Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

letsencrypt sometimes creates invalid config #57

Open
thraxil opened this issue Mar 28, 2019 · 0 comments
Open

letsencrypt sometimes creates invalid config #57

thraxil opened this issue Mar 28, 2019 · 0 comments

Comments

@thraxil
Copy link
Contributor

thraxil commented Mar 28, 2019

This is coming up for me on the hawthorn deploys pretty frequently. If everything works right, it's not a problem, but sometimes the deploy has other issues that I'm working out and I have to comment out or skip certain roles (that are completely unrelated to letsencrypt) and it ends up in a weird state where letsencrypt generates an /etc/nginx/sites-enabled/letsencrypt file with no server_name set (just server_name ;).

I really don't understand exactly what is causing it to not get the list of domains in those cases, but the result is a broken config, nginx won't start, and I have to ssh into the servers to manually remove the files and get nginx running again before I can re-run ansible.

I think the issue is that the server_name {{ letsencrypt_certs | sum(attribute='domains', start=[]) | join(' ') }}; introduced in #23 / #24 needs to have a little extra logic to just not add the line at all if letsencrypt_certs doesn't have any entries.

Something like:

{% if len(letsencrypt_certs) > 0 %}
server_name {{ letsencrypt_certs | sum(attribute='domains', start=[]) | join(' ') }};
{% endif %}

But I haven't tested that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant