trailofbits / algo

Set up a personal VPN in the cloud
https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/
GNU Affero General Public License v3.0
28.92k stars 2.32k forks source link

path issue? #1252

Closed ewallis closed 5 years ago

ewallis commented 5 years ago

Similar to #1110, except trying to install on 18.04 and getting:

TASK [wireguard : Generate public keys] **** fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: configs/x.x.x.x/wireguard//private/host1"}

Log below:

PLAY [Ask user for the input] **

TASK [Gathering Facts] *****

TASK [Gathering Facts] ***** ok: [localhost] [pause] What provider would you like to use?

  1. DigitalOcean
  2. Amazon Lightsail
  3. Amazon EC2
  4. Vultr
  5. Microsoft Azure
  6. Google Compute Engine
  7. Scaleway
  8. OpenStack (DreamCompute optimised)
  9. Install to existing Ubuntu 18.04 server (Advanced)

Enter the number of your desired provider : 9 TASK [pause] ***

TASK [pause] *** ok: [localhost]

TASK [Set facts based on the input] ****

TASK [Set facts based on the input] **** ok: [localhost] [pause] Do you want macOS/iOS clients to enable "VPN On Demand" when connected to cellular networks? [y/N] :

TASK [pause] ***

TASK [pause] *** ok: [localhost] [pause] Do you want macOS/iOS clients to enable "VPN On Demand" when connected to Wi-Fi? [y/N] :

TASK [pause] ***

TASK [pause] *** ok: [localhost] [pause] Do you want to install a DNS resolver on this VPN server, to block ads while surfing? [y/N] :

TASK [pause] ***

TASK [pause] ok: [localhost] [pause] Do you want each user to have their own account for SSH tunneling? [y/N] : ^M TASK [pause]

TASK [pause] *** ok: [localhost] [pause] Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure) [y/N] :

TASK [pause] ***

TASK [pause] *** ok: [localhost] [pause] Do you want to retain the CA key? (required to add users in the future, but less secure) [y/N] :

TASK [pause] ***

TASK [pause] *** ok: [localhost]

TASK [Set facts based on the input] ****

TASK [Set facts based on the input] **** ok: [localhost]

PLAY [Provision the server] ****

TASK [Gathering Facts] *****

TASK [Gathering Facts] ***** ok: [localhost]

--> Please include the following block of text when reporting issues:

Algo running on: Ubuntu 18.04.1 LTS (Virtualized: kvm) ZIP file created: 2018-12-10 10:37:36.000000000 -0500 env/bin/python not found: has 'python -m virtualenv ...' been run? Runtime variables: algo_provider "local" algo_ondemand_cellular "False" algo_ondemand_wifi "False" algo_ondemand_wifi_exclude "_null" algo_local_dns "False" algo_ssh_tunneling "False" algo_windows "True" wireguard_enabled "True" dns_encryption "False"

TASK [Display the invocation environment] **

TASK [Display the invocation environment] ** changed: [localhost -> localhost]

TASK [Install the requirements] ****

TASK [Install the requirements] **** ok: [localhost -> localhost]

TASK [Generate the SSH private key] ****

TASK [Generate the SSH private key] **** ok: [localhost]

TASK [Generate the SSH public key] *****

TASK [Generate the SSH public key] ***** ok: [localhost] [local : pause] Enter the IP address of your server: (or use localhost for local installation): [localhost] :

TASK [local : pause] ***

TASK [local : pause] *** ok: [localhost]

TASK [local : Set the facts] ***

TASK [local : Set the facts] *** ok: [localhost]

TASK [local : Set the facts] ***

TASK [local : Set the facts] *** ok: [localhost] [local : pause] Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate) [localhost] :

TASK [local : pause] ***

TASK [local : pause] *** ok: [localhost]

TASK [local : Set the facts] ***

TASK [local : Set the facts] *** ok: [localhost]

TASK [Set subjectAltName as afact] *****

TASK [Set subjectAltName as afact] ***** ok: [localhost]

TASK [Add the server to an inventory group] ****

TASK [Add the server to an inventory group] **** changed: [localhost]

TASK [debug] ***

TASK [debug] *** ok: [localhost] => { "IP_subject_alt_name": "x.x.x.x" } Pausing for 20 seconds (ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort) Press 'C' to continue the play or 'A' to abort

TASK [A short pause, in order to be sure the instance is ready] ****

TASK [A short pause, in order to be sure the instance is ready] **** ok: [localhost]

PLAY [Configure the server and install required software] **

TASK [common : Check the system] ***

TASK [common : Check the system] *** changed: [localhost]

TASK [common : include_tasks] ** included: /root/algo-master/roles/common/tasks/ubuntu.yml for localhost [DEPRECATION WARNING]: Invoking "apt" only once while using a loop via squash_actions is deprecated. Instead of using a loop to supply multiple items and specifying name: "{{ item }}", please use name: ['python2.7', 'sudo'] and remove the loop. This feature will be removed in version 2.11. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

TASK [common : Ubuntu | Install prerequisites] ***** ok: [localhost] => (item=[u'python2.7', u'sudo'])

TASK [common : Ubuntu | Install prerequisites] *****

TASK [common : Ubuntu | Configure defaults] ****

TASK [common : Ubuntu | Configure defaults] **** ok: [localhost]

TASK [common : Gather facts] ***

TASK [common : Gather facts] *** ok: [localhost]

TASK [common : Install unattended-upgrades] ****

TASK [common : Install unattended-upgrades] **** ok: [localhost]

TASK [common : Configure unattended-upgrades] **

TASK [common : Configure unattended-upgrades] ** ok: [localhost]

TASK [common : Periodic upgrades configured] ***

TASK [common : Periodic upgrades configured] *** ok: [localhost]

TASK [common : Unattended reboots configured] **

TASK [common : Unattended reboots configured] ** ok: [localhost]

TASK [common : Disable MOTD on login and SSHD] ***** ok: [localhost] => (item={u'regexp': u'^session.optional.pam_motd.so.', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/login'}) ok: [localhost] => (item={u'regexp': u'^session.optional.pam_motd.so.', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/sshd'})

TASK [common : Disable MOTD on login and SSHD] *****

TASK [common : Loopback for services configured] ***

TASK [common : Loopback for services configured] *** ok: [localhost]

TASK [common : systemd services enabled and started] *** ok: [localhost] => (item=systemd-networkd) ok: [localhost] => (item=systemd-resolved)

TASK [common : systemd services enabled and started] ***

TASK [common : Check apparmor support] *****

TASK [common : Check apparmor support] ***** changed: [localhost]

TASK [common : set_fact] ***

TASK [common : set_fact] *** ok: [localhost]

TASK [common : set_fact] ***

TASK [common : set_fact] *** ok: [localhost]

TASK [common : Install tools] ** ok: [localhost] => (item=git) ok: [localhost] => (item=screen) ok: [localhost] => (item=apparmor-utils) ok: [localhost] => (item=uuid-runtime) ok: [localhost] => (item=coreutils) ok: [localhost] => (item=iptables-persistent) ok: [localhost] => (item=cgroup-tools) ok: [localhost] => (item=openssl)

TASK [common : Install tools] ** [DEPRECATION WARNING]: Invoking "apt" only once while using a loop via squash_actions is deprecated. Instead of using a loop to supply multiple items and specifying name: "{{ item }}", please use name: ['linux-headers-generic', 'linux-headers-{{ ansible_kernel }}'] and remove the loop. This feature will be removed in version 2.11. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

TASK [common : Install headers] **** ok: [localhost] => (item=[u'linux-headers-generic', u'linux-headers-4.15.0-42-generic'])

TASK [common : Install headers] ****

TASK [common : Generate password for the CA key] ***

TASK [common : Generate password for the CA key] *** changed: [localhost -> localhost]

TASK [common : Generate p12 export password] ***

TASK [common : Generate p12 export password] *** changed: [localhost -> localhost]

TASK [common : Define facts] ***

TASK [common : Define facts] *** ok: [localhost]

TASK [common : set_fact] ***

TASK [common : set_fact] *** ok: [localhost]

TASK [common : Set IPv6 support as a fact] *****

TASK [common : Set IPv6 support as a fact] ***** ok: [localhost]

TASK [common : Sysctl tuning] ** ok: [localhost] => (item={u'item': u'net.ipv4.ip_forward', u'value': 1}) ok: [localhost] => (item={u'item': u'net.ipv4.conf.all.forwarding', u'value': 1}) ok: [localhost] => (item={u'item': u'net.ipv6.conf.all.forwarding', u'value': 1})

