Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to read private key file #8

Open
nicksardo opened this issue Aug 24, 2022 · 3 comments
Open

Unable to read private key file #8

nicksardo opened this issue Aug 24, 2022 · 3 comments

Comments

@nicksardo
Copy link

nicksardo commented Aug 24, 2022

s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun google_cloud_dns (no readiness notification)
s6-rc: info: service legacy-services successfully started
pkcs12: Can't open "/data/workdir/gcp.pem" for writing, No such file or directory
[15:43:07] FATAL: Unable to read private key file /config/google-ha-serviceacct.p12
[22:43:07] WARNING: Halt add-on
s6-rc: info: service legacy-services: stopping
[22:43:07] INFO: Service restart after closing
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped

I've confirmed /config/google-ha-serviceacct.p12 exists via terminal.

Config:

lets_encrypt:
  accept_terms: false
  certfile: fullchain.pem
  keyfile: privkey.pem
  renewal_period: 5184000
  dns_delay: 60
project: [redacted]
zone: [redacted]
email: ha-letsencrypt@[redacted].iam.gserviceaccount.com
keyfile: google-ha-serviceacct.p12
keyfile_password: notasecret
domain: [redacted]
ttl: 600
scan_interval: 300
@nicksardo
Copy link
Author

Looks like the addon only works if lets_encrypt is enabled because the workdir is only made in that case. If it's not made, the error pkcs12: Can't open "/data/workdir/gcp.pem" for writing, No such file or directory is raised.

@jdesai61
Copy link

I have the same problem

@benholtz
Copy link

I've got a fix in a PR.. @mrmichaelrb for viz
#22

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants