starred/certidude-laurivosandi
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude.git synced 2026-04-25 00:25:57 +03:00
Code Issues 29 Projects Releases Packages Wiki Activity

[GH-ISSUE #48] Provision fails with jinja2.exceptions.UndefinedError: 'session' is undefined #41

New issue
Open
opened 2026-02-26 03:33:33 +03:00 by kerem · 0 comments
kerem commented 2026-02-26 03:33:33 +03:00
Owner
Copy link

Originally created by @underdpt on GitHub (Sep 21, 2018).
Original GitHub issue: https://github.com/laurivosandi/certidude/issues/48

Hi,

I've hit an error when trying to provision with sudo -H /usr/local/bin/certidude provision authority:

Traceback (most recent call last):
  File "/usr/local/bin/certidude", line 6, in <module>
    exec(compile(open(__file__).read(), __file__, 'exec'))
  File "/srv/certidude/misc/certidude", line 6, in <module>
    entry_point()
  File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "/srv/certidude/certidude/cli.py", line 1193, in certidude_provision_authority
    verbose_render_systemd_service("snippets/nginx-ocsp-cache.service", "certidude-ocsp-cache.service", vars())
  File "/srv/certidude/certidude/cli.py", line 1179, in verbose_render_systemd_service
    buf = env.get_template(template).render(context)
  File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 989, in render
    return self.environment.handle_exception(exc_info, True)
  File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 754, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/lib/python3/dist-packages/jinja2/_compat.py", line 37, in reraise
    raise value.with_traceback(tb)
  File "/srv/certidude/certidude/templates/snippets/nginx-ocsp-cache.service", line 7, in top-level template code
    ExecStart=-/usr/bin/curl --cert-status https://{{ common_name }}:8443/ --cacert /etc/certidude/authority/{{ session.authority.hostname }}/ca_cert.pem
  File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 408, in getattr
    return getattr(obj, attribute)
jinja2.exceptions.UndefinedError: 'session' is undefined

I haven't found this error on the net, so after a bit digging I think this is related to nginx not starting, this is the output from sudo systemctl status nginx.service:

nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; disabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since vie 2018-09-21 10:53:08 CEST; 11s ago
     Docs: man:nginx(8)
  Process: 29186 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)

sep 21 10:53:07 soporte systemd[1]: Starting A high performance web server and a reverse proxy server...
sep 21 10:53:08 soporte nginx[29186]: nginx: [emerg] BIO_new_file("/var/lib/certidude/signed/ca.mainsip.com.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/var/lib/certidude/signed/ca.mainsip.com.pemsep 21 10:53:08 soporte nginx[29186]: nginx: configuration file /etc/nginx/nginx.conf test failed
sep 21 10:53:08 soporte systemd[1]: nginx.service: Control process exited, code=exited status=1
sep 21 10:53:08 soporte systemd[1]: Failed to start A high performance web server and a reverse proxy server.
sep 21 10:53:08 soporte systemd[1]: nginx.service: Unit entered failed state.
sep 21 10:53:08 soporte systemd[1]: nginx.service: Failed with result 'exit-code'.

So it seems it doesn't find a certificate on /var/lib/certidude/signed/ca.mainsip.com.pem but /var/lib/certidude/ doesn't even exists. Is there anything I'm missing?

Originally created by @underdpt on GitHub (Sep 21, 2018). Original GitHub issue: https://github.com/laurivosandi/certidude/issues/48 Hi, I've hit an error when trying to provision with `sudo -H /usr/local/bin/certidude provision authority`: ``` Traceback (most recent call last): File "/usr/local/bin/certidude", line 6, in <module> exec(compile(open(__file__).read(), __file__, 'exec')) File "/srv/certidude/misc/certidude", line 6, in <module> entry_point() File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 722, in __call__ return self.main(*args, **kwargs) File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 697, in main rv = self.invoke(ctx) File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 1066, in invoke return _process_result(sub_ctx.command.invoke(sub_ctx)) File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 1066, in invoke return _process_result(sub_ctx.command.invoke(sub_ctx)) File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 895, in invoke return ctx.invoke(self.callback, **ctx.params) File "/usr/local/lib/python3.5/dist-packages/click/core.py", line 535, in invoke return callback(*args, **kwargs) File "/srv/certidude/certidude/cli.py", line 1193, in certidude_provision_authority verbose_render_systemd_service("snippets/nginx-ocsp-cache.service", "certidude-ocsp-cache.service", vars()) File "/srv/certidude/certidude/cli.py", line 1179, in verbose_render_systemd_service buf = env.get_template(template).render(context) File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 989, in render return self.environment.handle_exception(exc_info, True) File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 754, in handle_exception reraise(exc_type, exc_value, tb) File "/usr/lib/python3/dist-packages/jinja2/_compat.py", line 37, in reraise raise value.with_traceback(tb) File "/srv/certidude/certidude/templates/snippets/nginx-ocsp-cache.service", line 7, in top-level template code ExecStart=-/usr/bin/curl --cert-status https://{{ common_name }}:8443/ --cacert /etc/certidude/authority/{{ session.authority.hostname }}/ca_cert.pem File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 408, in getattr return getattr(obj, attribute) jinja2.exceptions.UndefinedError: 'session' is undefined ``` I haven't found this error on the net, so after a bit digging I think this is related to nginx not starting, this is the output from `sudo systemctl status nginx.service`: ``` nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; disabled; vendor preset: enabled) Active: failed (Result: exit-code) since vie 2018-09-21 10:53:08 CEST; 11s ago Docs: man:nginx(8) Process: 29186 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE) sep 21 10:53:07 soporte systemd[1]: Starting A high performance web server and a reverse proxy server... sep 21 10:53:08 soporte nginx[29186]: nginx: [emerg] BIO_new_file("/var/lib/certidude/signed/ca.mainsip.com.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/var/lib/certidude/signed/ca.mainsip.com.pemsep 21 10:53:08 soporte nginx[29186]: nginx: configuration file /etc/nginx/nginx.conf test failed sep 21 10:53:08 soporte systemd[1]: nginx.service: Control process exited, code=exited status=1 sep 21 10:53:08 soporte systemd[1]: Failed to start A high performance web server and a reverse proxy server. sep 21 10:53:08 soporte systemd[1]: nginx.service: Unit entered failed state. sep 21 10:53:08 soporte systemd[1]: nginx.service: Failed with result 'exit-code'. ``` So it seems it doesn't find a certificate on `/var/lib/certidude/signed/ca.mainsip.com.pem` but `/var/lib/certidude/` doesn't even exists. Is there anything I'm missing?
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dev
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/certidude-laurivosandi#41
No description provided.