TASK [common : Sysctl tuning] ** [WARNING]: flush_handlers task does not support when conditional

TASK [wireguard : Ensure the required directories exist] *** changed: [localhost -> localhost] => (item=private) changed: [localhost -> localhost] => (item=public)

TASK [wireguard : Ensure the required directories exist] ***

TASK [wireguard : Include tasks for Ubuntu] **** included: /root/algo-master/roles/wireguard/tasks/ubuntu.yml for localhost

TASK [wireguard : WireGuard repository configured] *****

TASK [wireguard : WireGuard repository configured] ***** ok: [localhost]

TASK [wireguard : WireGuard installed] *****

TASK [wireguard : WireGuard installed] ***** ok: [localhost]

TASK [wireguard : WireGuard reload-module-on-update] ***

TASK [wireguard : WireGuard reload-module-on-update] *** changed: [localhost]

TASK [wireguard : Configure unattended-upgrades] ***

TASK [wireguard : Configure unattended-upgrades] *** ok: [localhost]

TASK [wireguard : set_fact] ****

TASK [wireguard : set_fact] **** ok: [localhost]

TASK [wireguard : Generate private keys] *** ok: [localhost] => (item=host1) ok: [localhost] => (item=host2) ok: [localhost] => (item=x.x.x.x)

TASK [wireguard : Generate private keys] *** [WARNING]: Unable to find 'configs/x.x.x.x/wireguard//private/host1' in expected paths (use -vvvvv to see paths)

TASK [wireguard : Generate public keys] ****

TASK [wireguard : Generate public keys] **** fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: configs/x.x.x.x/wireguard//private/host1"}

PLAY RECAP ***** localhost : ok=55 changed=8 unreachable=0 failed=1

davidemyers commented 5 years ago
env/bin/python not found: has 'python -m virtualenv ...' been run?

Did you follow the setup instructions? Specifically, this part:

$ python -m virtualenv --python=`which python2` env &&
    source env/bin/activate &&
    python -m pip install -U pip virtualenv &&
    python -m pip install -r requirements.txt
ewallis commented 5 years ago

Thanks for your help. Yes, I got the following before running ./algo:

