search

spantaleev / matrix-docker-ansible-deploy

🐳 Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker
GNU Affero General Public License v3.0
4.92k stars 1.05k forks source link

Checkout Prosody Auth Matrix User Verification Plugin Repo #2974

Closed ZelChief closed 1 year ago

ZelChief commented 1 year ago

Describe the bug

Got the following error:


TASK [galaxy/jitsi : Checkout Prosody Auth Matrix User Verification Plugin Repo] ********************
fatal: [matrix.mydomain.com]: FAILED! => changed=false 
  module_stderr: |-
    sudo: unknown user: 997
    sudo: error initializing audit plugin sudoers_audit
  module_stdout: ''
  msg: |-
    MODULE FAILURE
    See stdout/stderr for the exact error
  rc: 1

PLAY RECAP*******************************************************************************************
matrix.mydomain.com           : ok=144  changed=5    unreachable=0    failed=1    skipped=256  rescued=0    ignored=0

But user 997 on VM is

debian@matrix:~$ id -u matrix
997

To Reproduce My vars.yml file looks like this:

---

matrix_domain: mydomain.com
matrix_homeserver_implementation: synapse
matrix_homeserver_generic_secret_key: 'w9JTzANU343g434gGE5XsBR3yfrOU0ye'
matrix_playbook_reverse_proxy_type: playbook-managed-traefik

devture_traefik_config_certificatesResolvers_acme_email: 'postmaster@mydomain.com'
devture_postgres_connection_password: 'TthWt245tc42t63aFkwlUH'

jitsi_enabled: true
jitsi_enable_auth: true
jitsi_enable_guests: false
jitsi_auth_type: matrix

matrix_user_verification_service_enabled: true

jitsi_web_custom_config_extension: |
  config.enableLayerSuspension = true;
  config.disableAudioLevels = true;
  config.channelLastN = 4;

jitsi_web_config_resolution_width_ideal_and_max: 480
jitsi_web_config_resolution_height_ideal_and_max: 240

devture_traefik_config_certificatesResolvers_acme_use_staging: true

matrix_synapse_federation_domain_whitelist:
- mydomain1.com
- mydomain2.com

matrix_synapse_admin_enabled: true
matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_admin_api_enabled: true

Matrix Server:

Ansible: I run Ansible on macOS 14.0 (23A344).

% ansible --version
ansible [core 2.14.1]
  config file = /Users/User1/matrix/ansible.cfg
  configured module search path = ['/Users/User1/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /Users/User1/Library/Python/3.9/lib/python/site-packages/ansible
  ansible collection location = /Users/User1/.ansible/collections:/usr/share/ansible/collections
  executable location = /Users/User1/Library/Python/3.9/bin/ansible
  python version = 3.9.6 (default, Aug 11 2023, 19:44:49) [Clang 15.0.0 (clang-1500.0.40.1)] (/Library/Developer/CommandLineTools/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
spantaleev commented 1 year ago

Your Ansible installation (or the Python modules on the server) may be old or otherwise faulty.

Try searching for error initializing audit plugin sudoers_audit on any search engine and try some of the workarounds you find. Please report your findings here!

ZelChief commented 1 year ago

In file setup_jitsi_auth_uvs_install.yml I have changed become_user

- name: Checkout Prosody Auth Matrix User Verification Plugin Repo
  ansible.builtin.git:
    repo: "{{ jitsi_prosody_auth_matrix_user_verification_repo_location }}"
    dest: "{{ jitsi_prosody_auth_matrix_user_verification_repo_target }}"
    version: "{{ jitsi_prosody_auth_matrix_user_verification_repo_version }}"
  become: true
  become_user: "{{ jitsi_uid }}"

to

- name: Checkout Prosody Auth Matrix User Verification Plugin Repo
  ansible.builtin.git:
    repo: "{{ jitsi_prosody_auth_matrix_user_verification_repo_location }}"
    dest: "{{ jitsi_prosody_auth_matrix_user_verification_repo_target }}"
    version: "{{ jitsi_prosody_auth_matrix_user_verification_repo_version }}"
  become: true
  become_user: "{{ matrix_user_username }}"

and result:

TASK [galaxy/jitsi : Checkout Prosody Auth Matrix User Verification Plugin Repo] ******************
changed: [matrix.mydomain.com]

TASK [galaxy/jitsi : Install Prosody Auth Matrix User Verification Plugin] ************************
changed: [matrix.mydomain.com] => (item={'path': 'mod_auth_matrix_user_verification.lua', 'when': True})
changed: [matrix.mydomain.com] => (item={'path': 'mod_matrix_power_sync.lua', 'when': True})
spantaleev commented 1 year ago

The Jitsi role has been fixed to not use a uid (jitsi_uid) for become_user. If you update your playbook (git pull) and then update roles (just roles or make roles), you'd use the new version which should work fine.

ZelChief commented 1 year ago

@spantaleev thanks 👍