Trellis SSL - Input file not found at

daniel · October 16, 2015, 12:03am

I’m trying to add SSL to a live, provisioned DigitalOcean server. I’m going to group_vars/production and adding the following:

ssl:
enabled: true
key: /etc/nginx/ssl/nginx.key
cert: /etc/nginx/ssl/nginx.crt

I then SSH’d went to the DO server and create a new self-signed cert by following the how-to in this article:

I created both nginx.crt & nginx.key and can verify that they are there and contain the correct information.

I then deployed the new production file and then re-ran the DO provision:
ansible-playbook -i hosts/production server.yml

Everything seems to go smoothly until it errors out with:
TASK: [wordpress-setup | Copy SSL cert] ***************************************
fatal: [xxx.xxx.xxx.xxx] => input file not found at /etc/nginx/ssl/nginx.crt or /etc/nginx/ssl/nginx.crt

FATAL: all hosts have already failed – aborting

Anyone see a reason why this might not be working?

ben · October 16, 2015, 12:04am

cert and key are local relative paths to those files. They will be copied to the remote servers.

daniel · October 16, 2015, 1:27am

I see. I needed to create them on my local machine, not DO. I did that by following this article here:

created the crt and key just fine and then deployed and provisioned. This time everything seemed to go as plan but it doesn’t look like my URLs are defaulting to https and the SSL doesn’t appear to be working.

Any ideas?

daniel · October 16, 2015, 1:45am

Doh! Forgot to reset SSL to “true” worked out great. I love Roots!

vdrnn · January 28, 2016, 5:34pm

I’m trying to implement https://github.com/thefinn93/ansible-letsencrypt
What would be the proper way to define the path on the server rather than local?
Appreciate any hints