Running virtualenv with interpreter /usr/bin/python2 New python executable in /root/algo/env/bin/python2 Also creating executable in /root/algo/env/bin/python Installing setuptools, pkg_resources, pip, wheel...done. Requirement already up-to-date: pip in ./env/lib/python2.7/site-packages (18.1) Collecting virtualenv Using cached https://files.pythonhosted.org/packages/7c/17/9b7b6cddfd255388b58c61e25b091047f6814183e1d63741c8df8dcd65a2/virtualenv-16.1.0-py2.py3-none-any.whl Installing collected packages: virtualenv Successfully installed virtualenv-16.1.0 Collecting ansible==2.5.2 (from -r requirements.txt (line 1)) Collecting cryptography (from ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/7f/ba/383b51cc26e3141c689ce988814385c7659f5ba01c4b5f2de38233010b5f/cryptography-2.4.2-cp27-cp27mu-manylinux1_x86_64.whl Collecting jinja2 (from ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/7f/ff/ae64bacdfc95f27a016a7bed8e8686763ba4d277a78ca76f32659220a731/Jinja2-2.10-py2.py3-none-any.whl Requirement already satisfied: setuptools in ./env/lib/python2.7/site-packages (from ansible==2.5.2->-r requirements.txt (line 1)) (40.6.3) Collecting PyYAML (from ansible==2.5.2->-r requirements.txt (line 1)) Collecting paramiko (from ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/cf/ae/94e70d49044ccc234bfdba20114fa947d7ba6eb68a2e452d89b920e62227/paramiko-2.4.2-py2.py3-none-any.whl Collecting enum34; python_version < "3" (from cryptography->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/c5/db/e56e6b4bbac7c4a06de1c50de6fe1ef3810018ae11732a50f15f62c7d050/enum34-1.1.6-py2-none-any.whl Collecting idna>=2.1 (from cryptography->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/14/2c/cd551d81dbe15200be1cf41cd03869a46fe7226e7450af7a6545bfc474c9/idna-2.8-py2.py3-none-any.whl Collecting asn1crypto>=0.21.0 (from cryptography->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/ea/cd/35485615f45f30a510576f1a56d1e0a7ad7bd8ab5ed7cdc600ef7cd06222/asn1crypto-0.24.0-py2.py3-none-any.whl Collecting cffi!=1.11.3,>=1.7 (from cryptography->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/14/dd/3e7a1e1280e7d767bd3fa15791759c91ec19058ebe31217fe66f3e9a8c49/cffi-1.11.5-cp27-cp27mu-manylinux1_x86_64.whl Collecting six>=1.4.1 (from cryptography->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/73/fb/00a976f728d0d1fecfe898238ce23f502a721c0ac0ecfedb80e0d88c64e9/six-1.12.0-py2.py3-none-any.whl Collecting ipaddress; python_version < "3" (from cryptography->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/fc/d0/7fc3a811e011d4b388be48a0e381db8d990042df54aa4ef4599a31d39853/ipaddress-1.0.22-py2.py3-none-any.whl Collecting MarkupSafe>=0.23 (from jinja2->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/bc/3a/6bfd7b4b202fa33bdda8e4e3d3acc719f381fd730f9a0e7c5f34e845bd4d/MarkupSafe-1.1.0-cp27-cp27mu-manylinux1_x86_64.whl Collecting pynacl>=1.0.1 (from paramiko->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/b3/25/e605574f24948a8a53b497744e93f061eb1dbe7c44b6465fc1c172d591aa/PyNaCl-1.3.0-cp27-cp27mu-manylinux1_x86_64.whl Collecting pyasn1>=0.1.7 (from paramiko->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/d1/a1/7790cc85db38daa874f6a2e6308131b9953feb1367f2ae2d1123bb93a9f5/pyasn1-0.4.4-py2.py3-none-any.whl Collecting bcrypt>=3.1.3 (from paramiko->ansible==2.5.2->-r requirements.txt (line 1)) Using cached https://files.pythonhosted.org/packages/94/1d/e0caa84ed34524ecf85a86f33ae7588da6b5877ee9e7c279113e29e29b1d/bcrypt-3.1.5-cp27-cp27mu-manylinux1_x86_64.whl Collecting pycparser (from cffi!=1.11.3,>=1.7->cryptography->ansible==2.5.2->-r requirements.txt (line 1)) Installing collected packages: enum34, idna, asn1crypto, pycparser, cffi, six, ipaddress, cryptography, MarkupSafe, jinja2, PyYAML, pynacl, pyasn1, bcrypt, paramiko, ansible Successfully installed MarkupSafe-1.1.0 PyYAML-3.13 ansible-2.5.2 asn1crypto-0.24.0 bcrypt-3.1.5 cffi-1.11.5 cryptography-2.4.2 enum34-1.1.6 idna-2.8 ipaddress-1.0.22 jinja2-2.10 paramiko-2.4.2 pyasn1-0.4.4 pycparser-2.19 pynacl-1.3.0 six-1.12.0

Now I get this:

--> Please include the following block of text when reporting issues:

Algo running on: Ubuntu 18.04.1 LTS (Virtualized: kvm) Created from git clone. Last commit: a6cd895 Fixes #1246 Python 2.7.15rc1 Runtime variables: algo_provider "local" algo_ondemand_cellular "False" algo_ondemand_wifi "False" algo_ondemand_wifi_exclude "_null" algo_local_dns "False" algo_ssh_tunneling "False" algo_windows "True" wireguard_enabled "True" dns_encryption "False"

Then it fails again:

TASK [wireguard : Generate public keys] **** fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: configs/x.x.x.x/wireguard//private/host1"}

davidemyers commented 5 years ago

It looks like you ran the setup commands in /root/algo but then ran ./algo in /root/algo-master?

ewallis commented 5 years ago

I'll blow it away and try it again. Should I be doing a git clone (which puts it in algo) or wget'ing algo-master?

davidemyers commented 5 years ago

Do it whichever way you prefer, but run the setup steps and then ./algo from the same directory.

ewallis commented 5 years ago

I did that. Blew away algo directories. Then, wget algo zip unzipped cd algo-master ran python -m virtualenv --python=which python2 env && source env/bin/activate && python -m pip install -U pip virtualenv && python -m pip install -r requirements.txt edited users in config.cfg ran ./algo still got

TASK [wireguard : Generate private keys] *** [WARNING]: Unable to find 'configs/x.x.x.x/wireguard//private/host1' in expected paths (use -vvvvv to see paths)

TASK [wireguard : Generate public keys] **** fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: configs/x.x.x.x/wireguard//private/host1"}

FWIW, configs/x.x.x.x/wireguard//private/ is empty

davidemyers commented 5 years ago

Did you still get

env/bin/python not found: has 'python -m virtualenv ...' been run?

and those [DEPRECATION WARNING] messages?

ewallis commented 5 years ago

newest output:

PLAY [Ask user for the input] **

TASK [Gathering Facts] ***** ok: [localhost] [pause] What provider would you like to use?

