Mon serveur YunoHost
Matériel: Brique Internet avec VPN
Version de YunoHost: 3.5.2.2
J’ai accès à mon serveur : En SSH et par la webadmin
Êtes-vous dans un contexte particulier ou avez-vous effectué des modificiations particulières sur votre instance ? : non
Description du problème
Bonjour
Je viens de recevoir 2 mails sur l’utilisateur root de mon serveur pour m’avertir que le renouvellement automatique du certificat Let’s Encrypt avait échoué.
Sachant qu’au moment où ces mails ont été générés, le serveur n’avait pas d’accès internet (à cause d’une coupure de réseau). Serais-ce lié à cela ?
Depuis, le serveur est à nouveau connecté au réseau, mais quand je consulte (sur la webadmin) la page du statut du certificat, j’ai ce message d’avertissement :
le certificat actuel est sur le point d’expirer ! Il ne sera PAS renouvelé automatiquement !
Et d’après ce qui est noté sur cette page, il n’est pas recommandé de renouveller le certificat manuellement. Qu’est-il donc préférable de faire ?
Est-ce que ce problème ne serait pas aussi lié à un autre expliqué ici :
Log reçu sur le 1er mail :
Now attempting renewing of certificate for domain xxxx.fr !
Certificate renewing for xxxx.fr failed !
Traceback (most recent call last):
File "/usr/lib/moulinette/yunohost/certificate.py", line 379, in certificate_renew
_check_domain_is_ready_for_ACME(domain)
File "/usr/lib/moulinette/yunohost/certificate.py", line 832, in _check_domain_is_ready_for_ACME
if not _dns_ip_match_public_ip(public_ip, domain):
File "/usr/lib/moulinette/yunohost/certificate.py", line 852, in _dns_ip_match_public_ip
return _get_dns_ip(domain) == public_ip
File "/usr/lib/moulinette/yunohost/certificate.py", line 844, in _get_dns_ip
answers = resolver.query(domain, "A")
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 949, in query
timeout = self._compute_timeout(start)
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 858, in _compute_timeout
raise Timeout(timeout=duration)
Timeout: The DNS operation timed out after 30.0013859272 seconds
The DNS operation timed out after 30.0013859272 seconds
Sending email with details to root ...
Et sur le 2nd mail :
The DNS operation timed out after 30.0013859272 seconds
Traceback (most recent call last):
File "/usr/lib/moulinette/yunohost/certificate.py", line 379, in certificate_renew
_check_domain_is_ready_for_ACME(domain)
File "/usr/lib/moulinette/yunohost/certificate.py", line 832, in _check_domain_is_ready_for_ACME
if not _dns_ip_match_public_ip(public_ip, domain):
File "/usr/lib/moulinette/yunohost/certificate.py", line 852, in _dns_ip_match_public_ip
return _get_dns_ip(domain) == public_ip
File "/usr/lib/moulinette/yunohost/certificate.py", line 844, in _get_dns_ip
answers = resolver.query(domain, "A")
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 949, in query
timeout = self._compute_timeout(start)
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 858, in _compute_timeout
raise Timeout(timeout=duration)
Timeout: The DNS operation timed out after 30.0013859272 seconds
Here's the tail of /var/log/yunohost/yunohost-cli.log, which might help to
investigate :
2019-05-20 06:25:26,899 DEBUG moulinette.actionsmap __init__ - loading actions map namespace 'yunohost'
2019-05-20 06:25:27,060 DEBUG moulinette.actionsmap __init__ - extra parameter classes loaded: ['comment', 'ask', 'password', 'required', 'pattern']
2019-05-20 06:25:27,061 DEBUG moulinette.interface __init__ - initializing base actions map parser for cli
2019-05-20 06:25:27,070 DEBUG moulinette.interface __init__ - registering new callback action 'yunohost.utils.packages.ynh_packages_version' to ['-v', '--version']
2019-05-20 06:25:27,805 DEBUG moulinette.authenticator.ldap __init__ - initialize authenticator 'ldap-anonymous' with: uri='ldap://localhost:389', base_dn='dc=yunohost,dc=org', user_rdn='None'
2019-05-20 06:25:27,835 DEBUG moulinette.core acquire - stale lock file found
2019-05-20 06:25:27,836 DEBUG moulinette.core acquire - lock has been acquired
2019-05-20 06:25:28,295 DEBUG moulinette.actionsmap process - loading python module yunohost.domain took 0.458s
2019-05-20 06:25:28,296 INFO moulinette.actionsmap process - processing action [13665.1]: yunohost.domain.cert-renew with args={'no_checks': False, 'force': False, 'domain_list': [], 'auth': <moulinette.authenticators.ldap.Authenticator object at 0xb6601a50>, 'staging': False, 'email': True}
2019-05-20 06:25:32,652 DEBUG requests.packages.urllib3.connectionpool _new_conn - Starting new HTTPS connection (1): ip.yunohost.org
2019-05-20 06:25:52,686 DEBUG yunohost.utils.network get_public_ip - Could not get public IPv4 : URL https://ip.yunohost.org invalide : ce site existe-t-il ?
2019-05-20 06:26:22,692 INFO yunohost.certmanager certificate_renew - [13665.1] Now attempting renewing of certificate for domain xxxx.fr !
2019-05-20 06:26:22,703 DEBUG requests.packages.urllib3.connectionpool _new_conn - Starting new HTTPS connection (1): ip.yunohost.org
2019-05-20 06:26:26,641 DEBUG moulinette.actionsmap __init__ - loading actions map namespace 'yunohost'
2019-05-20 06:26:26,796 DEBUG moulinette.actionsmap __init__ - extra parameter classes loaded: ['comment', 'ask', 'password', 'required', 'pattern']
2019-05-20 06:26:26,797 DEBUG moulinette.interface __init__ - initializing base actions map parser for cli
2019-05-20 06:26:26,802 DEBUG moulinette.interface __init__ - registering new callback action 'yunohost.utils.packages.ynh_packages_version' to ['-v', '--version']
2019-05-20 06:26:27,153 DEBUG moulinette.core set_locale - unable to load locale 'en' from '/usr/share/moulinette/locale'
2019-05-20 06:26:27,154 DEBUG moulinette.core set_locale - unable to load locale 'en' from '/usr/lib/moulinette/yunohost/locales'
2019-05-20 06:26:42,730 DEBUG yunohost.utils.network get_public_ip - Could not get public IPv4 : URL https://ip.yunohost.org invalide : ce site existe-t-il ?
2019-05-20 06:27:12,746 ERROR yunohost.certmanager certificate_renew - [13665.1] Certificate renewing for belouin.be failed !
2019-05-20 06:27:12,747 ERROR yunohost.certmanager certificate_renew - [13665.1] Traceback (most recent call last):
File "/usr/lib/moulinette/yunohost/certificate.py", line 379, in certificate_renew
_check_domain_is_ready_for_ACME(domain)
File "/usr/lib/moulinette/yunohost/certificate.py", line 832, in _check_domain_is_ready_for_ACME
if not _dns_ip_match_public_ip(public_ip, domain):
File "/usr/lib/moulinette/yunohost/certificate.py", line 852, in _dns_ip_match_public_ip
return _get_dns_ip(domain) == public_ip
File "/usr/lib/moulinette/yunohost/certificate.py", line 844, in _get_dns_ip
answers = resolver.query(domain, "A")
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 949, in query
timeout = self._compute_timeout(start)
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 858, in _compute_timeout
raise Timeout(timeout=duration)
Timeout: The DNS operation timed out after 30.0013859272 seconds
2019-05-20 06:27:12,749 ERROR yunohost.certmanager certificate_renew - [13665.1] The DNS operation timed out after 30.0013859272 seconds
2019-05-20 06:27:12,750 ERROR yunohost.certmanager certificate_renew - [13665.1] Sending email with details to root ...
-- Certificate Manager
Merci de votre aide !