How to patch an existing trellis/bedrock setup

trellis
1

So I’m experiencing an error on provisioning my production server via ansible around let’s encrypt.

I found out there is a fix for this here:

I’m trying to understand how I update my development environment to get this change?

Any direction would be greatly appreciated.

Thanks,

Neil

TASK [letsencrypt : Generate the certificates] *******************************************************
System info:
Ansible 2.3.2.0; Darwin
Trellis at “Add ansible_local support for non-Windows”

fatal: [159.203.118.61]: FAILED! => {“changed”: false, “cmd”: ["./renew-certs.py"], “delta”: “0:00:00.398565”, “end”: “2017-12-31 19:02:35.551726”, “failed”: true, “rc”: 1, “start”: “2017-12-31 19:02:35.153161”, “stderr”: “”, “stderr_lines”: [], “stdout”: “Generating certificate for environmentcelebration.com\nError while generating certificate for environmentcelebration.com\nTraceback (most recent call last):\n File “/usr/local/letsencrypt/acme_tiny.py”, line 198, in \n main(sys.argv[1:])\n File “/usr/local/letsencrypt/acme_tiny.py”, line 194, in main\n signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)\n File “/usr/local/letsencrypt/acme_tiny.py”, line 92, in get_crt\n raise ValueError(“Error registering: {0} {1}”.format(code, result))\nValueError: Error registering: 400 {\n “type”: “urn:acme:error:malformed”,\n “detail”: “Provided agreement URL [https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf] does not match current agreement URL [https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf]”,\n “status”: 400\n}”, “stdout_lines”: [“Generating certificate for environmentcelebration.com”, “Error while generating certificate for environmentcelebration.com”, “Traceback (most recent call last):”, " File “/usr/local/letsencrypt/acme_tiny.py”, line 198, in “, " main(sys.argv[1:])”, " File “/usr/local/letsencrypt/acme_tiny.py”, line 194, in main", " signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)", " File “/usr/local/letsencrypt/acme_tiny.py”, line 92, in get_crt", " raise ValueError(“Error registering: {0} {1}”.format(code, result))", “ValueError: Error registering: 400 {”, " “type”: “urn:acme:error:malformed”,", " “detail”: “Provided agreement URL [https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf] does not match current agreement URL [https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf]”,", " “status”: 400", “}”]}

2

If you want a quick and dirty fix for your site right away, you can, in your local copy of Trellis, make the change described in that Pull Request you linked (it’s one line), and then run ansible-playbook server.yml -e env=production again.

3

Thanks – that worked! – so what is the more formal way to upgrade my trellis/bedrock base? Is there documentation on that you can refer me to?

Best,

Neil

4

There are methods of merging using Git, but typically I just move hosts, group_vars, deploy-hooks, and if necessary, ansible.cfg and .vault_pass out of the way, delete everything else, copy down the latest versions from GitHub, and move the above files and folders back in place. I’m sure there are good reasons not to do it this way, and occasionally I get bitten by a change in group_vars but it’s fast and works for me.

I’m sure the team is horrified :wink:

1 Like
5 
TASK [wordpress-setup : Create WordPress configuration for Nginx] **************
System info:
  Ansible 2.4.0.0; Vagrant 2.0.1; Linux
  Trellis at "Fix `failed_when` in `template_root` check with wp-cli 1.5.0"
---------------------------------------------------
AnsibleUndefinedVariable: 'multisite_subdomains_wildcards' is undefined
failed: [default] (item=business-blog.dev) => {"changed": false, "failed": true, "item": "business-blog.dev"}
---------------------------------------------------
AnsibleUndefinedVariable: 'multisite_subdomains_wildcards' is undefined
failed: [default] (item=staff-portal.dev) => {"changed": false, "failed": true, "item": "staff-portal.dev"}
---------------------------------------------------
AnsibleUndefinedVariable: 'multisite_subdomains_wildcards' is undefined
failed: [default] (item=news-archive.dev) => {"changed": false, "failed": true, "item": "news-archive.dev"}
---------------------------------------------------
AnsibleUndefinedVariable: 'multisite_subdomains_wildcards' is undefined
failed: [default] (item=ou-history.dev) => {"changed": false, "failed": true, "item": "ou-history.dev"}
---------------------------------------------------
AnsibleUndefinedVariable: 'multisite_subdomains_wildcards' is undefined
failed: [default] (item=main-site.dev) => {"changed": false, "failed": true, "item": "main-site.dev"}
---------------------------------------------------
AnsibleUndefinedVariable: 'multisite_subdomains_wildcards' is undefined
failed: [default] (item=digital-archives.dev) => {"changed": false, "failed": true, "item": "digital-archives.dev"}
---------------------------------------------------
AnsibleUndefinedVariable: 'multisite_subdomains_wildcards' is undefined
failed: [default] (item=bedrock.dev) => {"changed": false, "failed": true, "item": "bedrock.dev"}
	to retry, use: --limit @/home/tackettz/environments/trellis-rc2/dev.retry

PLAY RECAP *********************************************************************
default                    : ok=84   changed=0    unreachable=0    failed=1   

Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

I am getting the above error. I have been looking into it and can’t figure out what I need to fix/change. Any tips?

6

Make sure that any chances to files in group_vars/all have been merged into your copy of Trellis. I’ve seen ugly errors like these (I’m not sure if they were exactly these) when an update to helpers.yml was missed.

7

I was able to get it. I had a brain fart moment, had two windows of the same trellis install open and was looking at the same file and couldn’t see why I was getting the error because the files were exactly the same I went to the trellis github and was able to figure out the error. I was missing this line from the group_vars/all/main.yml file

multisite_subdomains_wildcards: “{{ item.value.multisite.subdomains | default(false) | ternary( site_hosts_canonical | map(‘regex_replace’, ‘^(www\.)?(.)$’, '.\2’) | list, [] ) }}”.

Thanks for your tips though. I know it goes against most version control standards but merging from their master branch was a bit of overkill and I’m not the greatest at merging.

8

Thanks @MWDelaney, this is exactly what I was looking for (feels like I’ve said that to you before?). On top of this I also had to clear out a couple of entries in my known_hosts file. This was a simple case of reading the error message and deleleting the problematic entries, using:

$ ssh-keygen -R <hostname>

After this I ran ansible-playbook server.yml -e env=production again and all was singing like a bird.