  1. DigitalOcean
  2. Amazon Lightsail
  3. Amazon EC2
  4. Vultr
  5. Microsoft Azure
  6. Google Compute Engine
  7. Scaleway
  8. OpenStack (DreamCompute optimised)
  9. Install to existing Ubuntu 18.04 server (Advanced)

Enter the number of your desired provider : 9

TASK [pause] *** ok: [localhost]

TASK [Set facts based on the input] **** ok: [localhost] [pause] Do you want macOS/iOS clients to enable "VPN On Demand" when connected to cellular networks? [y/N] :

TASK [pause] *** ok: [localhost] [pause] Do you want macOS/iOS clients to enable "VPN On Demand" when connected to Wi-Fi? [y/N] :

TASK [pause] *** ok: [localhost] [pause] Do you want to install a DNS resolver on this VPN server, to block ads while surfing? [y/N] :

TASK [pause] *** ok: [localhost] [pause] Do you want each user to have their own account for SSH tunneling? [y/N] :

TASK [pause] *** ok: [localhost] [pause] Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure) [y/N] : y

TASK [pause] *** ok: [localhost] [pause] Do you want to retain the CA key? (required to add users in the future, but less secure) [y/N] : y

TASK [pause] *** ok: [localhost]

TASK [Set facts based on the input] **** ok: [localhost]

PLAY [Provision the server] ****

TASK [Gathering Facts] ***** ok: [localhost]

--> Please include the following block of text when reporting issues:

Algo running on: Ubuntu 18.04.1 LTS (Virtualized: kvm) ZIP file created: 2018-12-10 10:37:36.000000000 -0500 Python 2.7.15rc1 Runtime variables: algo_provider "local" algo_ondemand_cellular "False" algo_ondemand_wifi "False" algo_ondemand_wifi_exclude "_null" algo_local_dns "False" algo_ssh_tunneling "False" algo_windows "True" wireguard_enabled "True" dns_encryption "False"

TASK [Display the invocation environment] ** changed: [localhost -> localhost]

TASK [Install the requirements] **** changed: [localhost -> localhost]

TASK [Generate the SSH private key] **** changed: [localhost]

TASK [Generate the SSH public key] ***** changed: [localhost] [local : pause] Enter the IP address of your server: (or use localhost for local installation): [localhost] :

TASK [local : pause] *** ok: [localhost]

TASK [local : Set the facts] *** ok: [localhost]

TASK [local : Set the facts] *** ok: [localhost] [local : pause] Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate) [localhost] : x.x.x.x

TASK [local : pause] *** ok: [localhost]

TASK [local : Set the facts] *** ok: [localhost]

TASK [Set subjectAltName as afact] ***** ok: [localhost]

TASK [Add the server to an inventory group] **** changed: [localhost]

TASK [debug] *** ok: [localhost] => { "IP_subject_alt_name": "x.x.x.x" } Pausing for 20 seconds (ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort) Press 'C' to continue the play or 'A' to abort

TASK [A short pause, in order to be sure the instance is ready] **** ok: [localhost]

PLAY [Configure the server and install required software] **

TASK [common : Check the system] *** changed: [localhost]

TASK [common : include_tasks] ** included: /root/algo-master/roles/common/tasks/ubuntu.yml for localhost ok: [localhost] => (item=[u'python2.7', u'sudo'])

TASK [common : Ubuntu | Install prerequisites] *****

TASK [common : Ubuntu | Configure defaults] **** ok: [localhost]

TASK [common : Gather facts] *** ok: [localhost]

TASK [common : Install unattended-upgrades] **** ok: [localhost]

TASK [common : Configure unattended-upgrades] ** ok: [localhost]

TASK [common : Periodic upgrades configured] *** ok: [localhost]

