I have a setup that hosts multiple websites. It does not use multisite but they are all separate installs on the same server. Everything has been working fine but I just went to add a new website and provision the staging server and cannot get past the SSL generation. I turn the ssl off for the one website but everything breaks once the code has been deployed and I try to run the wordpress install. Everything locally is working as expected. I appreciate any help.
Ansible: 2.7.5
Node: 10.16.3
Here is the error that is currently showing. Please let me know if you need any additional info.
System info:
Ansible 2.7.5; Darwin
Trellis version (per changelog): "Update wp-cli to 2.0.1"
---------------------------------------------------
non-zero return code
fatal: [104.248.218.91]: FAILED! => {
"changed": false,
"cmd": [
"./renew-certs.py"
],
"delta": "0:00:00.976674",
"end": "2020-07-15 17:17:49.992593",
"invocation": {
"module_args": {
"_raw_params": "./renew-certs.py",
"_uses_shell": false,
"argv": null,
"chdir": "/var/lib/letsencrypt",
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"warn": true
}
},
"rc": 1,
"start": "2020-07-15 17:17:49.015919",
"stderr": "",
"stderr_lines": [],
"stdout": "Certificate file /etc/nginx/ssl/letsencrypt/rustinconcrete.com-3c49826.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nCertificate file /etc/nginx/ssl/letsencrypt/conagg-mo.com-745cf75.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nCertificate file /etc/nginx/ssl/letsencrypt/greenamericarecycling.com-4a57f48.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nCertificate file /etc/nginx/ssl/letsencrypt/nrhamm.com-bc62510.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nCertificate file /etc/nginx/ssl/letsencrypt/continentalcementmulti.com-364790b.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nCertificate file /etc/nginx/ssl/letsencrypt/americanmaterialsco.com-89bcd7e.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nCertificate file /etc/nginx/ssl/letsencrypt/razorbackconcrete.com-5a58987.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nGenerating certificate for midwest.com\nError while generating certificate for midwest.com\nTraceback (most recent call last):\n File \"/usr/local/letsencrypt/acme_tiny.py\", line 198, in <module>\n main(sys.argv[1:])\n File \"/usr/local/letsencrypt/acme_tiny.py\", line 194, in main\n signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)\n File \"/usr/local/letsencrypt/acme_tiny.py\", line 104, in get_crt\n raise ValueError(\"Error requesting challenges: {0} {1}\".format(code, result))\nValueError: Error requesting challenges: 403 {\n \"type\": \"urn:acme:error:unauthorized\",\n \"detail\": \"Error creating new authz :: Validations for new domains are disabled in the V1 API (https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430)\",\n \"status\": 403\n}\n\nCertificate file /etc/nginx/ssl/letsencrypt/georgiastoneproducts.com-85984a8.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nCertificate file /etc/nginx/ssl/letsencrypt/rdje.com-079311b.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.\n\nCertificate file /etc/nginx/ssl/letsencrypt/mainlandcmmulti.com-17a3218.cert already exists\n The certificate is younger than 60 days. Not creating a new certificate.",
"stdout_lines": [
"Certificate file /etc/nginx/ssl/letsencrypt/rustinconcrete.com-3c49826.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/conagg-mo.com-745cf75.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/greenamericarecycling.com-4a57f48.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/nrhamm.com-bc62510.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/continentalcementmulti.com-364790b.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/americanmaterialsco.com-89bcd7e.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/razorbackconcrete.com-5a58987.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Generating certificate for midwest.com",
"Error while generating certificate for midwest.com",
"Traceback (most recent call last):",
" File \"/usr/local/letsencrypt/acme_tiny.py\", line 198, in <module>",
" main(sys.argv[1:])",
" File \"/usr/local/letsencrypt/acme_tiny.py\", line 194, in main",
" signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)",
" File \"/usr/local/letsencrypt/acme_tiny.py\", line 104, in get_crt",
" raise ValueError(\"Error requesting challenges: {0} {1}\".format(code, result))",
"ValueError: Error requesting challenges: 403 {",
" \"type\": \"urn:acme:error:unauthorized\",",
" \"detail\": \"Error creating new authz :: Validations for new domains are disabled in the V1 API (https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430)\",",
" \"status\": 403",
"}",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/georgiastoneproducts.com-85984a8.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/rdje.com-079311b.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate.",
"",
"Certificate file /etc/nginx/ssl/letsencrypt/mainlandcmmulti.com-17a3218.cert already exists",
" The certificate is younger than 60 days. Not creating a new certificate."
]
}
RUNNING HANDLER [common : disable temporary challenge sites] ***********************************************************************************************************************************************
task path: /Users/mikewalcott/Sites/summitopco/trellis/roles/common/tasks/disable_challenge_sites.yml:2
Using module file /Library/Python/2.7/site-packages/ansible/modules/files/file.py
<104.248.218.91> ESTABLISH SSH CONNECTION FOR USER: admin
<104.248.218.91> SSH: EXEC ssh -o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=admin -o ConnectTimeout=10 -o ControlPath=/Users/mikewalcott/.ansible/cp/1ca9331dd4 104.248.218.91 '/bin/sh -c '"'"'sudo -H -S -p "[sudo via ansible, key=cfkfuukkelplcvdbygrrhnpfgafydwpr] password: " -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-cfkfuukkelplcvdbygrrhnpfgafydwpr; /usr/bin/python'"'"'"'"'"'"'"'"' && sleep 0'"'"''
Escalation succeeded
<104.248.218.91> (0, '\n{"invocation": {"module_args": {"directory_mode": null, "force": false, "remote_src": null, "_original_basename": null, "path": "/etc/nginx/sites-enabled/letsencrypt-rustinconcrete.com.conf", "owner": null, "follow": true, "group": null, "unsafe_writes": null, "state": "absent", "content": null, "serole": null, "selevel": null, "setype": null, "access_time": null, "access_time_format": "%Y%m%d%H%M.%S", "modification_time": null, "regexp": null, "src": null, "seuser": null, "recurse": false, "_diff_peek": null, "delimiter": null, "mode": null, "modification_time_format": "%Y%m%d%H%M.%S", "attributes": null, "backup": null}}, "path": "/etc/nginx/sites-enabled/letsencrypt-rustinconcrete.com.conf", "state": "absent", "changed": false}\n', '')