Closed NotHere closed 5 months ago
A little more digging turns this gem up: https://github.com/DNSCrypt/dnscrypt-proxy/discussions/2410
From the dnscrypt wiki the possible solution is to install package from the testing debian repository.
Sorry, but we only support Ubuntu
Describe the bug
Did a git clone and tried to install Algo on a barebones (debian-12.4.0-amd64-netinst.iso) install of Debian 12.4. Script failed on 2 items:
1) debian netinstall (no desktop) does not include systemd-resolved. Script failed. Installing systems-resolved resolved this issue.
2) algo then fails on adding repository.
TASK [dns : Add the repository] ***** fatal: [localhost]: FAILED! => {"attempts": 10, "changed": false, "msg": "Failed to update apt cache: E:The repository 'http://ppa.launchpad.net/shevchuk/dnscrypt-proxy/ubuntu bookworm Release' does not have a Release file."}
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Algo finishes installing.
Additional context
1) add systemd-resolver to dependencies list in README.md 2) According to https://launchpad.net/~shevchuk/+archive/ubuntu/dnscrypt-proxy, the way to add the repository is:
add-apt-repository ppa:shevchuk/dnscrypt-proxy
Add any other context about the problem here.
./algo
PLAY [localhost] ****
TASK [Gathering Facts] ** ok: [localhost]
TASK [Playbook dir stat] **** ok: [localhost]
TASK [Ensure Ansible is not being run in a world writable directory] **** ok: [localhost] => { "changed": false, "msg": "All assertions passed" } [DEPRECATION WARNING]: Use 'ansible.utils.ipaddr' module instead. This feature will be removed from ansible.netcommon in a release after 2024-01-01. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. [WARNING]: The value '' is not a valid IP address or network, passing this value to ipaddr filter might result in breaking change in future.
TASK [Ensure the requirements installed] **** ok: [localhost]
TASK [Set required ansible version as a fact] *** ok: [localhost] => (item=ansible==9.1.0)
TASK [Just get the list from default pip] *** ok: [localhost]
TASK [Verify Python meets Algo VPN requirements] **** ok: [localhost] => { "changed": false, "msg": "All assertions passed" }
TASK [Verify Ansible meets Algo VPN requirements] *** ok: [localhost] => { "changed": false, "msg": "All assertions passed" } [WARNING]: Found variable using reserved name: no_log
PLAY [Ask user for the input] ***
TASK [Gathering Facts] ** ok: [localhost] [Cloud prompt] What provider would you like to use?
Enter the number of your desired provider : 12 TASK [Cloud prompt] ***** ok: [localhost]
TASK [Set facts based on the input] * ok: [localhost] [Cellular On Demand prompt] Do you want macOS/iOS clients to enable "Connect On Demand" when connected to cellular networks? [y/N] : y TASK [Cellular On Demand prompt] **** ok: [localhost] [Wi-Fi On Demand prompt] Do you want macOS/iOS clients to enable "Connect On Demand" when connected to Wi-Fi? [y/N] : y TASK [Wi-Fi On Demand prompt] *** ok: [localhost] [Trusted Wi-Fi networks prompt] List the names of any trusted Wi-Fi networks where macOS/iOS clients should not use "Connect On Demand" (e.g., your home network. Comma-separated value, e.g., HomeNet,OfficeWifi,AlgoWiFi) : Home TASK [Trusted Wi-Fi networks prompt] **** ok: [localhost] [Retain the PKI prompt] Do you want to retain the keys (PKI)? (required to add users in the future, but less secure) [y/N] : y TASK [Retain the PKI prompt] **** ok: [localhost] [DNS adblocking prompt] Do you want to enable DNS ad blocking on this VPN server? [y/N] : y TASK [DNS adblocking prompt] **** ok: [localhost] [SSH tunneling prompt] Do you want each user to have their own account for SSH tunneling? [y/N] :
TASK [SSH tunneling prompt] ***** ok: [localhost]
TASK [Set facts based on the input] ***** ok: [localhost]
PLAY [Provision the server] *****
TASK [Gathering Facts] ** ok: [localhost]
--> Please include the following block of text when reporting issues:
Algo running on: Debian GNU/Linux 12 (bookworm) (Virtualized: kvm) Created from git clone. Last commit: 74051d0 Update README.md dependencies (#14634) Python 3.11.2 Runtime variables: algo_provider "local" algo_ondemand_cellular "True" algo_ondemand_wifi "True" algo_ondemand_wifi_exclude "VGhl2Wm9vA" algo_dns_adblocking "True" algo_ssh_tunneling "False" wireguard_enabled "True" dns_encryption "False"
TASK [Display the invocation environment] *** changed: [localhost]
TASK [Install the requirements] ***** ok: [localhost]
TASK [Include a provisioning role] ** [local : pause] https://trailofbits.github.io/algo/deploy-to-ubuntu.html
Local installation might break your server. Use at your own risk.
Proceed? Press ENTER to continue or CTRL+C and A to abort...:
TASK [local : pause] **** ok: [localhost] => (item=https://trailofbits.github.io/algo/deploy-to-ubuntu.html
Local installation might break your server. Use at your own risk.
Proceed? Press ENTER to continue or CTRL+C and A to abort...) [local : pause] Enter the IP address of your server: (or use localhost for local installation): [localhost] :
TASK [local : pause] **** ok: [localhost]
TASK [local : Set the facts] **** ok: [localhost] [local : pause] Enter the public IP address or domain name of your server: (IMPORTANT! This is used to verify the certificate) [localhost] :
TASK [local : pause] **** ok: [localhost]
TASK [local : Set the facts] **** ok: [localhost]
TASK [Set subjectAltName as a fact] ***** ok: [localhost]
TASK [Add the server to an inventory group] ***** changed: [localhost]
TASK [debug] **** ok: [localhost] => { "IP_subject_alt_name": "vpn.exampe.com" } [WARNING]: Reset is not implemented for this connection
TASK [Wait 600 seconds for target connection to become reachable/usable] **** ok: [localhost] => (item=localhost)
PLAY [Configure the server and install required software] ***
TASK [common : Check the system] **** ok: [localhost]
TASK [common : include_tasks] *** included: /home/tai/algo/roles/common/tasks/ubuntu.yml for localhost
TASK [common : Gather facts] **** ok: [localhost]
TASK [common : Install unattended-upgrades] ***** ok: [localhost]
TASK [common : Configure unattended-upgrades] *** ok: [localhost]
TASK [common : Periodic upgrades configured] **** ok: [localhost]
TASK [common : Disable MOTD on login and SSHD] ** ok: [localhost] => (item={'regexp': '^session.optional.pam_motd.so.', 'line': '# MOTD DISABLED', 'file': '/etc/pam.d/login'}) ok: [localhost] => (item={'regexp': '^session.optional.pam_motd.so.', 'line': '# MOTD DISABLED', 'file': '/etc/pam.d/sshd'})
TASK [common : Ensure fallback resolvers are set] *** ok: [localhost] [DEPRECATION WARNING]: Use 'ansible.utils.ipmath' module instead. This feature will be removed from ansible.netcommon in a release after 2024-01-01. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
TASK [common : Loopback for services configured] **** ok: [localhost]
TASK [common : systemd services enabled and started] **** ok: [localhost] => (item=systemd-networkd) ok: [localhost] => (item=systemd-resolved)
TASK [common : Check apparmor support] ** ok: [localhost]
TASK [common : Set fact if apparmor enabled] **** ok: [localhost]
TASK [common : Define facts] **** ok: [localhost]
TASK [common : Set facts] *** ok: [localhost]
TASK [common : Set IPv6 support as a fact] ** ok: [localhost]
TASK [common : Check size of MTU] *** ok: [localhost]
TASK [common : Set OS specific facts] *** ok: [localhost]
TASK [common : Install tools] *** ok: [localhost]
TASK [common : include_tasks] *** included: /home/tai/algo/roles/common/tasks/iptables.yml for localhost
TASK [common : Iptables configured] ***** ok: [localhost] => (item={'src': 'rules.v4.j2', 'dest': '/etc/iptables/rules.v4'})
TASK [common : Sysctl tuning] *** ok: [localhost] => (item={'item': 'net.ipv4.ip_forward', 'value': 1}) ok: [localhost] => (item={'item': 'net.ipv4.conf.all.forwarding', 'value': 1})
TASK [dns : Include tasks for Ubuntu] *** included: /home/tai/algo/roles/dns/tasks/ubuntu.yml for localhost FAILED - RETRYING: [localhost]: Add the repository (10 retries left). FAILED - RETRYING: [localhost]: Add the repository (9 retries left). FAILED - RETRYING: [localhost]: Add the repository (8 retries left). FAILED - RETRYING: [localhost]: Add the repository (7 retries left). FAILED - RETRYING: [localhost]: Add the repository (6 retries left). FAILED - RETRYING: [localhost]: Add the repository (5 retries left). FAILED - RETRYING: [localhost]: Add the repository (4 retries left). FAILED - RETRYING: [localhost]: Add the repository (3 retries left). FAILED - RETRYING: [localhost]: Add the repository (2 retries left). FAILED - RETRYING: [localhost]: Add the repository (1 retries left).
TASK [dns : Add the repository] ***** fatal: [localhost]: FAILED! => {"attempts": 10, "changed": false, "msg": "Failed to update apt cache: E:The repository 'http://ppa.launchpad.net/shevchuk/dnscrypt-proxy/ubuntu bookworm Release' does not have a Release file."}
TASK [include_tasks] **** included: /home/tai/algo/playbooks/rescue.yml for localhost
TASK [debug] **** ok: [localhost] => { "fail_hint": [ "Sorry, but something went wrong!", "Please check the troubleshooting guide.", "https://trailofbits.github.io/algo/troubleshooting.html" ] }
TASK [Fail the installation] **** fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed as requested from task"}
PLAY RECAP ** localhost : ok=54 changed=2 unreachable=0 failed=1 skipped=25 rescued=1 ignored=0