Open jgotteswinter opened 1 month ago
robin-checkmk
commented
1 month ago Thanks for filing this issue @jgotteswinter! This feels like an issue with the system Apache on the server. Do you have any particular configuration there? A redirect or something else? Maybe the logs of said Apache contain a hint as well.
jgotteswinter
commented
1 month ago The error message is logged in /omd/sites/xxx/var/log/apache/error.log, the config is not modified at all. I am accessing OMD via http. Like mentioned, its a fresh install. The only thing which has been done before was omd create
robin-checkmk
commented
1 month ago I am referring to your system Apache. The one you see with systemctl status apache2 and whose logs are in /var/log/apache2/. :slightly_smiling_face:
jgotteswinter
commented
1 month ago no that one does not log any errors at all
i also tested with this script, which also works
#!/bin/bash
# NOTE: We recommend all shell users to use the "httpie" examples instead.
# `curl` should not be used for writing large scripts.
# This code is provided for debugging purposes only.
HOST_NAME=""
SITE_NAME="xxx"
PROTO="http" #[http|https]
API_URL="$PROTO://$HOST_NAME/$SITE_NAME/check_mk/api/1.0"
USERNAME="automation"
PASSWORD="xxx"
curl -6 \
--request POST \
--write-out "\nxxx-status_code=%{http_code}\n" \
--header "Authorization: Bearer $USERNAME $PASSWORD" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '{
"attributes": {
"ipaddress": "192.168.0.123"
},
"folder": "/",
"host_name": "example.com"
}' \
"$API_URL/domain-types/host_config/collections/all"it might be worth mentioning that we are running a v6 only network
robin-checkmk
commented
1 month ago it might be worth mentioning that we are running a v6 only network
Huh. Well that is at least a peculiarity which might be relevant, but I am uncertain how exactly that would come to bear. Is there any way to test this in an IPv4 environment?
I know that we use Ansible libraries to make the HTTP calls, so I cannot see, that it really is a problem of this very collection, but rather one of Ansible and its libraries. I will need to do some research though.
P.S.: Any chance, this is relevant somehow? https://github.com/ansible/ansible/issues/74397
jgotteswinter
commented
1 month ago I successfully tested my Ansible against a v4 CheckMk (older Version). Apart from that, i will add a v4 address to the new installation for testing. Lets see what happens.
Thanks for the BR, i will take a look at this. Yes, there are many parties/moving parts involved. Using v6 is still full of surprises :)
robin-checkmk
commented
1 month ago Nice! Thanks for testing!
In all honesty: Even if we can pin it to IPv6, I am not sure how much or how quickly something can be done. Just to manage expectations. Maybe it is a trivial thing to fix, maybe it is awfully complex. We will do what we can here, but be prepared to accept the necessity for a workaround.
That being said, I am still hopeful, that we can understand and fix this! :muscle:
Verify first that your issue is not already reported here. Where possible also test if the latest release and main branch are affected too. Complete all sections as described!
Describe the bug
When trying to use the MK Ansible collection i always end up in a 401 unauthorized. Calling the same url from my browser (using the automation secret) works fine, no auth issues. Using curl also works fine.
When using the Ansible collection it always ends up with a 401. This is a fresh installation i am currently working on.
The sites apache shows "AH01614: client used wrong authentication scheme:" when trying to do something with the ansible collection.
Component Name Component Name: activation
Ansible Version
Checkmk Version and Edition
Collection Version
To Reproduce
Fresh installation on Ubuntu 24.04, get the automation user secret and try a random task with the ansible collection