Generating Let's encrypt certificates on staging fails


I have the following setup:
macOs Mojave 10.14.6
ansible 2.8.4
latest version of trellis.
vagrant Vagrant 2.2.5
virtualbox 6.0.10

I have a working setup with vagrant and provisioned everything right on staging except the SSL part.

My wordpress_sites for staging looks like this:

      - canonical:
    local_path: ../ # path targeting local Bedrock site directory (relative to Ansible root)
    repo: # replace with your Git repo URL
    branch: master
      enabled: false
      enabled: true
      provider: letsencrypt
      enabled: false
    site_title: Title
    admin_user: adminuser
    db_create: false
      db_name: databasename
      db_user: dbuser

When I run the provision command, I get this error:

TASK [wordpress-setup : Generate self-signed certificates] ************************************************************************************************************************************************
skipping: [] => (

non-zero return code
/bin/bash: -c: line 0: unexpected EOF while looking for matching )' /bin/bash: -c: line 10: syntax error: unexpected end of file failed: [] (item=no_default) => {"ansible_loop_var": "item", "changed": true, "cmd": "openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -sha256 -extensions req_ext -config <( cat <<' EOF'\n[req]\nprompt = no\ndistinguished_name = req_dn\n[req_dn]\ncommonName =\n[req_ext]\nsubjectAltName =\nEOF\n) -keyout no_default.key -out no_default.cert", "delta": "0:00:00.002713", "end": "2019-09-25 18:14:17.965171", "item": {"key": "no_default", "value": {"multisite": {}, "site_hosts": [{"canonical": ""}], "ssl": {"enabled": true, "provider": "self-signed"}}}, "rc": 1, "start": "2019-09-25 18:14:17.962458", "stderr_lines": ["/bin/bash: -c: line 0: unexpected EOF while looking for matching)’", “/bin/bash: -c: line 10: syntax error: unexpected end of file”], “stdout”: “”, “stdout_lines”: []}

If I disable ssl everything works fine.

I don’t understand why:

  1. in the error I see domain.
  2. It says “Generate self-signed certificates” even if I have set letsencrypt.
  3. Why it appears as a sintax error.

Any help is appreciated.

Thank you!

Do you have another site defined in wordpress_sites.yml looks like this:

      - canonical:
      enabled: true
      provider: self-signed

No, I do not have such a site defined in any of the wordpress_sites.yml files.

I think this line added the default site -

Self-signed certificates not being generated in development sees the syntax error as well.

Probably coming from

It looks like an Ansible version compatibility problem.

I have downgraded to Ansbile 2.7.12 and now it works as expected.

Previously I have tried with Ansible 2.8.5 and got the same error.

Can you test with ansible v2.8.5?

Yes, works as expected now with this change and ansible 2.8.5

I already had the certs so I first run a provision with these, then deactivated ssl, provisioned again, and after activated SSL and provision again.

Looks good.


1 Like

This topic was automatically closed after 42 days. New replies are no longer allowed.