"No such file or directory" error on 13.0-Release
GJSchaller opened this issue · 5 comments
When I run the script, I get the following. All options are defaulted, with the exception of the API key. Running on TreuNAS 13.0-RELEASE.
root@HarlockNAS[/mnt/data/scripts/deploy-freenas]# ./deploy_freenas.py
Traceback (most recent call last):
File "/mnt/data/scripts/deploy-freenas/./deploy_freenas.py", line 82, in
with open(PRIVATEKEY_PATH, 'r') as file:
FileNotFoundError: [Errno 2] No such file or directory: '/root/.acme.sh/HarlockNAS.local/HarlockNAS.local.key'
You need to set the privkey_path to wherever your private key is actually stored. See the example config in the README.
I'm confused, I thought this generated the key and deployed it. Shouldn't it be picking up the key it generates using ACME? If not, how do I generate a key?
No, deploy-freenas is not an ACME client. It can only deploy existing certificates acquired through other means to TrueNAS.
Use acme.sh or certbot or any of the dozens of alternatives to get valid certificates from Let's Encrypt. Then call deploy-freenas in the deploy/finished hook of the client (if it's supported).
Got it, thank you - go ahead and close this out, then.
Then call deploy-freenas in the deploy/finished hook of the client (if it's supported).
...and if your chosen client doesn't support such a thing, choose a different client.
@GJSchaller, in addition to what was already said here, note that you probably are going to need to specify the path to the cert/key. The script constructs the default path (1) assuming you're using acme.sh as your ACME client, and (2) based on the system hostname for your TrueNAS box. Your hostname is HarlockNAS.local, and neither Let's Encrypt nor any other public CA will issue a cert for a .local domain. So, unless you're using a local CA, you'll need to either (1) change the system hostname to the FQDN you're going to use for your cert, or (2) specify the path to the cert/key you're going to use (which would include the FQDN).