Author Topic: 21.7.8 acme issue (Read 4566 times)

atom · « **on:** January 28, 2022, 06:45:26 am »

After upgrade to 21.7.8 the acme client does not work anymore.

[28-Jan-2022 00:00:27 Europe/Berlin] PHP Fatal error:  Uncaught Error: Call to a member function init() on null in /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/LeCertificate.php:634
Stack trace:
#0 /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/LeCertificate.php(404): OPNsense\AcmeClient\LeCertificate->runAutomations()
#1 /usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php(165): OPNsense\AcmeClient\LeCertificate->issue()
#2 /usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php(199): main()
#3 {main}
  thrown in /usr/local/opnsense/mvc/app/library/OPNsense/AcmeClient/LeCertificate.php on line 634

and

Code: [Select]

2022-01-28T00:00:27	php[90929]	AcmeClient: automation not supported: restart_gui (14c6af94-6e41-4424-bfe5-67948356ce71)
2022-01-28T00:00:27	php[90929]	AcmeClient: running automations for certificate:

Fright · « **Reply #1 on:** January 28, 2022, 11:17:46 am »

any complains in backend log about acme client migration fail?
looks like automation internal type was renamed from restart_gui to configd_restart_gui.
migration should have been take care of it

anyhow i think you can just edit existing migration (select "Restart OPNsense Web UI") and save it again. will work next time imho

atom · « **Reply #2 on:** January 28, 2022, 12:44:09 pm »

There were 3 messages in update.log about errors during update

Code: [Select]

[159/162] Extracting os-wireguard-1.7: .......... done
configd not running? (check /var/run/configd.pid).
Starting configd.
Traceback (most recent call last):
  File "/usr/local/opnsense/service/configd.py", line 43, in <module>
    import modules.processhandler
  File "/usr/local/opnsense/service/modules/processhandler.py", line 43, in <module>
    from . import ph_inline_actions, syslog_error, syslog_info, syslog_notice, singleton
  File "/usr/local/opnsense/service/modules/ph_inline_actions.py", line 32, in <module>
    from . import template
  File "/usr/local/opnsense/service/modules/template.py", line 42, in <module>
    import jinja2
ModuleNotFoundError: No module named 'jinja2'
/usr/local/etc/rc.d/configd: WARNING: failed to start configd
Keep version OPNsense\Wireguard\General (0.0.1)
Keep version OPNsense\Wireguard\Server (0.0.2)
Keep version OPNsense\Wireguard\Client (0.0.6)
Reloading plugin configuration
Configuring system logging...done.
Reloading template OPNsense/Wireguard: configd not running!
pkg-static: POST-INSTALL script failed

Code: [Select]

[160/162] Reinstalling os-smart-2.2...
[160/162] Extracting os-smart-2.2: .......... done
configd not running? (check /var/run/configd.pid).
Starting configd.
Traceback (most recent call last):
  File "/usr/local/opnsense/service/configd.py", line 43, in <module>
    import modules.processhandler
  File "/usr/local/opnsense/service/modules/processhandler.py", line 43, in <module>
    from . import ph_inline_actions, syslog_error, syslog_info, syslog_notice, singleton
  File "/usr/local/opnsense/service/modules/ph_inline_actions.py", line 32, in <module>
    from . import template
  File "/usr/local/opnsense/service/modules/template.py", line 42, in <module>
    import jinja2
ModuleNotFoundError: No module named 'jinja2'
/usr/local/etc/rc.d/configd: WARNING: failed to start configd
Reloading plugin configuration
Configuring system logging...done.

Code: [Select]

[161/162] Reinstalling os-acme-client-2.6...
[161/162] Extracting os-acme-client-2.6: .......... done
configd not running? (check /var/run/configd.pid).
Starting configd.
Traceback (most recent call last):
  File "/usr/local/opnsense/service/configd.py", line 43, in <module>
    import modules.processhandler
  File "/usr/local/opnsense/service/modules/processhandler.py", line 43, in <module>
    from . import ph_inline_actions, syslog_error, syslog_info, syslog_notice, singleton
  File "/usr/local/opnsense/service/modules/ph_inline_actions.py", line 32, in <module>
    from . import template
  File "/usr/local/opnsense/service/modules/template.py", line 42, in <module>
    import jinja2
ModuleNotFoundError: No module named 'jinja2'
/usr/local/etc/rc.d/configd: WARNING: failed to start configd
Keep version OPNsense\AcmeClient\AcmeClient (2.1.0)
Reloading plugin configuration
Configuring system logging...done.
Reloading template OPNsense/AcmeClient: configd not running!
pkg-static: POST-INSTALL script failed

I've saved the automation again now.

Fright · « **Reply #3 on:** January 28, 2022, 02:37:38 pm »

Quote

Extracting os-acme-client-2.6: .......... done

2.6 introduced in 21.1.9.
3.8 in 21.7.8

Quote

Extracting os-wireguard-1.7:

1.8 introduced in 21.7.5
1.10 in 21.7.8

sorry, dont understand whats happening here. can you share full update log if possible please?

atom · « **Reply #4 on:** January 28, 2022, 02:54:53 pm »

Yes, it looks a little weird. I've upgraded from 21.7.7 to 21.7.8, but the update log is from 21.8.
Only timestamp of directory "." is correct.

Code: [Select]

ls -lart /var/cache/opnsense-update
total 52
prw-r--r--  1 root  wheel      0 Aug 21 08:23 .upgrade.pipe
-rw-r--r--  1 root  wheel  39566 Aug 21 08:25 .upgrade.log
drwxr-x---  2 root  wheel    512 Aug 21 08:25 .sets.pending
drwxr-xr-x  6 root  wheel    512 Jan 26 20:38 ..
drwxr-xr-x  3 root  wheel    512 Jan 27 22:33 .

Fright · « **Reply #5 on:** January 28, 2022, 03:18:04 pm »

oh. old entries.. )
can you check AcmeClient version in config.xml and if it < 3.1.0 run

Code: [Select]

/usr/local/opnsense/mvc/script/run_migrations.phpfrom console?
any errors while running script or in System: Log Files: General after it?

atom · « **Reply #6 on:** January 28, 2022, 03:48:52 pm »

the version looks good:

Code: [Select]

cat config.xml | grep "<AcmeClient "
    <AcmeClient version="3.2.0">

Fright · « **Reply #7 on:** January 28, 2022, 04:49:34 pm »

hm. sorry, the only version i have: 3.1.0 model migration was added with 3.5 plugin ver. while model was allready assigned 3.1.0 ver with 3.4 plugin release. so may be migration was never ran. but i can missing something here.

atom · « **Reply #8 on:** January 28, 2022, 05:14:42 pm »

I've got the same version on my OPNsense with 22.1.

Fright · « **Reply #9 on:** January 28, 2022, 05:51:42 pm »

sorry, I didn't express myself clearly ). I didn't mean "plugin version". The version of what is happening.
in short - perhaps a special migration was not run and the automation types were not renamed automatically. if I understand the code correctly, it will be enough to edit and re-save the existing automations. in this case, the type will change to correct (new) and no more errors should occur

atom · « **Reply #10 on:** January 29, 2022, 12:02:50 pm »

I re-saved the automation yesterday.
Today runs the renew of the certificate without a problem.

Fright · « **Reply #11 on:** January 29, 2022, 04:09:32 pm »

cool!

atom · « **Reply #12 on:** January 29, 2022, 04:54:49 pm »

Thank you !

Author Topic: 21.7.8 acme issue (Read 4566 times)

atom

21.7.8 acme issue

Fright

Re: 21.7.8 acme issue

atom

Re: 21.7.8 acme issue

Fright

Re: 21.7.8 acme issue

atom

Re: 21.7.8 acme issue

Fright

Re: 21.7.8 acme issue

atom

Re: 21.7.8 acme issue

Fright

Re: 21.7.8 acme issue

atom

Re: 21.7.8 acme issue

Fright

Re: 21.7.8 acme issue

atom

Re: 21.7.8 acme issue

Fright

Re: 21.7.8 acme issue

atom

Re: 21.7.8 acme issue