Здравствуйте.
Из /opt/webdir/temp/site_certificate:
Спасибо!
- BitrixVM 7.5.0
- HTTP включен
| Код |
|---|
# INFO: Using main config file /home/bitrix/dehydrated/config
Processing www.xxxx.ru with alternative names: xxxx.ru
+ Checking expire date of existing cert...
+ Valid till Aug 11 22:00:20 2022 GMT (Less than 20 days). Renewing!
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order fr om CA...
+ ERROR: An error occurred while sending post-request to https://acme-v02.api.letsencrypt.org/acme/new-order (Status 400)
Details:
HTTP/1.1 100 Continue
HTTP/1.1 400 Bad Request
Server: nginx
Date: Fri, 12 Aug 2022 08:53:28 GMT
Content-Type: application/problem+json
Content-Length: 173
Connection: keep-alive
Boulder-Requester: 332536990
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001581WsWFpS75SOL4KMrqtgymu7umQx6HSKHfe4hhNdO4
{
"type": "urn:ietf:params:acme:error:badNonce",
"detail": "JWS has an invalid anti-replay nonce: \"0001zZclZHAJj6p2RgOPnQkSWhIzS4Z5TxSo_DNrDtu0BHs\"",
"status": 400
} |
| Код |
|---|
PLAY [bitrix-hosts] ************************************************************
TASK [Gathering Facts] *********************************************************
ok: [b1]
included: /etc/ansible/inc_vars.yml for b1
TASK [web : include variables from mysql group] ********************************
ok: [b1]
TASK [web : include variables from web group] **********************************
ok: [b1]
TASK [web : include variables from temporary config] ***************************
ok: [b1]
TASK [web : additional gathering facts] ****************************************
ok: [b1]
TASK [web : set_fact] **********************************************************
ok: [b1]
included: /etc/ansible/roles/web/tasks/configure_le.yml for b1
included: /etc/ansible/roles/web/tasks/sites-gathering_facts_site_names.yml for b1
TASK [web : gathering facts about installed sites] *****************************
changed: [b1 -> None]
TASK [web : create variable bx_sites_info] *************************************
ok: [b1]
TASK [web : debug] *************************************************************
ok: [b1] => {
"msg": [
{
"ApacheConf": "/etc/httpd/bx/conf/default.conf",
"ApacheConfNTLM": "",
"ApacheConfScale": "/etc/httpd/bx-scale/conf/default.conf",
"BackupCronFile": "",
"BackupDay": "",
"BackupFolder": "",
"BackupHour": "",
"BackupMinute": "",
"BackupMonth": "",
"BackupTask": "disable",
"BackupVersion": "",
"BackupWeekDay": "",
"CompositeDomains": [],
"CompositeError": "",
"CompositeExcludeParams": [],
"CompositeExcludeUri": [],
"CompositeIncludeUri": [],
"CompositeMemcachedHost": "",
"CompositeMemcachedPort": "",
"CompositeNginx": "disable",
"CompositeNginxID": "02",
"CompositeNginxMap": "",
"CompositeStatus": "disable",
"CompositeStorage": "",
"CronFile": "/etc/crontab",
"CronService": {},
"CronTask": "enable",
"DBConn": "Y",
"DBHost": "localhost",
"DBLogin": "bitrix0",
"DBName": "sitemanager",
"DBPassword": "***************",
"DBType": "mysql",
"DocumentRoot": "/home/bitrix/www",
"EmailAccount": "default",
"EmailAddress": "xxxx@xxxx.ru",
"HTTPS": "disable",
"HTTPSCert": "/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem",
"HTTPSCertChain": "/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem",
"HTTPSCertType": "letsencrypt",
"HTTPSConf": "/etc/nginx/bx/conf/ssl_options.conf",
"HTTPSPriv": "/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem",
"ModuleCluster": "",
"ModuleScale": "",
"NTLM_bitrixvm_auth_support": "N",
"NTLM_module": "Y",
"NTLM_use_ntlm": "N",
"NginxHTTPConfig": "s1.conf",
"NginxHTTPDir": "/etc/nginx/bx/site_avaliable",
"NginxHTTPEDir": "/etc/nginx/bx/site_enabled",
"NginxHTTPSConfig": "ssl.s1.conf",
"NginxHTTPSFullPath": "/etc/nginx/bx/site_avaliable/ssl.s1.conf",
"NginxPort": 80,
"NginxType": "single",
"SMTPHost": "smtp.yandex.ru",
"SMTPPassword": "***************",
"SMTPPort": "587",
"SMTPTLS": "on",
"SMTPUser": "xxxx@xxxx.ru",
"ServerName": "b1",
"SiteCharset": "utf-8",
"SiteCsync2": "default",
"SiteInstall": "kernel",
"SiteKernelDB": "",
"SiteKernelDir": "",
"SiteName": "default",
"SiteShort": "default",
"SiteStatus": "finished",
"SphinxConnection": "127.0.0.1:9306",
"SphinxIndexName": "bitrix",
"dbconn_BX_TEMPORARY_FILES_DIRECTORY": "/home/bitrix/tmp/www",
"error": 0,
"message": "",
"module_cluster": "not_installed",
"module_main_version": "22.100.100",
"module_message": "bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ",
"module_scale": "installed",
"module_transformer": "installed",
"module_transformercontroller": "not_installed",
"nginx_bx_temp_config": "/etc/nginx/bx/site_settings/default/bx_temp.conf",
"nginx_bx_temp_files": "on",
"nginx_custom_settings": "on",
"nginx_custom_settings_directory": "/etc/nginx/bx/site_settings/default",
"phpMsmtpAccount": "default",
"phpSessionDir": "/tmp/php_sessions/www",
"phpUploadDir": "/tmp/php_upload/www",
"proxy_ignore_client_abort": "off",
"upload_dir": "upload"
}
]
}
TASK [web : set cluster mark to disabled state] ********************************
ok: [b1]
TASK [web : download dehydrated] ***********************************************
ok: [b1]
TASK [web : create directories] ************************************************
changed: [b1] => (item=/home/bitrix/dehydrated)
ok: [b1] => (item=/var/www/dehydrated)
TASK [web : create nginx LE config] ********************************************
ok: [b1]
TASK [web : create nginx SSL options config] ***********************************
ok: [b1]
included: /etc/ansible/roles/web/tasks/configure_le_location_per_site.yml for b1
TASK [web : delete include for http-config] ************************************
changed: [b1] => (item={u'NginxPort': 80, u'NginxHTTPSConfig': u'ssl.s1.conf', u'upload_dir': u'upload', u'NTLM_module': u'Y', u'BackupMinute': u'', u'CompositeDomains': [], u'SphinxConnection': u'127.0.0.1:9306', u'message': u'', u'nginx_custom_settings': u'on', u'DBConn': u'Y', u'nginx_bx_temp_files': u'on', u'ApacheConfNTLM': u'', u'BackupTask': u'disable', u'CronFile': u'/etc/crontab', u'module_scale': u'installed', u'HTTPSConf': u'/etc/nginx/bx/conf/ssl_options.conf', u'proxy_ignore_client_abort': u'off', u'SiteShort': u'default', u'SiteInstall': u'kernel', u'BackupFolder': u'', u'SMTPPort': u'587', u'NTLM_use_ntlm': u'N', u'BackupWeekDay': u'', u'SiteStatus': u'finished', u'NginxHTTPConfig': u's1.conf', u'ModuleScale': u'', u'CompositeExcludeUri': [], u'ServerName': u'b1', u