# Error at TASK [letsencrypt : Create needed Nginx confs for challenges] **URL:** https://discourse.roots.io/t/error-at-task-letsencrypt-create-needed-nginx-confs-for-challenges/8501 **Category:** trellis **Created:** 2017-01-09T17:35:51Z **Posts:** 4 ## Post 1 by @kculmback — 2017-01-09T17:35:51Z When trying to provision my production environment I get an error at the following task: `TASK [letsencrypt : Create needed Nginx confs for challenges]` As far as I can tell I’ve done everything correctly for setting up LetsEncrypt. However, this is my first time trying out Trellis. I am running: **Host:** macOS 10.12.2 Vagrant 1.9.1 VirtualBox 5.1.12 vagrant-bindfs vagrant-hostmanager **Development VM (Setup with Vagrant):** Ubuntu 16.04 Ansible 2.2.0.0 **Remote Server:** DigitalOcean Ubuntu 16.04 **GitHub Repo:** [here](https://github.com/kculmback/trellis-test) Here is the full error report: > ``` > TASK [letsencrypt : Create needed Nginx confs for challenges] ****************** > task path: /Users/kasey/GitHub/trellis-test/trellis/roles/letsencrypt/tasks/nginx.yml:15 > System info: > Ansible 2.2.0.0; Darwin > Trellis at "Fix #727 - HSTS: default preload to off" > --------------------------------------------------- > UnboundLocalError: local variable 'l_1_item' referenced before assignment > failed: [138.197.204.24] (item={'_ansible_parsed': True, u'stat': {u'exists': False}, '_ansible_item_result': True, '_ansible_no_log': False, u'changed': False, 'item': {'value': {u'repo_subtree_path': u'site', u'multisite': {u'enabled': False}, u'env': {u'wp_home': u'https://staging.kcfeatures.com', u'wp_siteurl': u'https://staging.kcfeatures.com/wp'}, u'cache': {u'enabled': True}, u'repo': u'git@github.com:kculmback/trellis-test.git', u'ssl': {u'enabled': True, u'provider': u'letsencrypt'}, u'local_path': u'../site', u'branch': u'master', u'site_hosts': [{u'canonical': u'staging.kcfeatures.com'}]}, 'key': u'staging.kcfeatures.com'}, 'invocation': {'module_name': u'stat', u'module_args': {u'checksum_algorithm': u'sha1', u'mime': False, u'get_checksum': True, u'follow': False, u'path': u'/etc/nginx/sites-enabled/staging.kcfeatures.com.conf', u'get_md5': True}}}) => { > "failed": true, > "invocation": { > "module_args": { > "dest": "/etc/nginx/sites-available/letsencrypt-staging.kcfeatures.com.conf", > "src": "nginx-challenge-site.conf.j2" > }, > "module_name": "template" > }, > "item": { > "changed": false, > "invocation": { > "module_args": { > "checksum_algorithm": "sha1", > "follow": false, > "get_checksum": true, > "get_md5": true, > "mime": false, > "path": "/etc/nginx/sites-enabled/staging.kcfeatures.com.conf" > }, > "module_name": "stat" > }, > "item": { > "key": "staging.kcfeatures.com", > "value": { > "branch": "master", > "cache": { > "enabled": true > }, > "env": { > "wp_home": "https://staging.kcfeatures.com", > "wp_siteurl": "https://staging.kcfeatures.com/wp" > }, > "local_path": "../site", > "multisite": { > "enabled": false > }, > "repo": "git@github.com:kculmback/trellis-test.git", > "repo_subtree_path": "site", > "site_hosts": [ > { > "canonical": "staging.kcfeatures.com" > } > ], > "ssl": { > "enabled": true, > "provider": "letsencrypt" > } > } > }, > "stat": { > "exists": false > } > } > } > ``` Any help would be greatly appreciated! --- ## Post 2 by @kculmback — 2017-01-09T19:52:11Z Fixed using method detailed in this post: > [@Let's Encrypt: Could not access the challenge file for the hosts/domain](https://discourse.roots.io/t/lets-encrypt-could-not-access-the-challenge-file-for-the-hosts-domain/6457/11): > > [roots/trellis#565](https://github.com/roots/trellis/pull/565/) enables Trellis to transition existing http sites to https. This update may resolve some issues that led to the error message Could not access the challenge file Existing servers. If you try the Trellis update above on a server that has already been provisioned with the prior version of Trellis (i.e., on a server that already has an Nginx conf set up), you should first run: ansible-playbook server.yml -e env=\ --tags wordpress That sets up an Nginx conf that will… --- ## Post 3 by @fullyint — 2017-01-09T20:18:28Z @kculmback Thanks for reporting your solution. Just to confirm, you got around the problem by running these two commands? ``` ansible-playbook server.yml -e env= --tags wordpress ansible-playbook server.yml -e env= --tags letsencrypt ``` I assume this was a new server, only ever provisioned with the latest Trellis (plus your addition of [roots/trellis#729](https://github.com/roots/trellis/pull/729) stuff). But if the server was originally provisioned with an older version of Trellis, then you encountered the problem after updating Trellis, please let us know. * * * I’m also curious to know which version of python are you running on your mac. ``` python --version ``` Have you adjusted python on your machine at all, installed different versions, etc.? I didn’t manage to reproduce the problem using [pyenv](https://github.com/yyuu/pyenv) (example [installation guide](http://akbaribrahim.com/managing-multiple-python-versions-with-pyenv/)) with the following versions of python on my macOS 10.11.6: - `2.7.10` - `2.7.11` - `2.7.12` - `2.7.13` (Note: For pyenv to work on El Capitan, I had to [first install python via brew](http://apple.stackexchange.com/questions/209572/how-to-use-pip-after-the-os-x-el-capitan-upgrade#comment252830_209572), then apply pyenv.) --- ## Post 4 by @kculmback — 2017-01-10T21:20:06Z @fullyint You are correct, running those commands is what fixed my issue. The server had technically been provisioned before (never successfully); but I was still having this issue when I had rebuilt the droplet server via Digital Ocean so that it was a clean slate. Python _was_ at version 2.7.10. However, I ended up doing a clean install of Sierra on my MacBook Pro (something I had been meaing to do for a while) and reinstalled all of the Trellis & Bedrock dependencies. I then provisioned a new server on a new droplet and everything worked fine! My best guess is I had done something wrong somewhere along the line when installing dependencies in the past (although I’m still fairly new to all this, so I could definitely be wrong on this). This time around I installed everything that I could through Homebrew and it all seems to be working fine!