Здравствуйте.
Из /opt/webdir/temp/site_certificate:
Спасибо!
- BitrixVM 7.5.0
- HTTP включен
Код |
---|
# INFO: Using main config file /home/bitrix/dehydrated/config Processing www.xxxx.ru with alternative names: xxxx.ru + Checking expire date of existing cert... + Valid till Aug 11 22:00:20 2022 GMT (Less than 20 days). Renewing! + Signing domains... + Generating private key... + Generating signing request... + Requesting new certificate order fr om CA... + ERROR: An error occurred while sending post-request to https://acme-v02.api.letsencrypt.org/acme/new-order (Status 400) Details: HTTP/1.1 100 Continue HTTP/1.1 400 Bad Request Server: nginx Date: Fri, 12 Aug 2022 08:53:28 GMT Content-Type: application/problem+json Content-Length: 173 Connection: keep-alive Boulder-Requester: 332536990 Cache-Control: public, max-age=0, no-cache Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index" Replay-Nonce: 0001581WsWFpS75SOL4KMrqtgymu7umQx6HSKHfe4hhNdO4 { "type": "urn:ietf:params:acme:error:badNonce", "detail": "JWS has an invalid anti-replay nonce: \"0001zZclZHAJj6p2RgOPnQkSWhIzS4Z5TxSo_DNrDtu0BHs\"", "status": 400 } |
Код |
---|
PLAY [bitrix-hosts] ************************************************************ TASK [Gathering Facts] ********************************************************* ok: [b1] included: /etc/ansible/inc_vars.yml for b1 TASK [web : include variables from mysql group] ******************************** ok: [b1] TASK [web : include variables from web group] ********************************** ok: [b1] TASK [web : include variables from temporary config] *************************** ok: [b1] TASK [web : additional gathering facts] **************************************** ok: [b1] TASK [web : set_fact] ********************************************************** ok: [b1] included: /etc/ansible/roles/web/tasks/configure_le.yml for b1 included: /etc/ansible/roles/web/tasks/sites-gathering_facts_site_names.yml for b1 TASK [web : gathering facts about installed sites] ***************************** changed: [b1 -> None] TASK [web : create variable bx_sites_info] ************************************* ok: [b1] TASK [web : debug] ************************************************************* ok: [b1] => { "msg": [ { "ApacheConf": "/etc/httpd/bx/conf/default.conf", "ApacheConfNTLM": "", "ApacheConfScale": "/etc/httpd/bx-scale/conf/default.conf", "BackupCronFile": "", "BackupDay": "", "BackupFolder": "", "BackupHour": "", "BackupMinute": "", "BackupMonth": "", "BackupTask": "disable", "BackupVersion": "", "BackupWeekDay": "", "CompositeDomains": [], "CompositeError": "", "CompositeExcludeParams": [], "CompositeExcludeUri": [], "CompositeIncludeUri": [], "CompositeMemcachedHost": "", "CompositeMemcachedPort": "", "CompositeNginx": "disable", "CompositeNginxID": "02", "CompositeNginxMap": "", "CompositeStatus": "disable", "CompositeStorage": "", "CronFile": "/etc/crontab", "CronService": {}, "CronTask": "enable", "DBConn": "Y", "DBHost": "localhost", "DBLogin": "bitrix0", "DBName": "sitemanager", "DBPassword": "***************", "DBType": "mysql", "DocumentRoot": "/home/bitrix/www", "EmailAccount": "default", "EmailAddress": "xxxx@xxxx.ru", "HTTPS": "disable", "HTTPSCert": "/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem", "HTTPSCertChain": "/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem", "HTTPSCertType": "letsencrypt", "HTTPSConf": "/etc/nginx/bx/conf/ssl_options.conf", "HTTPSPriv": "/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem", "ModuleCluster": "", "ModuleScale": "", "NTLM_bitrixvm_auth_support": "N", "NTLM_module": "Y", "NTLM_use_ntlm": "N", "NginxHTTPConfig": "s1.conf", "NginxHTTPDir": "/etc/nginx/bx/site_avaliable", "NginxHTTPEDir": "/etc/nginx/bx/site_enabled", "NginxHTTPSConfig": "ssl.s1.conf", "NginxHTTPSFullPath": "/etc/nginx/bx/site_avaliable/ssl.s1.conf", "NginxPort": 