l-p / ansible-role-acmetool Goto Github PK
View Code? Open in Web Editor NEWInstall, configure, and run acmetool to generate Let's Encrypt TLS certificates.
License: MIT License
Install, configure, and run acmetool to generate Let's Encrypt TLS certificates.
License: MIT License
The agreement URL has been bumped to a new version again.
Getting this output when running the role:
TASK [L-P.acmetool : Setup acmetool] ***************************************************************************************************************************
Sunday 24 December 2017 21:06:41 -0500 (0:00:01.055) 0:02:01.002 *******
fatal: [eddings.justdavis.com]: FAILED! => {"changed": false, "cmd": ["acmetool", "quickstart", "--batch"], "delta": "0:00:00.321911", "end": "2017-12-25 02:06:41.725693", "failed": true, "msg": "non-zero return code", "rc": 1, "start": "2017-12-25 02:06:41.403782", "stderr": "20171225020641 [CRITICAL] acmetool: fatal: couldn't complete registration: cannot prompt the user: currently non-interactive", "stderr_lines": ["20171225020641 [CRITICAL] acmetool: fatal: couldn't complete registration: cannot prompt the user: currently non-interactive"], "stdout": "", "stdout_lines": []}
The new LE agreement is now here: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf.
Because this isn't the URL written to the response file, errors like the following are occurring:
$ sudo acmetool quickstart --batch
20171125060209 [CRITICAL] acmetool: fatal: couldn't complete registration: cannot prompt the user: currently non-interactive
I've got the following configuration for this role, which doesn't work:
acmetool_domains: "{{ [domain] | union(domain_site_aliases) | join(' ') }}"
This just expands to tests.justdavis.com www.tests.justdavis.com tests.davisonlinehome.name www.tests.davisonlinehome.name", as you can see in the following Ansible
-vvv` output, along with the error that the space-separated domins cause:
changed: [eddings.justdavis.com] => {"changed": true, "cmd": ["acmetool", "want", "--batch", "tests.justdavis.com www.tests.justdavis.com tests.davisonlinehome.name www.t
ests.davisonlinehome.name"], "delta": "0:00:00.029405", "end": "2016-11-28 20:46:27.699574", "invocation": {"module_args": {"_raw_params": "acmetool want --batch \"tests.
justdavis.com www.tests.justdavis.com tests.davisonlinehome.name www.tests.davisonlinehome.name\"", "_uses_shell": false, "chdir": null, "creates": null, "executable": nu
ll, "removes": null, "warn": true}, "module_name": "command"}, "rc": 0, "start": "2016-11-28 20:46:27.670169", "stderr": "20161128204627 [ERROR] acme.storage: failed to l
oad target tests.justdavis.com www.tests.justdavis.com tests.davisonlinehome.name www.tests.davisonlinehome.name-4dh5nisfojfjjjdnyh47piv7wi: invalid target: tests.justdav
is.com www.tests.justdavis.com tests.davisonlinehome.name www.tests.davisonlinehome.name-4dh5nisfojfjjjdnyh47piv7wi: invalid hostname: \"tests.justdavis.com www.tests.jus
tdavis.com tests.davisonlinehome.name www.tests.davisonlinehome.name\"\n20161128204627 [ERROR] acme.storage: failed to load target tests.justdavis.com www.tests.justdavis
.com tests.davisonlinehome.name www.tests.davisonlinehome.name-4dh5nisfojfjjjdnyh47piv7wi: invalid target: tests.justdavis.com www.tests.justdavis.com tests.davisonlineho
me.name www.tests.davisonlinehome.name-4dh5nisfojfjjjdnyh47piv7wi: invalid hostname: \"tests.justdavis.com www.tests.justdavis.com tests.davisonlinehome.name www.tests.da
visonlinehome.name\"", "stdout": "", "stdout_lines": [], "warnings": []}
It's passing the space-separated domains as a single argument, which effectively escapes the spaces. I think this can be resolved by either quoting the command in ansible-role-acmetool/tasks/main.yml
, or perhaps by switching to the shell
module? Something like that, anyways.
Hello,
First I would like to thank you for the playbook, I have been using it for a while now!
There is an issue with the redirector feature, in the fact that your service file is running as the acme
user who does not have the right to bind the port 80.
While I was fixing it, I stumble across the fact that acmetool can generate its own service file.
I believe it would be less maintenance to use the provided generated service file instead of using a new one. What do you think?
Please see ansible/ansible#20702 for a detailed explanation of the problem.
Two of this role's tasks/
files: tasks/setup.yml
and tasks/service.yml
conflict with the builtin Ansible modules of the same names. Not sure why this only now started happening for me (since I've been using the role for a while), but this role is now causing all of my plays to fail. Maybe my move to Ansible 2.4.1.0? Not sure.
Renaming the two files (and updating main.yml
to reflect that, of course) resolves the problem.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.