search

debops / ansible-pki

Bootstrap and manage internal PKI, Certificate Authorities and OpenSSL/GnuTLS certificates
GNU General Public License v3.0
65 stars 29 forks source link

PKI does not get setup by default #27

Closed Gomez closed 8 years ago

Gomez commented 8 years ago

I created a clean project with debops-init and bootstraped the host. Then i let debops -l <host> run.

Expected that debops.pki generates certs and setups the secrests/pki dir. But nothing happens, here the log:

TASK: [debops.pki | debug var=pki] ******************************************** 
ok: [owncloudsta] => {
    "var": {
        "pki": "True"
    }
}

TASK: [debops.pki | Create private groups if requested] *********************** 
skipping: [owncloudsta]

TASK: [debops.pki | Check if snapshot file exists on the Ansible Controller] *** 
ok: [owncloudsta -> localhost]

TASK: [debops.pki | Restore PKI from snapshot] ******************************** 
skipping: [owncloudsta]

TASK: [debops.pki | Create realm destination directories] ********************* 
skipping: [owncloudsta] => (item={'source': 'domain', 'ca': ['root/RootCA'], 'destination': 'domain', 'makefile': False, 'name': 'domain'})
skipping: [owncloudsta] => (item={'source': 'service', 'ca': ['root/ServiceCA'], 'destination': 'service', 'makefile': False, 'name': 'service'})
skipping: [owncloudsta] => (item={'source': u'hosts/owncloudsta/service', 'default_ca': u'CA/ServiceCA-.crt', 'name': 'host-service', 'default': u'srv.owncloudsta', 'ou': u' Service', 'destination': 'service', 'authority': 'root/ServiceCA'})
skipping: [owncloudsta] => (item={'source': u'hosts/owncloudsta/domain', 'name': 'host-domain', 'default': u'wildcard.domain.owncloudsta', 'ou': u'Data Center Operations', 'destination': 'domain', 'authority': 'ca/domain'})
skipping: [owncloudsta] => (item={'source': u'hosts/owncloudsta/host', 'name': 'host-internal', 'default': u'owncloudsta', 'ou': u' Data Center', 'destination': 'host', 'authority': 'ca/internal'})

TASK: [debops.pki | Generate main Makefile] *********************************** 
skipping: [owncloudsta]

TASK: [debops.pki | Generate realm Makefile] ********************************** 
skipping: [owncloudsta] => (item={'source': 'domain', 'ca': ['root/RootCA'], 'destination': 'domain', 'makefile': False, 'name': 'domain'})
skipping: [owncloudsta] => (item={'source': 'service', 'ca': ['root/ServiceCA']
drybjed commented 8 years ago

When debops.pki is skipping all tasks, the issue is usually lack of correctly set up domain. Check the output of hostname -f and make sure that ansible_domain is not empty.

Gomez commented 8 years ago

Awesome! There was a flaw with the hostname. Thx @drybjed