│ Error: Provider returned invalid result object after apply

[enjuto]

I have deployed Adguard in docker with host network and traeffik in the same host. When i apply my terraform configuration an error appears but the configuration is correctly done.

│ Error: Provider returned invalid result object after apply
│
│ After the apply operation, the provider still indicated an unknown value for adguard_config.internal_cluster_dns.tls.not_before. All values must be known after apply, so this is always a bug in the
│ provider and should be reported in the provider's own repository. Terraform will still save the other known object values in the state.

If I stop traefik and let https 443 port free, the error disappears.

When I try to config another port for hppts in my deployment it is the same, the error keep. Maybe it is something that is hardcode.

Thanks in advance!

[gmichels]

I am not too familiar with Traefik, does it work as a reverse proxy, terminating the TLS connection and then forwarding to Adguard? If so, do you want the connection between the Traefik and Adguard containers to be encrypted too? Adguard will default to port 443 when you enable encryption in it... maybe you don't need to have encryption enabled and leave it happening at the Traefik level?

Please provide the config you are using, it helps visualize your issue.

[enjuto]

I don`t think traefik is the key, maybe the problem could be at port level if you have a service on 443 the error appears when you try to make a tarraform apply over DNS rewrite. The conexion between traefik and Adguard is with http, https is not set up in Adguard. 

Terrafrom provider

provider "adguard" {
  host     = "${var.PERIMETER}:8053"
  #host     = "adguard.local.enjucorp.com"
  username = data.vault_kv_secret_v2.admin_adguard.data["user"]
  password = data.vault_kv_secret_v2.admin_adguard.data["password"]
  scheme   = "http" # defaults to https
  timeout  = 5      # in seconds, defaults to 10
}

[gmichels]

I can't reproduce this issue, so I think it's specific to your custom setup.

There is a default for the HTTPS port for Adguard which is 443, but that's on the Adguard side which is being replicated in the provider. Try playing with the tls settings, for example set tls.port_https to 0 (which defaults to 443) and see what happens.

[enjuto]

Hi, That works for me, thanks a lot. This is my setup: tls = { enabled = false server_name = "Test AdGuard Home" certificate_chain = "/opt/adguardhome/ssl/chain.crt" private_key = "/opt/adguardhome/ssl/server.key" port_https = 0 }

On Wed, Sep 6, 2023 at 4:25 PM Gustavo Michels @.***> wrote:

I can't reproduce this issue, so I think it's specific to your custom setup.

There is a default for the HTTPS port for Adguard which is 443, but that's on the Adguard side which is being replicated in the provider. Try playing with the tls settings https://registry.terraform.io/providers/gmichels/adguard/latest/docs/resources/config#nested-schema-for-tls, for example set tls.port_https to 0 (which defaults to 443) and see what happens.

— Reply to this email directly, view it on GitHub https://github.com/gmichels/terraform-provider-adguard/issues/62#issuecomment-1708476759, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGE7MK2BLX6OOFT4FRY55STXZCBVFANCNFSM6AAAAAA4JH6RXE . You are receiving this because you authored the thread.Message ID: @.***>