'SiteCharset': u'utf-8', u'NginxType': u'single', u'CompositeError': u'', u'CompositeStatus': u'disable', u'CompositeMemcachedHost': u'', u'module_cluster': u'not_installed', u'HTTPSPriv': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem', u'CronTask': u'enable', u'module_transformercontroller': u'not_installed', u'nginx_custom_settings_directory': u'/etc/nginx/bx/site_settings/default', u'DBName': u'sitemanager', u'EmailAddress': u'xxxx@xxxx.ru', u'SMTPHost': u'smtp.yandex.ru', u'error': 0, u'BackupCronFile': u'', u'SiteKernelDB': u'', u'CronService': {}, u'CompositeExcludeParams': [], u'HTTPSCert': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem', u'DBType': u'mysql', u'ApacheConfScale': u'/etc/httpd/bx-scale/conf/default.conf', u'ApacheConf': u'/etc/httpd/bx/conf/default.conf', u'DBPassword': u'***************', u'BackupDay': u'', u'module_main_version': u'22.100.100', u'dbconn_BX_TEMPORARY_FILES_DIRECTORY': u'/home/bitrix/tmp/www', u'NginxHTTPEDir': u'/etc/nginx/bx/site_enabled', u'DocumentRoot': u'/home/bitrix/www', u'phpSessionDir': u'/tmp/php_sessions/www', u'SiteCsync2': u'default', u'module_transformer': u'installed', u'CompositeMemcachedPort': u'', u'module_message': u'bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ', u'BackupVersion': u'', u'NTLM_bitrixvm_auth_support': u'N', u'SMTPPassword': u'***************', u'SiteName': u'default', u'HTTPSCertChain': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem', u'nginx_bx_temp_config': u'/etc/nginx/bx/site_settings/default/bx_temp.conf', u'SiteKernelDir': u'', u'CompositeStorage': u'', u'SMTPUser': u'xxxx@xxxx.ru', u'DBLogin': u'bitrix0', u'BackupMonth': u'', u'SphinxIndexName': u'bitrix', u'DBHost': u'localhost', u'CompositeIncludeUri': [], u'phpUploadDir': u'/tmp/php_upload/www', u'HTTPS': u'disable', u'HTTPSCertType': u'letsencrypt', u'CompositeNginxID': u'02', u'EmailAccount': u'default', u'NginxHTTPSFullPath': u'/etc/nginx/bx/site_avaliable/ssl.s1.conf', u'CompositeNginx': u'disable', u'SMTPTLS': u'on', u'ModuleCluster': u'', u'phpMsmtpAccount': u'default', u'CompositeNginxMap': u'', u'NginxHTTPDir': u'/etc/nginx/bx/site_avaliable', u'BackupHour': u''})
TASK [web : update site http-config] *******************************************
changed: [b1] => (item={u'NginxPort': 80, u'NginxHTTPSConfig': u'ssl.s1.conf', u'upload_dir': u'upload', u'NTLM_module': u'Y', u'BackupMinute': u'', u'CompositeDomains': [], u'SphinxConnection': u'127.0.0.1:9306', u'message': u'', u'nginx_custom_settings': u'on', u'DBConn': u'Y', u'nginx_bx_temp_files': u'on', u'ApacheConfNTLM': u'', u'BackupTask': u'disable', u'CronFile': u'/etc/crontab', u'module_scale': u'installed', u'HTTPSConf': u'/etc/nginx/bx/conf/ssl_options.conf', u'proxy_ignore_client_abort': u'off', u'SiteShort': u'default', u'SiteInstall': u'kernel', u'BackupFolder': u'', u'SMTPPort': u'587', u'NTLM_use_ntlm': u'N', u'BackupWeekDay': u'', u'SiteStatus': u'finished', u'NginxHTTPConfig': u's1.conf', u'ModuleScale': u'', u'CompositeExcludeUri': [], u'ServerName': u'b1', u'SiteCharset': u'utf-8', u'NginxType': u'single', u'CompositeError': u'', u'CompositeStatus': u'disable', u'CompositeMemcachedHost': u'', u'module_cluster': u'not_installed', u'HTTPSPriv': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem', u'CronTask': u'enable', u'module_transformercontroller': u'not_installed', u'nginx_custom_settings_directory': u'/etc/nginx/bx/site_settings/default', u'DBName': u'sitemanager', u'EmailAddress': u'xxxx@xxxx.ru', u'SMTPHost': u'smtp.yandex.ru', u'error': 0, u'BackupCronFile': u'', u'SiteKernelDB': u'', u'CronService': {}, u'CompositeExcludeParams': [], u'HTTPSCert': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem', u'DBType': u'mysql', u'ApacheConfScale': u'/etc/httpd/bx-scale/conf/default.conf', u'ApacheConf': u'/etc/httpd/bx/conf/default.conf', u'DBPassword': u'***************', u'BackupDay': u'', u'module_main_version': u'22.100.100', u'dbconn_BX_TEMPORARY_FILES_DIRECTORY': u'/home/bitrix/tmp/www', u'NginxHTTPEDir': u'/etc/nginx/bx/site_enabled', u'DocumentRoot': u'/home/bitrix/www', u'phpSessionDir': u'/tmp/php_sessions/www', u'SiteCsync2': u'default', u'module_transformer': u'installed', u'CompositeMemcachedPort': u'', u'module_message': u'bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ', u'BackupVersion': u'', u'NTLM_bitrixvm_auth_support': u'N', u'SMTPPassword': u'***************', u'SiteName': u'default', u'HTTPSCertChain': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem', u'nginx_bx_temp_config': u'/etc/nginx/bx/site_settings/default/bx_temp.conf', u'SiteKernelDir': u'', u'CompositeStorage': u'', u'SMTPUser': u'xxxx@xxxx.ru', u'DBLogin': u'bitrix0', u'BackupMonth': u'', u'SphinxIndexName': u'bitrix', u'DBHost': u'localhost', u'CompositeIncludeUri': [], u'phpUploadDir': u'/tmp/php_upload/www', u'HTTPS': u'disable', u'HTTPSCertType': u'letsencrypt', u'CompositeNginxID': u'02', u'EmailAccount': u'default', u'NginxHTTPSFullPath': u'/etc/nginx/bx/site_avaliable/ssl.s1.conf', u'CompositeNginx': u'disable', u'SMTPTLS': u'on', u'ModuleCluster': u'', u'phpMsmtpAccount': u'default', u'CompositeNginxMap': u'', u'NginxHTTPDir': u'/etc/nginx/bx/site_avaliable', u'BackupHour': u''})
TASK [web : delete include for https-config] ***********************************
changed: [b1] => (item={u'NginxPort': 80, u'NginxHTTPSConfig': u'ssl.s1.conf', u'upload_dir': u'upload', u'NTLM_module': u'Y', u'BackupMinute': u'', u'CompositeDomains': [], u'SphinxConnection': u'127.0.0.1:9306', u'message': u'', u'nginx_custom_settings': u'on', u'DBConn': u'Y', u'nginx_bx_temp_files': u'on', u'ApacheConfNTLM': u'', u'BackupTask': u'disable', u'CronFile': u'/etc/crontab', u'module_scale': u'installed', u'HTTPSConf': u'/etc/nginx/bx/conf/ssl_options.conf', u'proxy_ignore_client_abort': u'off', u'SiteShort': u'default', u'SiteInstall': u'kernel', u'BackupFolder': u'', u'SMTPPort': u'587', u'NTLM_use_ntlm': u'N', u'BackupWeekDay': u'', u'SiteStatus': u'finished', u'NginxHTTPConfig': u's1.conf', u'ModuleScale': u'', u'CompositeExcludeUri': [], u'ServerName': u'b1', u'SiteCharset': u'utf-8', u'NginxType': u'single', u'CompositeError': u'', u'CompositeStatus': u'disable', u'CompositeMemcachedHost': u'', u'module_cluster': u'not_installed', u'HTTPSPriv': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem', u'CronTask': u'enable', u'module_transformercontroller': u'not_installed', u'nginx_custom_settings_directory': u'/etc/nginx/bx/site_settings/default', u'DBName': u'sitemanager', u'EmailAddress': u'xxxx@xxxx.ru', u'SMTPHost': u'smtp.yandex.ru', u'error': 