Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Confconsole - Let's Encrypt plugin - not working on any appliances that use Nginx as a front end webserver (inc Mattermost) #1190

Closed
JedMeister opened this Issue Sep 4, 2018 · 2 comments

Comments

Projects
None yet
1 participant
@JedMeister
Copy link
Member

JedMeister commented Sep 4, 2018

The Confconsole - Let's Encrypt plugin is not working as intended on the Mattermost appliance. Instead of generating a TLS certificate, it fails.

The bug is caused by the check_80 function (in the dehydrated-wrapper script) returning nginx: (instead of just nginx).

As the case statement that processes the output only recognises a few specific "webservers" (nginx is one, but nginx: isn't), it fails.

Versions affected: condconsole:1.1.0 (and earlier). To check what version you have:

apt-get update
apt-cache policy confconsole

E.g. on most v15.0 appliances you'll get this:

confconsole:
  Installed: 1.1.0
  Candidate: 1.1.0
  Version table:
 *** 1.1.0 999
        999 http://archive.turnkeylinux.org/debian stretch/main amd64 Packages
        100 /var/lib/dpkg/status

@JedMeister JedMeister added this to the 15.1 milestone Sep 4, 2018

@JedMeister

This comment has been minimized.

Copy link
Member Author

JedMeister commented Sep 4, 2018

Closed by turnkeylinux/confconsole@d1e61c4

Workaround for v14.x appliances affected by this bug (AFAIK only appliances that use Nginx as the front end webserver):

url=https://raw.githubusercontent.com/turnkeylinux/confconsole/master
wrapper_path=plugins.d/Lets_Encrypt/dehydrated-wrapper
wget $url/$wrapper_path -O /usr/lib/confconsole/$wrapper_path

Workaround for v15.x appliances:

apt-get update
apt-get install confconsole

@JedMeister JedMeister closed this Sep 4, 2018

@JedMeister JedMeister self-assigned this Sep 4, 2018

@JedMeister

This comment has been minimized.

Copy link
Member Author

JedMeister commented Sep 17, 2018

The new package has been built and uploaded to the archive.

Also FWIW, I tweaked the fix a little: turnkeylinux/confconsole@6c2aad9

Package versions 1.1.0+2+g6c2aad9 or later include the fix noted here.

@JedMeister JedMeister changed the title Confconsole - Let's Encrypt plugin - not working on Mattermost appliance - may affect others too Confconsole - Let's Encrypt plugin - not working on any appliances that use Nginx as a front end webserver (inc Mattermost) Oct 16, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.