Maniphest T191152
Puppet broken on deployment-mx02 due to some Letsencrypt stuff
Closed, DuplicatePublic
Actions

Assigned To
None
Authored By
	MarcoAurelio
	Mar 31 2018, 9:14 PM
Description

maurelio@deployment-mx02:~$ sudo puppet agent -tv
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for deployment-mx02.deployment-prep.eqiad.wmflabs
Notice: /Stage[main]/Base::Environment/Tidy[/var/tmp/core]: Tidying 0 files
Info: Applying configuration version '1522530718'
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Getting ACME cert /etc/acme/cert/deployment_mx02.crt
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Traceback (most recent call last):
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme-setup", line 509, in <module>
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     main()
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme-setup", line 505, in main
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     key_uid, key_gid)
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme-setup", line 478, in acme_setup
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     exp_rand, chal_dir, acme_user, svc, force_crt)
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme-setup", line 402, in ensure_crt_acme
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     ensure_real_fs(tls_crt, 0o644, 0, 0, False, cert_create, cert_force)
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme-setup", line 205, in ensure_real_fs
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     creator()
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme-setup", line 394, in cert_create
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     acme_challenge(id, cert_dir, acct_key, csr, chal_dir, acme_user)
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme-setup", line 369, in acme_challenge
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     % (" ".join(args), p.returncode, p_err))
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Exception: Command >>/usr/local/sbin/acme_tiny.py --account-key /etc/acme/acct/acct.key --csr /etc/acme/csr/deployment_mx02.pem --acme-dir /var/acme/challenge<< failed, exit code 1, stderr:
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Parsing account key...
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Parsing CSR...
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Registering account...
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Already registered!
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Verifying deployment-mx02.deployment-prep.eqiad.wmflabs...
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: Traceback (most recent call last):
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme_tiny.py", line 234, in <module>
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     main(sys.argv[1:])
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme_tiny.py", line 230, in main
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   File "/usr/local/sbin/acme_tiny.py", line 126, in get_crt
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:     raise ValueError("Error requesting challenges: {0} {1}".format(code, result))
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: ValueError: Error requesting challenges: 400 {
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   "type": "urn:acme:error:malformed",
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   "detail": "Error creating new authz :: Name does not end in a public suffix",
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns:   "status": 400
Notice: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: }
Error: /usr/local/sbin/acme-setup -i deployment_mx02 -s deployment-mx02.deployment-prep.eqiad.wmflabs --key-user root --key-group Debian-exim -m acme -w nginx returned 1 instead of one of [0]
Error: /Stage[main]/Role::Mail::Mx/Letsencrypt::Cert::Integrated[deployment-mx02]/Exec[acme-setup-acme-deployment_mx02]/returns: change from notrun to 0 failed: /usr/local/sbin/acme-setup -i deployment_mx02 -s deployment-mx02.deployment-prep.eqiad.wmflabs --key-user root --key-group Debian-exim -m acme -w nginx returned 1 instead of one of [0]
Notice: /Stage[main]/Mtail/Systemd::Service[mtail]/Service[mtail]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Mtail/Systemd::Service[mtail]/Service[mtail]: Unscheduling refresh on Service[mtail]
Info: Stage[main]: Unscheduling all events on Stage[main]
Notice: Applied catalog in 6.77 seconds
Event Timeline

MarcoAurelio created this task.Mar 31 2018, 9:14 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 31 2018, 9:14 PM
EddieGP closed this task as a duplicate of T184244: Puppet broken on deployment-mx due to systemd on trusty.Mar 31 2018, 9:18 PM
Puppet broken on deployment-mx02 due to some Letsencrypt stuffClosed, DuplicatePublicActions

Description

Event Timeline

Puppet broken on deployment-mx02 due to some Letsencrypt stuff
Closed, DuplicatePublic
Actions
