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: nginx restart failed:
b’’
b’’
nginx restart failed:
b’’
b’’

yes nginx has a configuration that letsencrypt does not understand, it tries to modify it but the result is invalid and nginx does not restart. Did you install nginx yourself or was it installed by jitsi ?
Anyway, now that the script actually creates certificates, take care to not restart it blindly since there is a rate limit at Let’sEncrypt server. If you are in a hurry, you can grab the certificates from
/etc/letsencrypt/live/yoururl.tld/
and setup nginx yourself, but it would be nice to understand what went wrong and maybe post an issue to jitsi tracker (or certbot tracker if this has nothing to do with jitsi as may very well be possible)

Thanks a lot!
I am honestly not advanced, so did not install nginx by myself but simply followed instructions step by step online.

Is there any simple workaround?

I am not in hurry but simply want to use my own jitsi-meet instance (…) - and for sure I am not able to setup nginx myself… so if you have time to forward some commands or links how to do that, I would be more than happy

Err, I asked if nginx was installed automatically by jitsi, a case where it’s somehow unlikely that it would fail since it’s supposed to be tested by jitsi developers, versus nginx installed by yourself, and your reply is not totally clear: if you followed instructions found on the internet, you did setup the nginx config files by yourself, no ?

I simply followed the youtube video:

so I am quite confident now that I did NOT setup nginx config files by myself

Huh, sorry I don’t have time to look at a video. Trouble with videos are that they are not as easy to update as a text documentation; let me see, it was posted 2 years ago, there was lot of changes since this time. Use the text tutorial that was updated 10 days ago.

I am aware of that page, too (checked it afterwards), everything went smoothly:
apt-get -y install jitsi-meet

afterwards came installation of the certificate, so I dont know if nginx or apache are now running on my system

I have now repeated the command and simply searched for all errors (pasted below), apache cannot be found, so I assume nginx is the reason. Are there any FAQs out there how to fix/setup manually nginx with Jitsi-Meet?

certbot.errors.NoInstallationError: Cannot find Apache executable apache2ctl
Single candidate plugin: * nginx

File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot/util.py”, line 458, in enforce_le_validity
raise errors.ConfigurationError(
certbot.errors.ConfigurationError: _ contains an invalid character. Valid characters are A-Z, a-z, 0-9, ., and -.

# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot_nginx/_internal/configurator.py”, line 1187, in nginx_restart
raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: nginx restart failed:
b’’
b’’

File “/opt/eff.org/certbot/venv/lib/python3.8/site-packages/certbot_nginx/_internal/configurator.py”, line 1187, in nginx_restart
raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: nginx restart failed:
b’’
b’’
nginx restart failed:
b’’
b’’

are you trying to create a domain name with an underscore in it ? it’s not allowed by DNS standards: my-server.mydomain.com is valid, my_server.mydomain.com is not.

I am using xxxxx.duckdns.org, with x being 7 lowercase letters followed by a 4 digit number, no underscore etc