Recently upgraded to OPNsense 23.1.5_4-amd64
At midnight, for the past 3 days, all traffic stops getting through.
Errors in the log are as follows:
2023-04-03T00:00:00-04:00 Error configd.py [520e7553-48a1-49cf-91a7-61c4955d2ed1] Inline action failed with not all arguments converted during string formatting at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 506, in execute inline_act_parameters = self.parameters % tuple(parameters) TypeError: not all arguments converted during string formatting
2023-04-03T00:00:01-04:00 Error configd.py [f6f504ec-1676-4279-99da-815a22c5089f] Script action failed with Command 'configctl template reload OPNsense/HAProxy 2 > /dev/null; /usr/local/opnsense/scripts/OPNsense/HAProxy/syncCerts.py sync --output json ' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 482, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command 'configctl template reload OPNsense/HAProxy 2 > /dev/null; /usr/local/opnsense/scripts/OPNsense/HAProxy/syncCerts.py sync --output json ' returned non-zero exit status 1.
My guess is that something did not get converted correctly at the upgrade, looks maybe to be in haproxy...?
Can I re-apply the upgrade...or...?
"Sync SSL certificate changes into running HAProxy service" at midnight?
it looks like param mismatch in cert_sync actions
can you test with
opnsense-patch -c plugins -a kulikov-a ce7711c
? (need to restart configd service after the patch)
(https://github.com/kulikov-a/plugins/commit/ce7711c7730a1ecde46ad396abb74227ecd1d354)