lookup plugin (template_src) not found

[phlegx]

Having this problem on Ubuntu 16.04

fatal: [host.example.com]: FAILED! => {"failed": true, "msg": "lookup plugin (template_src) not found"}
    to retry, use: --limit @/home/user/workspace/server/ansible/playbooks/setup_machines.retry

Ansible version:

  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/user/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]

Any ideas?

[ganto]

Yes, template_src is a lookup plugin which is specific to debops and allows a user to override the file templates provided by the role. Unfortunately, using this lookup in a DebOps role makes it (currently) impossible to use the role with plain ansible (@drybjed any plans on this?). Therefore the proper solution is to only use this role with the debops command.

Because I'm also using this role with ansible(-only) I maintain a branch where this plugin is removed: https://github.com/ganto/ansible-fail2ban/tree/wo-debops-modules

[phlegx]

Hmm ok thanks for the information! Yes it would be very helpful if this was solved in the original branch!

I'm also running this role with ansible(-only) so I will have a look at your branch! Just one more question: How do I install your branch/repository over the original ? Is it possible with ansible-galaxy install git+https://@github.com/ganto/ansible-fail2ban.git? Would this overwrite the original fail2ban role I have already installed?

[phlegx]

@ganto I now installed your repo/branch with:

ansible-galaxy install git+https://@github.com/ganto/ansible-fail2ban.git

And I included it in my playbook like this:

- include_role:
    name: ansible-fail2ban
   tags:
     - debops_fail2ban

But I still get the same error when I run it with ansible-playbook

PLAY [Setup machines] ************************************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************************************
ok: [host.example.net]

TASK [ansible-fail2ban : Install required packages] ******************************************************************************************************************************************************
ok: [host.example.net] => (item=[u'fail2ban', u'whois'])

TASK [ansible-fail2ban : Divert original fail2ban configuration] *****************************************************************************************************************************************
changed: [host.example.net]

TASK [ansible-fail2ban : Copy upstream jail configuration] ***********************************************************************************************************************************************
changed: [host.example.net]

TASK [ansible-fail2ban : Disable default upstream jail] **************************************************************************************************************************************************
ok: [host.example.net]

TASK [ansible-fail2ban : Install custom fail2ban rule files] *********************************************************************************************************************************************
ok: [host.example.net]

TASK [ansible-fail2ban : Configure custom fail2ban actions] **********************************************************************************************************************************************

TASK [ansible-fail2ban : Remove custom fail2ban actions if requested] ************************************************************************************************************************************

TASK [ansible-fail2ban : Configure custom fail2ban filters] **********************************************************************************************************************************************

TASK [ansible-fail2ban : Remove custom fail2ban filters if requested] ************************************************************************************************************************************

TASK [ansible-fail2ban : Configure fail2ban] *************************************************************************************************************************************************************
fatal: [host.example.net]: FAILED! => {"failed": true, "msg": "lookup plugin (template_src) not found"}

RUNNING HANDLER [ansible-fail2ban : Restart fail2ban] ****************************************************************************************************************************************************
    to retry, use: --limit @/home/user/workspace/server/ansible/playbooks/setup_machines.retry

PLAY RECAP ***********************************************************************************************************************************************************************************************
host.example.net         : ok=6    changed=2    unreachable=0    failed=1   

[drybjed]

It's a bit tricky. The template_src/task_src/file_src lookup plugins use debops Python module to get the configuration, therefore you need to at least install the debops Python module for them to work correctly.

I suppose that the Ansible lookup plugins themselves can be provided in the debops.ansible_plugins role, which can then be included as a dependency in debops.fail2ban, but you still need to install DebOps to use them (ie. pip install debops). Should I do it this way?

[phlegx]

@drybjed I have installed pip install debops already actually but it does not work with that either. Getting the same error.

Actually I did:

$ sudo pip install debops
$ debops-update
$ sudo ansible-galaxy install debops.fail2ban

[drybjed]

@phlegx If you want to use the @ganto's role version without the lookup plugins, you should make sure that the correct git branch is checked out. Which one do you have at the moment?

To be honest, I'm not really fond of these lookup plugins myself. I would rather ensure that the functionality of the role, that allows for the kind of changes people would want to implement via custom templates, is possible in the role itself, so they are not needed. Using them in the current state outside of DebOps is cumbersome, as you probably noticed, so I would rather drop them entirely in the future.

[phlegx]

OK I see yes, thanks! Yes I had the wrong branch from @ganto I need to use this one wo-debops-modules:

ansible-galaxy install git+https://@github.com/ganto/ansible-fail2ban.git,wo-debops-modules

Now it works! Thanks again!

[DEvil0000]

@ganto what happened to your clean version? This role looks great beside this thing.

[ganto]

Ah, I recently cleaned up my old Github repository clones. Sorry, I wasn't aware anymore that I had this "special" branch and I definitely wouldn't have thought that anyone is still using it.

I just restored it. Hope it helps...

But just as a warning: I'm not really using or maintaining it anymore. If you're using Ansible >=2.9 I guess it should be possible to use the role from the debops.roles03 Ansible collection now.

[ganto]

I quickly tested it. Something like this should work:

• Install debops.debops collection:

  ansible-galaxy collection install debops.debops

• Playbook must define the collections to use (debops.debops for the ansible_plugins, debops.roles03 for fail2ban):

• hosts: localhost collections:
  • debops.debops
  • debops.roles03 roles:
  • name: fail2ban

[DEvil0000]

Thanks! I think I have some special usecase. I am mostly in a disconnected/restricted (or offline) network and try to minimize the needed collections and roles. Additionally installation is done with some other process so I only using the configuration parts.