/etc/step-ca/.ansible/tmp has the wrong permission
ethrgeist opened this issue · 0 comments
ethrgeist commented
When running the example ca.yml
playbook for the first time on a fresh vm, there is an error from Ansible:
TASK [maxhoesel.smallstep.step_ca : Initialize CA] ********************************************************************************************************************************************************************************************************************************************
[WARNING]: Module remote_tmp /etc/step-ca/.ansible/tmp did not exist and was created with a mode of 0700, this may cause issues when running as another user. To avoid this, create the remote_tmp dir with the correct permissions manually
The Step Remove initial provisioner
then fails:
TASK [maxhoesel.smallstep.step_ca : Remove initial provisioner] *******************************************************************************************************************************************************************************************************************************
fatal: [manager-1]: FAILED! => {"changed": false, "msg": "Error running command 'step-cli ca provisioner remove tmp_provisioner --ca-config=/etc/step-ca/config/ca.json'. See stderr for details.", "stderr": "client GET https://manager-1.example.local/admin/admins failed: dial tcp 10.254.254.240:443: connect: connection refused\n", "stderr_lines": ["client GET https://manager-1.example.local/admin/admins failed: dial tcp 10.254.254.240:443: connect: connection refused"], "stdout": "", "stdout_lines": []}
Running the playbook a second time is without error and everything is setup.