0, u'BackupCronFile': u'', u'SiteKernelDB': u'', u'CronService': {}, u'CompositeExcludeParams': [], u'HTTPSCert': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem', u'DBType': u'mysql', u'ApacheConfScale': u'/etc/httpd/bx-scale/conf/default.conf', u'ApacheConf': u'/etc/httpd/bx/conf/default.conf', u'DBPassword': u'***************', u'BackupDay': u'', u'module_main_version': u'22.100.100', u'dbconn_BX_TEMPORARY_FILES_DIRECTORY': u'/home/bitrix/tmp/www', u'NginxHTTPEDir': u'/etc/nginx/bx/site_enabled', u'DocumentRoot': u'/home/bitrix/www', u'phpSessionDir': u'/tmp/php_sessions/www', u'SiteCsync2': u'default', u'module_transformer': u'installed', u'CompositeMemcachedPort': u'', u'module_message': u'bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ', u'BackupVersion': u'', u'NTLM_bitrixvm_auth_support': u'N', u'SMTPPassword': u'***************', u'SiteName': u'default', u'HTTPSCertChain': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem', u'nginx_bx_temp_config': u'/etc/nginx/bx/site_settings/default/bx_temp.conf', u'SiteKernelDir': u'', u'CompositeStorage': u'', u'SMTPUser': u'xxxx@xxxx.ru', u'DBLogin': u'bitrix0', u'BackupMonth': u'', u'SphinxIndexName': u'bitrix', u'DBHost': u'localhost', u'CompositeIncludeUri': [], u'phpUploadDir': u'/tmp/php_upload/www', u'HTTPS': u'disable', u'HTTPSCertType': u'letsencrypt', u'CompositeNginxID': u'02', u'EmailAccount': u'default', u'NginxHTTPSFullPath': u'/etc/nginx/bx/site_avaliable/ssl.s1.conf', u'CompositeNginx': u'disable', u'SMTPTLS': u'on', u'ModuleCluster': u'', u'phpMsmtpAccount': u'default', u'CompositeNginxMap': u'', u'NginxHTTPDir': u'/etc/nginx/bx/site_avaliable', u'BackupHour': u''})
TASK [web : update site https-config] ******************************************
changed: [b1] => (item={u'NginxPort': 80, u'NginxHTTPSConfig': u'ssl.s1.conf', u'upload_dir': u'upload', u'NTLM_module': u'Y', u'BackupMinute': u'', u'CompositeDomains': [], u'SphinxConnection': u'127.0.0.1:9306', u'message': u'', u'nginx_custom_settings': u'on', u'DBConn': u'Y', u'nginx_bx_temp_files': u'on', u'ApacheConfNTLM': u'', u'BackupTask': u'disable', u'CronFile': u'/etc/crontab', u'module_scale': u'installed', u'HTTPSConf': u'/etc/nginx/bx/conf/ssl_options.conf', u'proxy_ignore_client_abort': u'off', u'SiteShort': u'default', u'SiteInstall': u'kernel', u'BackupFolder': u'', u'SMTPPort': u'587', u'NTLM_use_ntlm': u'N', u'BackupWeekDay': u'', u'SiteStatus': u'finished', u'NginxHTTPConfig': u's1.conf', u'ModuleScale': u'', u'CompositeExcludeUri': [], u'ServerName': u'b1', u'SiteCharset': u'utf-8', u'NginxType': u'single', u'CompositeError': u'', u'CompositeStatus': u'disable', u'CompositeMemcachedHost': u'', u'module_cluster': u'not_installed', u'HTTPSPriv': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/privkey.pem', u'CronTask': u'enable', u'module_transformercontroller': u'not_installed', u'nginx_custom_settings_directory': u'/etc/nginx/bx/site_settings/default', u'DBName': u'sitemanager', u'EmailAddress': u'xxxx@xxxx.ru', u'SMTPHost': u'smtp.yandex.ru', u'error': 