Comments (5)
It looks like a bug, will fix it in the next release, thank you
from roxy-wi.
Fixed fb3b1d1
from roxy-wi.
Hi,
Try to create the dir manually and run again
from roxy-wi.
I would like to, but I don't know where should I do this.
If I'm right, this one is trying to make something into the / directly.
Where is the value of the {{SSL_PATH}} variable which used by ansible?
If you look at the command I think the SSL_PATH is empty
www-data 24289 0.2 0.0 4736 3500 ? S 15:40 0:00 /bin/bash ./letsencrypt.sh PROXY= haproxy_dir=/etc/haproxy DOMAIN=proxy1.idonttellyou.hu [email protected] SSH_PORT=22 SSL_PATH=error: The path must contain the name of the service. Check it in Roxy-WI settings HOST=192.168.110.2 USER=username PASS= KEY=/var/lib/roxy-wi/keys/RoxyWi-key_Default.pem
I changed the ansible role to this, and now the pem is created
- name: Combine into pem file
# shell: cat /etc/letsencrypt/live/{{DOMAIN}}/fullchain.pem /etc/letsencrypt/live/{{DOMAIN}}/privkey.pem > "{{SSL_PATH}}"/"{{DOMAIN}}".pem
shell: cat /etc/letsencrypt/live/{{DOMAIN}}/fullchain.pem /etc/letsencrypt/live/{{DOMAIN}}/privkey.pem > /etc/ssl/certs/{{DOMAIN}}.pem
However, the role cannot finish, because of the cronjob cannot be created:
'TASK [Creates cron jobs] *******************************************************', 'fatal: [192.168.110.2]: FAILED! =>
{"changed": false, "msg": "Failed to find required executable crontab in paths:
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"}', '',
'PLAY RECAP *********************************************************************',
'192.168.110.2 : ok=7 changed=3 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0 ', '',
"error: Can't create SSL certificate"]
JFTR: the letsencrypt renew script, which should use the {{SSL_PATH}} also got an error when the template copied over:
[root(Titan:2)] </home> cat /etc/haproxy/scripts/renew_letsencrypt.sh
#!/bin/bash
cd /etc/letsencrypt/live/
email='[email protected]'
path='error:'
command='certbot certonly --standalone'
BTW, I'm using Ubuntu 22 LTS Server.
from roxy-wi.
Just a quick followup. My cron problem is caused by me, since I used minimal Ubuntu as base, and they not install cron...
About the SSL_PATH variable... I've done some research in the code, and I found the app/modules/config/add.py, where this variable got a value based on an SQL field:
ssl_path = common.return_nice_path(sql.get_setting('cert_path'))
The next line is haproxy_dir, which use a same method, but without this common.return_nice_path call, which looks like this:
def return_nice_path(return_path: str) -> str:
if not check_is_service_folder(return_path):
return 'error: The path must contain the name of the service. Check it in Roxy-WI settings'
if return_path[-1] != '/':
return_path += '/'
return return_path
So somehow this check_is_service_folder function returns as False, since I don't use the service name in the cert_path (and why should I?)
After I changed the ssl_path to give a value without a nice path ssl_path = sql.get_setting('cert_path')
I was able to request the LE certificate.
Hope this helps to point out something.
If it matters, my cert_path is configured to /etc/ssl/certs/ and I have manual installation.
from roxy-wi.
Related Issues (20)
- Authenticated SQLi HOT 1
- Установка roxy-wi под Debian 11.6 ошибка авторизации HOT 1
- debian/ubuntu: lorotate config conflict. HOT 2
- Fresh manual install on Centos 7. Admin login fails with no error HOT 2
- i am clinically insane HOT 1
- Error on manual install step sudo ./create_db.py HOT 6
- LDAP Authentication HOT 6
- 500 Internal server error CentOS 7 HOT 14
- Letsencrypt with multiple domain in one certificate HOT 5
- ed25519 support HOT 4
- URL rewrite needs updated on HAProxy > Overview > Backends HOT 1
- Managing local server haproxy but SSH login fails HOT 2
- HAProxy log files not rotated HOT 2
- Installed Roxy-wi does not work when accessing web console. HOT 1
- Change language to not use master and slave HOT 1
- Emojis in config files seem to cause problems HOT 5
- New install, trying to save SSH Cred: Missing dependency PyNaCl HOT 1
- Hardcoded secret key HOT 1
- Apache fails to install completely HOT 26
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from roxy-wi.