Example code in the README doesn't generate a CSR file

[anthonyeleven]

What happened?

TASK [Create cert and key] ** fatal: [prom-test.tor3.indexww.com]: FAILED! => { "changed": false }

MSG:

[Errno 2] No such file or directory: '/etc/node_exporter/tls.csr'

Did you expect to see some different?

How to reproduce it (as minimally and precisely as possible):

pre_tasks:

• name: Create node_exporter cert dir file: path: "/etc/node_exporter" state: directory owner: root group: root

• name: Create cert and key openssl_certificate: path: /etc/node_exporter/tls.cert csr_path: /etc/node_exporter/tls.csr privatekey_path: /etc/node_exporter/tls.key provider: selfsigned .. roles:

• cloudalchemy.node_exporter vars: node_exporter_tls_server_config: cert_file: /etc/node_exporter/tls.cert key_file: /etc/node_exporter/tls.key node_exporter_basic_auth_users: randomuser: examplepassword

Environment Rocky Linux release 8.5 (Green Obsidian)

• Role version:

  [2.0.0] - 2021-04-19

  Insert release version/galaxy tag or Git SHA here

• Ansible version information: ansible 2.8.5 ansible --version

• Variables:

insert role variables relevant to the issue

• Ansible playbook execution Logs:

insert Ansible logs relevant to the issue here

Anything else we need to know?:

[poehlerflorian]

I had the same problem and solved it by creating a private key and then the certificate from that private key.

- name: Create private key
  community.crypto.openssl_privatekey:
    path: /etc/node_exporter/tls.key
    type: Ed25519 # Optional, can be removed to create a RSA key

- name: Create cert
  community.crypto.x509_certificate:
    path: /etc/node_exporter/tls.cert
    privatekey_path: /etc/node_exporter/tls.key
    provider: selfsigned

See also https://docs.ansible.com/ansible/latest/collections/community/crypto/docsite/guide_selfsigned.html

[SuperQ]

This role has been deprecated in favor of a the prometheus-community/ansible collection.