0, u'BackupCronFile': u'', u'SiteKernelDB': u'', u'CronService': {}, u'CompositeExcludeParams': [], u'HTTPSCert': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/fullchain.pem', u'DBType': u'mysql', u'ApacheConfScale': u'/etc/httpd/bx-scale/conf/default.conf', u'ApacheConf': u'/etc/httpd/bx/conf/default.conf', u'DBPassword': u'***************', u'BackupDay': u'', u'module_main_version': u'22.100.100', u'dbconn_BX_TEMPORARY_FILES_DIRECTORY': u'/home/bitrix/tmp/www', u'NginxHTTPEDir': u'/etc/nginx/bx/site_enabled', u'DocumentRoot': u'/home/bitrix/www', u'phpSessionDir': u'/tmp/php_sessions/www', u'SiteCsync2': u'default', u'module_transformer': u'installed', u'CompositeMemcachedPort': u'', u'module_message': u'bxSiteFiles::bx_modules_options: module cluster is not installed on /home/bitrix/www module transformercontroller is not installed on /home/bitrix/www ', u'BackupVersion': u'', u'NTLM_bitrixvm_auth_support': u'N', u'SMTPPassword': u'***************', u'SiteName': u'default', u'HTTPSCertChain': u'/home/bitrix/dehydrated/certs/www.xxxx.ru/chain.pem', u'nginx_bx_temp_config': u'/etc/nginx/bx/site_settings/default/bx_temp.conf', u'SiteKernelDir': u'', u'CompositeStorage': u'', u'SMTPUser': u'xxxx@xxxx.ru', u'DBLogin': u'bitrix0', u'BackupMonth': u'', u'SphinxIndexName': u'bitrix', u'DBHost': u'localhost', u'CompositeIncludeUri': [], u'phpUploadDir': u'/tmp/php_upload/www', u'HTTPS': u'disable', u'HTTPSCertType': u'letsencrypt', u'CompositeNginxID': u'02', u'EmailAccount': u'default', u'NginxHTTPSFullPath': u'/etc/nginx/bx/site_avaliable/ssl.s1.conf', u'CompositeNginx': u'disable', u'SMTPTLS': u'on', u'ModuleCluster': u'', u'phpMsmtpAccount': u'default', u'CompositeNginxMap': u'', u'NginxHTTPDir': u'/etc/nginx/bx/site_avaliable', u'BackupHour': u''})
TASK [web : restart nginx] *****************************************************
changed: [b1]
included: /etc/ansible/roles/web/tasks/dehydrated.yml for b1
TASK [web : create domains directory] ******************************************
ok: [b1]
TASK [web : create dehydrated config] ******************************************
ok: [b1]
TASK [web : create dehydrated domains.txt for site] ****************************
ok: [b1]
TASK [web : get common name] ***************************************************
changed: [b1]
TASK [web : create main dehydrated domains.txt] ********************************
ok: [b1]
TASK [web : register dehydrated] ***********************************************
changed: [b1]
TASK [web : create certificates] ***********************************************
fatal: [b1]: FAILED! => {"changed": true, "cmd": "/home/bitrix/dehydrated/dehydrated -c --force > /home/bitrix/dehydrated_update.log 2>&1", "delta": "0:06:25.123819", "end": "2022-08-12 11:53:28.883455", "msg": "non-zero return code", "rc": 1, "start": "2022-08-12 11:47:03.759636", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
NO MORE HOSTS LEFT *************************************************************
to retry, use: --lim it @/etc/ansible/web.retry
PLAY RECAP *********************************************************************
b1 : ok=30 changed=9 unreachable=0 failed=1
|
