Problem in install

[hexicans]

Expected behavior:

Actual Behavior:

Steps to Reproduce:

1. ./streisand (local server)

`TASK [gpg : Refresh the Streisand GPG keyring with keyserver information] ***********************************************************************************
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (10 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (9 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (8 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (7 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (6 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (5 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (4 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (3 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (2 retries left).
FAILED - RETRYING: Refresh the Streisand GPG keyring with keyserver information (1 retries left).
fatal: [localhost]: FAILED! => {"attempts": 10, "changed": true, "cmd": ["gpg2", "--no-default-keyring", "--keyring", "/root/.gnupg/streisand/pubring.gpg", "--keyserver-options", "timeout=120", "--refresh"], "delta": "0:00:01.791486", "end": "2018-07-16 11:25:19.513836", "msg": "non-zero return code", "rc": 2, "start": "2018-07-16 11:25:17.722350", "stderr": "gpg: refreshing 10 keys from hkps://hkps.pool.sks-keyservers.net\ngpg: keyserver refresh failed: General error", "stderr_lines": ["gpg: refreshing 10 keys from hkps://hkps.pool.sks-keyservers.net", "gpg: keyserver refresh failed: General error"], "stdout": "", "stdout_lines": []}
to retry, use: --limit @/streisand/playbooks/localhost.retry

PLAY RECAP **************************************************************************************************************************************************
localhost : ok=40 changed=9 unreachable=0 failed=1

(venv) root@vpnaxeltest:/streisand#
`

Additional Details:

Target Cloud Provider: : OpenVZ VPS

Operating System of target host: : Ubuntu 16

*Version of Ansible, using ansible --version :

(venv) root@vpnaxeltest:/streisand# ansible --version ansible 2.5.4 config file = /streisand/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /streisand/venv/local/lib/python2.7/site-packages/ansible executable location = /streisand/venv/bin/ansible python version = 2.7.12 (default, Dec 4 2017, 14:50:18) [GCC 5.4.0 20160609] (venv) root@vpnaxeltest:/streisand#

[alimakki]

@hexicans Sorry to see you're having an issue running the script. This type of error is transient in nature, have you tried running it again?

[hexicans]

@alimakki Yes but doesn't work... if you have SSH key, i can give you SSH access. Please :-)

[nopdotcom]

If you want to force this step, edit playbooks/roles/gpg/tasks/main.yml line 89 to when: False.

[hexicans]

Hello, Thanks, i test De : Jay Carlson <[email protected]> Envoyé : mardi 17 juillet 2018 00:55 À : StreisandEffect/streisand <[email protected]> Cc : hexicans <[email protected]>; Mention <[email protected]> Objet : Re: [StreisandEffect/streisand] Problem in install (#1406) If you want to force this step, edit <https://github.com/StreisandEffect/streisand/blob/0831994158e302a719ed47389bcaeb85970a03ba/playbooks/roles/gpg/tasks/main.yml#L89> playbooks/roles/gpg/tasks/main.yml line 89 to when: False. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#1406 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AM5Tuy6_r6k8flnPgll2AOTGJkyqchPPks5uHRmsgaJpZM4VRVpy> . <https://github.com/notifications/beacon/AM5Tu5U1X8HzjmeOCRFgQgzf5c9LgWq3ks5uHRmsgaJpZM4VRVpy.gif>

[alimakki]

@hexicans I would also recommend running Streisand against one of the supported providers, OpenVZ servers have had issues in the past.

[hexicans]

Hello, Yes i will test with kvm server. Thanks for « false », it fix. Do you know if work in LXC server ? De : Ali Makki <[email protected]> Envoyé : mardi 17 juillet 2018 15:23 À : StreisandEffect/streisand <[email protected]> Cc : hexicans <[email protected]>; Mention <[email protected]> Objet : Re: [StreisandEffect/streisand] Problem in install (#1406) @hexicans <https://github.com/hexicans> I would also recommend running Streisand against one of the supported providers, OpenVZ servers have had issues in the past. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#1406 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/AM5Tu7ngeNaALp3IK6VRpjrj6BJ_SEO4ks5uHeUkgaJpZM4VRVpy> . <https://github.com/notifications/beacon/AM5Tu5CwFk49Ssl42tXUmDeikKaPW78nks5uHeUkgaJpZM4VRVpy.gif>

[alimakki]

We use LXC for travis, so this should be possible. Just keep in mind that if you plan to use WireGuard, the host OS where LXC will be running will require the WireGuard kernel modules compiled and installed as well.

[nopdotcom]

I'm going to close this, since it sounds like things are working now. Please reopen if that's not the case.

[covici]

That server is down, is there another one we can use?

[speedy-beaver]

Having the same problem now, Aug 9th. Re-tried to run the script three times. Will use work-around for now.

It worked well repeatedly the last days Aug 5th - Aug 8th.

[iynere]

never run into this issue before, but running into it repeatedly today. my VPS went down earlier, which i'm guessing is due to the cron job that refreshes the keyring every day, & now i'm also unable to reprovision for the same reason. using a Lunanode server, never had this issue in the past.

what are the long-term consequences of running w/ when: false for both of these tasks?

streisand/playbooks/roles/gpg/tasks/main.yml

Lines 79 to 99 in 0831994

	- name: "Refresh the Streisand GPG keyring with keyserver information"
	command: "gpg2 {{ streisand_default_gpg_flags }} {{ streisand_default_key_import_flags }} --refresh"
	register: gpg2_refresh_result
	until: "gpg2_refresh_result is success"
	retries: 10
	delay: 5
	# NOTE(@cpu): We skip the keyring refresh in CI so that when the static keys
	# in the repo become too stale to be used without successsful refresh the
	# maintainers will notice failed builds and fix them by refreshing their own
	# keyrings and updating the static repo keys until the build passes again.
	when: not streisand_ci
	- name: "Set up a daily cronjob to refresh the Streisand GPG keyring"
	template:
	src: "streisand-gpg-refresh.j2"
	dest: "/etc/cron.daily/streisand-gpg-refresh"
	owner: root
	group: root
	mode: 0755
	# There's no point installing a cronjob in CI
	when: not streisand_ci

[marafa]

i got this problem.
i let streisand set up the aws server to cut me out of the process and yet it is still giving this message

[jowabels]

Experienced the same error on an AWS EC2 instance, with the following details:

ubuntu@redacted:~$ uname -a
Linux ip-172-31-24-7 4.15.0-1039-aws #41-Ubuntu SMP Wed May 8 10:43:54 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
ubuntu@redacted:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 18.04.1 LTS
Release:        18.04
Codename:       bionic

both builder and streisand server are EC2 instances.

[covici]

I did not know streisand even supported 1804 I thought it had to be 1604.

…

On Mon, 08 Jul 2019 11:15:55 -0400, jowa wrote: [1 <text/plain; UTF-8 (7bit)>] [2 <text/html; UTF-8 (7bit)>] Experienced the same error on an AWS EC2 instance, with the following details: ***@***.***:~$ uname -a Linux ip-172-31-24-7 4.15.0-1039-aws #41-Ubuntu SMP Wed May 8 10:43:54 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux ***@***.***:~$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 18.04.1 LTS Release: 18.04 Codename: bionic ― You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

-- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici wb2una [email protected]

[jowabels]

Hmm not sure, I can't seem to find that 1604 is required.

[robbiet480]

Also experiencing this from Digital Ocean NYC 1.

[belmarca]

Just cloned streisand and it hangs on TASK [gpg : Refresh the Streisand GPG keyring with keyserver information] ****** using DO NYC 3.

[bonesoul]

same here with @belmarca on DO Frankfurt

[nopdotcom]

GPG issues seem to be working now. Fixed in #1604. Could you do another pull and try again? If it's blowing up on the GPG stage still, I would love to find out about it.

[nopdotcom]

@jowabels, I filed PR #1606 to make clear that the localhost/remote system must be running Ubuntu 16.04. Thanks for the catch.

[jowabels]

Thank you so much @nopdotcom

[s-lesaffre]

@nopdotcom: I experienced this same GPG refresh failed issue while running ./streisand locally (MacOS) to setup a Wireguard server on GCP.

Streisand is creating an Ubuntu 16.04 image on GCP (ubuntu-1604-xenial-v20200807), which seems to conform to the requirements clarified in PR #1606 .

I am able to bypass the issue using the "when: False" edit you suggested on playbooks/roles/gpg/tasks/main.yml line 89. But that seems like a workaround that should not be necessary?

Additional information:

• Host OS version: MacOSX 10.15.6
• Python version: 3.8.5
• Streisand Git revision: af5eb7d
• Ansible version: 2.9.11
• GPG version: 2.2.21

Enabled Roles

• Shadowsocks enabled: False
• Wireguard enabled: True
• OpenVPN enabled: False
• stunnel enabled: False
• Tor enabled: False
• Openconnect enabled: False
• TinyProxy enabled: False
• SSH forward user enabled: False
• Configured number of VPN clients: 1

Should I open a new issue?