80, "NginxType": "single", "SMTPHost": "smtp.yandex.ru", "SMTPPassword": "***************", "SMTPPort": "587", "SMTPTLS": "on", "SMTPUser": "xxxx@xxxx.ru", "ServerName": "b1", "SiteCharset": "utf-8", "SiteCsync2": "default", "SiteInstall": "kernel", "SiteKernelDB": "", "SiteKernelDir": "", "SiteName": "default", "SiteShort": "default", "SiteStatus": "finished", "SphinxConnection": "127.0.0.1:9306", "SphinxIndexName": "bitrix", "dbconn_BX_TEMPORARY_FILES_DIRECTORY": "/home/bitrix/tmp/www", "error": 0, "message": "", "module_cluster": "not_installed", "module_main_version": "22.100.100", "module_message": "bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ", "module_scale": "installed", "module_transformer": "installed", "module_transformercontroller": "not_installed", "nginx_bx_temp_config": "/etc/nginx/bx/site_settings/default/bx_temp.conf", "nginx_bx_temp_files": "on", "nginx_custom_settings": "on", "nginx_custom_settings_directory": "/etc/nginx/bx/site_settings/default", "phpMsmtpAccount": "default", "phpSessionDir": "/tmp/php_sessions/www", "phpUploadDir": "/tmp/php_upload/www", "proxy_ignore_client_abort": "off", "upload_dir": "upload" } ] } TASK [web : set cluster mark to disabled state] ******************************** ok: [b1] TASK [web : download dehydrated] *********************************************** ok: [b1] TASK [web : create directories] ************************************************ changed: [b1] => (item=/home/bitrix/dehydrated) ok: [b1] => (item=/var/www/dehydrated) TASK [web : create nginx LE config] ******************************************** ok: [b1] TASK [web : create nginx SSL options config] *********************************** ok: [b1] included: /etc/ansible/roles/web/tasks/configure_le_location_per_site.yml for b1 TASK [web : delete include for http-config] ************************************ changed: [b1] => (item={u'NginxPort': 80, u'NginxHTTPSConfig': u'ssl.s1.conf', u'upload_dir': u'upload', u'NTLM_module': u'Y', u'BackupMinute': u'', u'CompositeDomains': [], u'SphinxConnection': u'127.0.0.1:9306', u'message': u'', u'nginx_custom_settings': u'on', u'DBConn': u'Y', u'nginx_bx_temp_files': u'on', u'ApacheConfNTLM': u'', u'BackupTask': u'disable', u'CronFile': u'/etc/crontab', u'module_scale': u'installed', u'HTTPSConf': u'/etc/nginx/bx/conf/ssl_options.conf', u'proxy_ignore_client_abort': u'off', u'SiteShort': u'default', u'SiteInstall': u'kernel', u'BackupFolder': u'', u'SMTPPort': u'587', u'NTLM_use_ntlm': u'N', u'BackupWeekDay': u'', u'SiteStatus': u'finished', u'NginxHTTPConfig': u's1.conf', u'ModuleScale': u'', u'CompositeExcludeUri': [], u'ServerName': u'b1', u'SiteCharset': u'utf-8', u'NginxType': u'single', u'CompositeError': u'', u'CompositeStatus': u'disable', u'CompositeMemcachedHost': u'', u'module_cluster': u'not_installed', u'HTTPSPriv': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem', u'CronTask': u'enable', u'module_transformercontroller': u'not_installed', u'nginx_custom_settings_directory': u'/etc/nginx/bx/site_settings/default', u'DBName': u'sitemanager', u'EmailAddress': u'xxxx@xxxx.ru', u'SMTPHost': u'smtp.yandex.ru', u'error': 0, u'BackupCronFile': u'', u'SiteKernelDB': u'', u'CronService': {}, u'CompositeExcludeParams': [], u'HTTPSCert': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem', u'DBType': u'mysql', u'ApacheConfScale': u'/etc/httpd/bx-scale/conf/default.conf', u'ApacheConf': u'/etc/httpd/bx/conf/default.conf', u'DBPassword': u'***************', u'BackupDay': u'', u'module_main_version': u'22.100.100', u'dbconn_BX_TEMPORARY_FILES_DIRECTORY': u'/home/bitrix/tmp/www', u'NginxHTTPEDir': u'/etc/nginx/bx/site_enabled', u'DocumentRoot': u'/home/bitrix/www', u'phpSessionDir': u'/tmp/php_sessions/www', u'SiteCsync2': u'default', u'module_transformer': u'installed', u'CompositeMemcachedPort': u'', u'module_message': u'bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ', u'BackupVersion': u'', u'NTLM_bitrixvm_auth_support': u'N', u'SMTPPassword': u'***************', u'SiteName': u'default', u'HTTPSCertChain': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem', u'nginx_bx_temp_config': u'/etc/nginx/bx/site_settings/default/bx_temp.conf', u'SiteKernelDir': u'', u'CompositeStorage': u'', u'SMTPUser': u'xxxx@xxxx.ru', u'DBLogin': u'bitrix0', u'BackupMonth': u'', u'SphinxIndexName': u'bitrix', u'DBHost': u'localhost', u'CompositeIncludeUri': [], u'phpUploadDir': u'/tmp/php_upload/www', u'HTTPS': u'disable', u'HTTPSCertType': u'letsencrypt', u'CompositeNginxID': u'02', u'EmailAccount': u'default', u'NginxHTTPSFullPath': u'/etc/nginx/bx/site_avaliable/ssl.s1.conf', u'CompositeNginx': u'disable', u'SMTPTLS': u'on', u'ModuleCluster': u'', u'phpMsmtpAccount': u'default', u'CompositeNginxMap': u'', u'NginxHTTPDir': u'/etc/nginx/bx/site_avaliable', u'BackupHour': u''}) TASK [web : update site http-config] ******************************************* changed: [b1] => (item={u'NginxPort': 80, u'NginxHTTPSConfig': u'ssl.s1.conf', u'upload_dir': u'upload', u'NTLM_module': u'Y', u'BackupMinute': u'', u'CompositeDomains': [], u'SphinxConnection': u'127.0.0.1:9306', u'message': u'', u'nginx_custom_settings': u'on', u'DBConn': u'Y', u'nginx_bx_temp_files': u'on', u'ApacheConfNTLM': u'', u'BackupTask': u'disable', u'CronFile': u'/etc/crontab', u'module_scale': u'installed', u'HTTPSConf': u'/etc/nginx/bx/conf/ssl_options.conf', u'proxy_ignore_client_abort': u'off', u'SiteShort': u'default', u'SiteInstall': u'kernel', u'BackupFolder': u'', u'SMTPPort': u'587', u'NTLM_use_ntlm': u'N', u'BackupWeekDay': u'', u'SiteStatus': u'finished', u'NginxHTTPConfig': u's1.conf', u'ModuleScale': u'', u'CompositeExcludeUri': [], u'ServerName': u'b1', u'SiteCharset': u'utf-8', u'NginxType': u'single', u'CompositeError': u'', u'CompositeStatus': u'disable', u'CompositeMemcachedHost': u'', u'module_cluster': u'not_installed', u'HTTPSPriv': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem', u'CronTask': u'enable', u'module_transformercontroller': u'not_installed', u'nginx_custom_settings_directory': u'/etc/nginx/bx/site_settings/default', u'DBName': u'sitemanager', u'EmailAddress': u'xxxx@xxxx.ru', u'SMTPHost': u'smtp.yandex.ru', u'error': 0, u'BackupCronFile': u'', u'SiteKernelDB': u'', u'CronService': {}, u'CompositeExcludeParams': [], u'HTTPSCert': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem', u'DBType': u'mysql', u'ApacheConfScale': u'/etc/httpd/bx-scale/conf/default.conf', u'ApacheConf': u'/etc/httpd/bx/conf/default.conf', u'DBPassword': u'***************', u'BackupDay': u'', u'module_main_version': u'22.100.100', u'dbconn_BX_TEMPORARY_FILES_DIRECTORY': u'/home/bitrix/tmp/www', u'NginxHTTPEDir': u'/etc/nginx/bx/site_enabled', u'DocumentRoot': u'/home/bitrix/www', u'phpSessionDir': u'/tmp/php_sessions/www', u'SiteCsync2': u'default', u'module_transformer': u'installed', u'CompositeMemcachedPort': u'', u'module_message': u'bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ', u'BackupVersion': u'', u'NTLM_bitrixvm_auth_support': u'N', u'SMTPPassword': u'***************', u'SiteName': u'default', u'HTTPSCertChain': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem', u'nginx_bx_temp_config': u'/etc/nginx/bx/site_settings/default/bx_temp.conf', u'SiteKernelDir': u'', u'CompositeStorage': u'', u'SMTPUser': u'xxxx@xxxx.ru', u'DBLogin': u'bitrix0', u'BackupMonth': u'', u'SphinxIndexName': u'bitrix', u'DBHost': u'localhost', u'CompositeIncludeUri': [], u'phpUploadDir': u'/tmp/php_upload/www', u'HTTPS': u'disable', u'HTTPSCertType': u'letsencrypt', u'CompositeNginxID': u'02', u'EmailAccount': u'default', u'NginxHTTPSFullPath': u'/etc/nginx/bx/site_avaliable/ssl.s1.conf', u'CompositeNginx': u'disable', u'SMTPTLS': u'on', u'ModuleCluster': u'', u'phpMsmtpAccount': u'default', u'CompositeNginxMap': u'', u'NginxHTTPDir': u'/etc/nginx/bx/site_avaliable', u'BackupHour': u''}) TASK [web : delete include for https-config] *********************************** changed: [b1] => (item={u'NginxPort': 80, u'NginxHTTPSConfig': u'ssl.s1.conf', u'upload_dir': u'upload', u'NTLM_module': u'Y', u'BackupMinute': u'', u'CompositeDomains': [], u'SphinxConnection': u'127.0.0.1:9306', u'message': u'', u'nginx_custom_settings': u'on', u'DBConn': u'Y', u'nginx_bx_temp_files': u'on', u'ApacheConfNTLM': u'', u'BackupTask': u'disable', u'CronFile': u'/etc/crontab', u'module_scale': u'installed', u'HTTPSConf': u'/etc/nginx/bx/conf/ssl_options.conf', u'proxy_ignore_client_abort': u'off', u'SiteShort': u'default', u'SiteInstall': u'kernel', u'BackupFolder': u'', u'SMTPPort': u'587', u'NTLM_use_ntlm': u'N', u'BackupWeekDay': u'', u'SiteStatus': u'finished', u'NginxHTTPConfig': u's1.conf', u'ModuleScale': u'', u'CompositeExcludeUri': [], u'ServerName': u'b1', u'SiteCharset': u'utf-8', u'NginxType': u'single', u'CompositeError': u'', u'CompositeStatus': u'disable', u'CompositeMemcachedHost': u'', u'module_cluster': u'not_installed', u'HTTPSPriv': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem', u'CronTask': u'enable', u'module_transformercontroller': u'not_installed', u'nginx_custom_settings_directory': u'/etc/nginx/bx/site_settings/default', u'DBName': u'sitemanager', u'EmailAddress': u'xxxx@xxxx.ru', u'SMTPHost': u'smtp.yandex.ru', u'error': 0, u'BackupCronFile': u'', u'SiteKernelDB': u'', u'CronService': {}, u'CompositeExcludeParams': [], u'HTTPSCert': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem', u'DBType': u'mysql', u'ApacheConfScale': u'/etc/httpd/bx-scale/conf/default.conf', u'ApacheConf': u'/etc/httpd/bx/conf/default.conf', u'DBPassword': u'***************', u'BackupDay': u'', u'module_main_version': u'22.100.100', u'dbconn_BX_TEMPORARY_FILES_DIRECTORY': u'/home/bitrix/tmp/www', u'NginxHTTPEDir': u'/etc/nginx/bx/site_enabled', u'DocumentRoot': u'/home/bitrix/www', u'phpSessionDir': u'/tmp/php_sessions/www', u'SiteCsync2': u'default', u'module_transformer': u'installed', u'CompositeMemcachedPort': u'', u'module_message': u'bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ', u'BackupVersion': u'', u'NTLM_bitrixvm_auth_support': u'N', u'SMTPPassword': u'***************', u'SiteName': u'default', u'HTTPSCertChain': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem', u'nginx_bx_temp_config': u'/etc/nginx/bx/site_settings/default/bx_temp.conf', u'SiteKernelDir': u'', u'CompositeStorage': u'', u'SMTPUser': u'xxxx@xxxx.ru', u'DBLogin': u'bitrix0', u'BackupMonth': u'', u'SphinxIndexName': u'bitrix', u'DBHost': u'localhost', u'CompositeIncludeUri': [], u'phpUploadDir': u'/tmp/php_upload/www', u'HTTPS': u'disable', u'HTTPSCertType': u'letsencrypt', u'CompositeNginxID': u'02', u'EmailAccount': u'default', u'NginxHTTPSFullPath': u'/etc/nginx/bx/site_avaliable/ssl.s1.conf', u'CompositeNginx': u'disable', u'SMTPTLS': u'on', u'ModuleCluster': u'', u'phpMsmtpAccount': u'default', u'CompositeNginxMap': u'', u'NginxHTTPDir': u'/etc/nginx/bx/site_avaliable', u'BackupHour': u''}) TASK [web : update site https-config] ****************************************** changed: [b1] => (item={u'NginxPort': 