OpenStack-Ansible

haproxy_server standalone certbot mode block DNS-01 challenge

Bug #2006938 reported by Antoine Thys on 2023-02-10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack-Ansible	Fix Released	Undecided	Unassigned

Bug Description

Using DNS-01 challenge for certbot isn't possible because `--standalone` is mutually exclusive with some arguments like `--dns-google`.

I think standalone mode should be overridable with var like haproxy_ssl_letsencrypt_setup_challenge_params or something like this.

Tags:

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-13: Fix proposed to openstack-ansible-haproxy_server (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/873633

Changed in openstack-ansible:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-21: Fix merged to openstack-ansible-haproxy_server (master)

Reviewed: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/873633
Committed: https://opendev.org/openstack/openstack-ansible-haproxy_server/commit/908427222bad5ef9b44ce8782eae0132d29143f4
Submitter: "Zuul (22348)"
Branch: master

commit 908427222bad5ef9b44ce8782eae0132d29143f4
Author: Dmitriy Rabotyagov <email address hidden>
Date: Mon Feb 13 19:02:29 2023 +0100

Use let's encrypt standalone flag only for http-01

    In case of using dns-01 challange deployers might want
    to avoid using
    standalone flag.

Change-Id: I3c6cfd7779e9ec9322e655cdda5bb6866bf695ca
Closes-Bug: #2006938

Changed in openstack-ansible:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-21: Fix proposed to openstack-ansible-haproxy_server (stable/zed)

Fix proposed to branch: stable/zed
Review: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/874619

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-21: Fix proposed to openstack-ansible-haproxy_server (stable/yoga)

Fix proposed to branch: stable/yoga
Review: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/874620

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-21: Fix proposed to openstack-ansible-haproxy_server (stable/xena)

Fix proposed to branch: stable/xena
Review: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/874621

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-23: Fix merged to openstack-ansible-haproxy_server (stable/zed)

Reviewed: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/874619
Committed: https://opendev.org/openstack/openstack-ansible-haproxy_server/commit/30c111903aa5f5d5e5233827d1ef00b6a6710168
Submitter: "Zuul (22348)"
Branch: stable/zed

commit 30c111903aa5f5d5e5233827d1ef00b6a6710168
Author: Dmitriy Rabotyagov <email address hidden>
Date: Mon Feb 13 19:02:29 2023 +0100

Use let's encrypt standalone flag only for http-01

    In case of using dns-01 challange deployers might want
    to avoid using
    standalone flag.

    Change-Id: I3c6cfd7779e9ec9322e655cdda5bb6866bf695ca
    Closes-Bug: #2006938
    (cherry picked from commit 908427222bad5ef9b44ce8782eae0132d29143f4)

tags:

added: in-stable-zed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-03-07: Fix merged to openstack-ansible-haproxy_server (stable/yoga)

Reviewed: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/874620
Committed: https://opendev.org/openstack/openstack-ansible-haproxy_server/commit/be2bd132b2fc68a9b6f98d8294acfb9b542443bc
Submitter: "Zuul (22348)"
Branch: stable/yoga

commit be2bd132b2fc68a9b6f98d8294acfb9b542443bc
Author: Dmitriy Rabotyagov <email address hidden>
Date: Mon Feb 13 19:02:29 2023 +0100

Use let's encrypt standalone flag only for http-01

    In case of using dns-01 challange deployers might want
    to avoid using
    standalone flag.

    Change-Id: I3c6cfd7779e9ec9322e655cdda5bb6866bf695ca
    Closes-Bug: #2006938
    (cherry picked from commit 908427222bad5ef9b44ce8782eae0132d29143f4)

tags:

added: in-stable-yoga

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-03-15: Fix merged to openstack-ansible-haproxy_server (stable/xena)

Reviewed: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/874621
Committed: https://opendev.org/openstack/openstack-ansible-haproxy_server/commit/153ad982ad553cce302a1fa058556aae38b5587d
Submitter: "Zuul (22348)"
Branch: stable/xena

commit 153ad982ad553cce302a1fa058556aae38b5587d
Author: Dmitriy Rabotyagov <email address hidden>
Date: Mon Feb 13 19:02:29 2023 +0100

Use let's encrypt standalone flag only for http-01

    In case of using dns-01 challange deployers might want
    to avoid using
    standalone flag.

    Change-Id: I3c6cfd7779e9ec9322e655cdda5bb6866bf695ca
    Closes-Bug: #2006938
    (cherry picked from commit 908427222bad5ef9b44ce8782eae0132d29143f4)

tags:

added: in-stable-xena

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-02-08: Fix included in openstack/openstack-ansible-haproxy_server yoga-eom

This issue was fixed in the openstack/openstack-ansible-haproxy_server yoga-eom release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-03-14: Fix included in openstack/openstack-ansible-haproxy_server xena-eom

#10

This issue was fixed in the openstack/openstack-ansible-haproxy_server xena-eom release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.