TASK [common : Unattended reboots configured] ** ok: [localhost] ok: [localhost] => (item={u'regexp': u'^session.optional.pam_motd.so.', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/login'}) ok: [localhost] => (item={u'regexp': u'^session.optional.pam_motd.so.', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/sshd'})

TASK [common : Disable MOTD on login and SSHD] *****

TASK [common : Loopback for services configured] *** ok: [localhost] ok: [localhost] => (item=systemd-networkd) ok: [localhost] => (item=systemd-resolved)

TASK [common : systemd services enabled and started] ***

TASK [common : Check apparmor support] ***** changed: [localhost]

TASK [common : set_fact] *** ok: [localhost]

TASK [common : set_fact] *** ok: [localhost] ok: [localhost] => (item=git) ok: [localhost] => (item=screen) ok: [localhost] => (item=apparmor-utils) ok: [localhost] => (item=uuid-runtime) ok: [localhost] => (item=coreutils) ok: [localhost] => (item=iptables-persistent) ok: [localhost] => (item=cgroup-tools) ok: [localhost] => (item=openssl)

TASK [common : Install tools] ** ok: [localhost] => (item=[u'linux-headers-generic', u'linux-headers-4.15.0-42-generic'])

TASK [common : Install headers] ****

TASK [common : Generate password for the CA key] *** changed: [localhost -> localhost]

TASK [common : Generate p12 export password] *** changed: [localhost -> localhost]

TASK [common : Define facts] *** ok: [localhost]

TASK [common : set_fact] *** ok: [localhost]

TASK [common : Set IPv6 support as a fact] ***** ok: [localhost] ok: [localhost] => (item={u'item': u'net.ipv4.ip_forward', u'value': 1}) ok: [localhost] => (item={u'item': u'net.ipv4.conf.all.forwarding', u'value': 1}) ok: [localhost] => (item={u'item': u'net.ipv6.conf.all.forwarding', u'value': 1})

TASK [common : Sysctl tuning] ** changed: [localhost -> localhost] => (item=private) changed: [localhost -> localhost] => (item=public)

TASK [wireguard : Ensure the required directories exist] ***

TASK [wireguard : Include tasks for Ubuntu] **** included: /root/algo-master/roles/wireguard/tasks/ubuntu.yml for localhost

TASK [wireguard : WireGuard repository configured] ***** ok: [localhost]

TASK [wireguard : WireGuard installed] ***** ok: [localhost]

TASK [wireguard : WireGuard reload-module-on-update] *** changed: [localhost]

TASK [wireguard : Configure unattended-upgrades] *** ok: [localhost]

TASK [wireguard : set_fact] **** ok: [localhost] ok: [localhost] => (item=host1) ok: [localhost] => (item=host2) ok: [localhost] => (item=host3) ok: [localhost] => (item=host4) ok: [localhost] => (item=host5) ok: [localhost] => (item=x.x.x.x)

TASK [wireguard : Generate private keys] *** [WARNING]: Unable to find 'configs/x.x.x.x/wireguard//private/ericandroid' in expected paths (use -vvvvv to see paths)

TASK [wireguard : Generate public keys] **** fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: configs/x.x.x.x/wireguard//private/ericandroid"}

PLAY RECAP ***** localhost : ok=55 changed=11 unreachable=0 failed=1

jackivanov commented 5 years ago

It's covered in the troubleshooting guide

ewallis commented 5 years ago

Indeed, that did it. Thanks for your help and sorry for the bother.

alexferguson1 commented 5 years ago

hello , guys , I m new to linux , and Algo ,I have two probles:first: I install it , but every time I install the ALgo , I lose my access to my vps via the ssh , and I have to ask the vps provider to give me console access to reset to the defaults , second: when they give reset the vps to the default they change something in the network , that makes problesm and I cant update the users , etc.

any help?

regards

alexferguson1 commented 5 years ago

THis is the error :

TASK [wireguard : Save private keys] *** failed: [localhost -> localhost] (item=None) => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} failed: [localhost -> localhost] (item=None) => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} fatal: [localhost]: FAILED! => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}

PLAY RECAP ***** localhost : ok=21 changed=4 unreachable=0 failed=1

joebnc commented 1 year ago

I have exact same issue and followed the troubleshooting guide, to remove the configs and run ./algo. still the same error.