As described in the forum thread.
certbot renew seems to break because the certfiles in /config/auth/letsencrypt/live/fruity directory are incorrectly replaced by actual files instead of symlinks during system upgrade.
A wild guess is that these functions in https://github.com/vyos/vyos-1x/blob/current/src/op_mode/image_installer.py needs to be updated to take care of this issue:
def copy_preserve_owner(src: str, dst: str, *, follow_symlinks=True): def copy_previous_installation_data(target_dir: str) -> None: def copy_previous_encrypted_config(target_dir: str, image_name: str) -> None:
A manual workaround seems to be:
sudo rm -f /config/auth/letsencrypt/live/fruity/*.pem sudo ln -sf /config/auth/letsencrypt/archive/fruity/cert3.pem /config/auth/letsencrypt/live/fruity/cert.pem sudo ln -sf /config/auth/letsencrypt/archive/fruity/chain3.pem /config/auth/letsencrypt/live/fruity/chain.pem sudo ln -sf /config/auth/letsencrypt/archive/fruity/privkey3.pem /config/auth/letsencrypt/live/fruity/privkey.pem sudo ln -sf /config/auth/letsencrypt/archive/fruity/fullchain3.pem /config/auth/letsencrypt/live/fruity/fullchain.pem