search

NewNewYorkBridges / ansible-tor-bridge

Ansible role to deploy Tor Bridge nodes.
GNU General Public License v3.0
7 stars 5 forks source link

error at Debian "Failed to update apt cache: W:Updating from such a repository can't be done securely," #5

Closed toralf closed 2 years ago

toralf commented 2 years ago

I do get at a recent bullseye:

TASK [alphacorvus.ansible_tor_bridge : Configuring Tor repository] **************************************************************************************************************************
changed: [kasimir]

TASK [alphacorvus.ansible_tor_bridge : Adding Tor Projects key] *****************************************************************************************************************************
changed: [kasimir]

TASK [alphacorvus.ansible_tor_bridge : Update system] ***************************************************************************************************************************************
fatal: [kasimir]: FAILED! => {"changed": false, "msg": "Failed to update apt cache: W:Updating from such a repository can't be done securely, and is therefore disabled by default., W:See apt-secure(8) manpage for repository creation and user configuration details., W:GPG error: https://deb.torproject.org/torproject.org bullseye InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 74A941BA219EC810, E:The repository 'https://deb.torproject.org/torproject.org bullseye InRelease' is not signed."}

PLAY RECAP **********************************************************************************************************************************************************************************
kasimir                    : ok=8    changed=6    unreachable=0    failed=1    skipped=3    rescued=0    ignored=0
toralf commented 2 years ago

I think, here's the fix: https://support.torproject.org/apt/tor-deb-repo/

I had to run 

apt install gpg

and then

wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null

to continue my bridge deployment.

lilianbaz commented 2 years ago

Hi toralf,

You're right I can reproduce this issue with a fresh install of Debian. I think the VPS we're using already include the package gpg so it wasn't necessary to install it. As you suggest, I add the package gpg to the required packages on the vars/os_Debian.yml file and it seems to run.

Thank you!