80, u'NginxHTTPSConfig': u'ssl.s1.conf', u'upload_dir': u'upload', u'NTLM_module': u'Y', u'BackupMinute': u'', u'CompositeDomains': [], u'SphinxConnection': u'127.0.0.1:9306', u'message': u'', u'nginx_custom_settings': u'on', u'DBConn': u'Y', u'nginx_bx_temp_files': u'on', u'ApacheConfNTLM': u'', u'BackupTask': u'disable', u'CronFile': u'/etc/crontab', u'module_scale': u'installed', u'HTTPSConf': u'/etc/nginx/bx/conf/ssl_options.conf', u'proxy_ignore_client_abort': u'off', u'SiteShort': u'default', u'SiteInstall': u'kernel', u'BackupFolder': u'', u'SMTPPort': u'587', u'NTLM_use_ntlm': u'N', u'BackupWeekDay': u'', u'SiteStatus': u'finished', u'NginxHTTPConfig': u's1.conf', u'ModuleScale': u'', u'CompositeExcludeUri': [], u'ServerName': u'b1', u'SiteCharset': u'utf-8', u'NginxType': u'single', u'CompositeError': u'', u'CompositeStatus': u'disable', u'CompositeMemcachedHost': u'', u'module_cluster': u'not_installed', u'HTTPSPriv': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem', u'CronTask': u'enable', u'module_transformercontroller': u'not_installed', u'nginx_custom_settings_directory': u'/etc/nginx/bx/site_settings/default', u'DBName': u'sitemanager', u'EmailAddress': u'xxxx@xxxx.ru', u'SMTPHost': u'smtp.yandex.ru', u'error': 0, u'BackupCronFile': u'', u'SiteKernelDB': u'', u'CronService': {}, u'CompositeExcludeParams': [], u'HTTPSCert': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem', u'DBType': u'mysql', u'ApacheConfScale': u'/etc/httpd/bx-scale/conf/default.conf', u'ApacheConf': u'/etc/httpd/bx/conf/default.conf', u'DBPassword': u'***************', u'BackupDay': u'', u'module_main_version': u'22.100.100', u'dbconn_BX_TEMPORARY_FILES_DIRECTORY': u'/home/bitrix/tmp/www', u'NginxHTTPEDir': u'/etc/nginx/bx/site_enabled', u'DocumentRoot': u'/home/bitrix/www', u'phpSessionDir': u'/tmp/php_sessions/www', u'SiteCsync2': u'default', u'module_transformer': u'installed', u'CompositeMemcachedPort': u'', u'module_message': u'bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ', u'BackupVersion': u'', u'NTLM_bitrixvm_auth_support': u'N', u'SMTPPassword': u'***************', u'SiteName': u'default', u'HTTPSCertChain': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem', u'nginx_bx_temp_config': u'/etc/nginx/bx/site_settings/default/bx_temp.conf', u'SiteKernelDir': u'', u'CompositeStorage': u'', u'SMTPUser': u'xxxx@xxxx.ru', u'DBLogin': u'bitrix0', u'BackupMonth': u'', u'SphinxIndexName': u'bitrix', u'DBHost': u'localhost', u'CompositeIncludeUri': [], u'phpUploadDir': u'/tmp/php_upload/www', u'HTTPS': u'disable', u'HTTPSCertType': u'letsencrypt', u'CompositeNginxID': u'02', u'EmailAccount': u'default', u'NginxHTTPSFullPath': u'/etc/nginx/bx/site_avaliable/ssl.s1.conf', u'CompositeNginx': u'disable', u'SMTPTLS': u'on', u'ModuleCluster': u'', u'phpMsmtpAccount': u'default', u'CompositeNginxMap': u'', u'NginxHTTPDir': u'/etc/nginx/bx/site_avaliable', u'BackupHour': u''}) TASK [web : restart nginx] ***************************************************** changed: [b1] included: /etc/ansible/roles/web/tasks/dehydrated.yml for b1 TASK [web : create domains directory] ****************************************** ok: [b1] TASK [web : create dehydrated config] ****************************************** ok: [b1] TASK [web : create dehydrated domains.txt for site] **************************** ok: [b1] TASK [web : get common name] *************************************************** changed: [b1] TASK [web : create main dehydrated domains.txt] ******************************** ok: [b1] TASK [web : register dehydrated] *********************************************** changed: [b1] TASK [web : create certificates] *********************************************** fatal: [b1]: FAILED! => {"changed": true, "cmd": "/home/bitrix/dehydrated/dehydrated -c --force > /home/bitrix/dehydrated_update.log 2>&1", "delta": "0:06:25.123819", "end": "2022-08-12 11:53:28.883455", "msg": "non-zero return code", "rc": 1, "start": "2022-08-12 11:47:03.759636", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []} NO MORE HOSTS LEFT ************************************************************* to retry, use: --lim it @/etc/ansible/web.retry PLAY RECAP ********************************************************************* b1 : ok=30 changed=9 unreachable=0 failed=1 |