search

trailofbits / algo

Set up a personal VPN in the cloud
https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/
GNU Affero General Public License v3.0
28.93k stars 2.32k forks source link

No package matching 'linux-headers-4.4.0' is available #1844

Closed mehrant95 closed 4 years ago

mehrant95 commented 4 years ago

Describe the bug I tried to setup Algo on my VPS (from Hostinger), running Ubuntu 16.04. After installing python3.6 and other dependencies, i ran the setup with ./algo command but it got this error:

TASK [common : Set fact if apparmor enabled] ***********************************
fatal: [localhost]: FAILED! => {"msg": "The conditional check '\"profiles are in enforce mode\" in apparmor_status.stdout' failed. The error was: error while evaluating conditional (\"profiles are in enforce mode\" in apparmor_status.stdout): Unable to look up a name or access an attribute in template string ({% if \"profiles are in enforce mode\" in apparmor_status.stdout %} True {% else %} False {% endif %}).\nMake sure your variable name does not contain invalid characters like '-': argument of type 'StrictUndefined' is not iterable\n\nThe error appears to have been in '/root/algo-master/roles/common/tasks/ubuntu.yml': line 69, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Set fact if apparmor enabled\n  ^ here\n"}
included: /root/algo-master/playbooks/rescue.yml for localhost

I searched and came with issue #1443, so i ran sudo apt install apparmor command. Running the setup again, the error seems to be gone (actually ignored) but i got another error. Here is the full log:

(.env) root@mehrant:/opt/algo# sudo ./algo
[WARNING]: Could not match supplied host pattern, ignoring: vpn-host

PLAY [localhost] *************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************
ok: [localhost]

TASK [Playbook dir stat] *****************************************************************************************************************
ok: [localhost]

TASK [Ensure Ansible is not being run in a world writable directory] *********************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [Ensure the requirements installed] *************************************************************************************************
ok: [localhost]

TASK [Set required ansible version as a fact] ********************************************************************************************
ok: [localhost] => (item=ansible==2.8.8)

TASK [Verify Python meets Algo VPN requirements] *****************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

TASK [Verify Ansible meets Algo VPN requirements] ****************************************************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

PLAY [Ask user for the input] ************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************
ok: [localhost]
[Cloud prompt]
What provider would you like to use?
    1. DigitalOcean
    2. Amazon Lightsail
    3. Amazon EC2
    4. Microsoft Azure
    5. Google Compute Engine
    6. Hetzner Cloud
    7. Vultr
    8. Scaleway
    9. OpenStack (DreamCompute optimised)
    10. CloudStack (Exoscale optimised)
    11. Install to existing Ubuntu 18.04 or 20.04 server (for more advanced users)

Enter the number of your desired provider
:
[[
TASK [Cloud prompt] **********************************************************************************************************************
ok: [localhost]

TASK [Set facts based on the input] ******************************************************************************************************
ok: [localhost]
[Cellular On Demand prompt]
Do you want macOS/iOS clients to enable "Connect On Demand" when connected to cellular networks?
[y/N]
:
[[
TASK [Cellular On Demand prompt] *********************************************************************************************************
ok: [localhost]
[Wi-Fi On Demand prompt]
Do you want macOS/iOS clients to enable "Connect On Demand" when connected to Wi-Fi?
[y/N]
:
y^M
TASK [Wi-Fi On Demand prompt] ************************************************************************************************************
ok: [localhost]
[[[Trusted Wi-Fi networks prompt]
List the names of any trusted Wi-Fi networks where macOS/iOS clients should not use "Connect On Demand"
(e.g., your home network. Comma-separated value, e.g., HomeNet,OfficeWifi,AlgoWiFi)
:
[[
TASK [Trusted Wi-Fi networks prompt] *****************************************************************************************************
ok: [localhost]
[Retain the PKI prompt]
Do you want to retain the keys (PKI)? (required to add users in the future, but less secure)
[y/N]
:
[[
TASK [Retain the PKI prompt] *************************************************************************************************************
ok: [localhost]
[DNS adblocking prompt]
Do you want to enable DNS ad blocking on this VPN server?
[y/N]
:
[[
TASK [DNS adblocking prompt] *************************************************************************************************************
ok: [localhost]
[SSH tunneling prompt]
Do you want each user to have their own account for SSH tunneling?
[y/N]
:
[[
TASK [SSH tunneling prompt] **************************************************************************************************************
ok: [localhost]

TASK [Set facts based on the input] ******************************************************************************************************
ok: [localhost]

PLAY [Provision the server] **************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************
ok: [localhost]

--> Please include the following block of text when reporting issues:

Algo running on: Ubuntu 16.04.6 LTS (Virtualized: openvz)
Created from git clone. Last commit: 3f86ae0 Few cosmetic change to readme (#1813)
Python 3.6.11
Runtime variables:
    algo_provider "local"
    algo_ondemand_cellular "True"
    algo_ondemand_wifi "True"
    algo_ondemand_wifi_exclude "X251bGw="
    algo_dns_adblocking "False"
    algo_ssh_tunneling "False"
    wireguard_enabled "True"
    dns_encryption "True"

TASK [Display the invocation environment] ************************************************************************************************
changed: [localhost -> localhost]

TASK [Install the requirements] **********************************************************************************************************
ok: [localhost -> localhost]
[local : pause]
Enter the IP address of your server: (or use localhost for local installation):
[localhost]
:
[[
TASK [local : pause] *********************************************************************************************************************
ok: [localhost]

TASK [local : Set the facts] *************************************************************************************************************
ok: [localhost]
[local : pause]
Enter the public IP address or domain name of your server: (IMPORTANT! This is used to verify the certificate)
[localhost]
:
[[
TASK [local : pause] *********************************************************************************************************************
ok: [localhost]

TASK [local : Set the facts] *************************************************************************************************************
ok: [localhost]

TASK [Set subjectAltName as a fact] ******************************************************************************************************
ok: [localhost]

TASK [Add the server to an inventory group] **********************************************************************************************
changed: [localhost]

TASK [debug] *****************************************************************************************************************************
ok: [localhost] => {
    "IP_subject_alt_name": "145.14.157.251"
}
[WARNING]: Reset is not implemented for this connection

TASK [Wait 600 seconds for target connection to become reachable/usable] *****************************************************************
ok: [localhost -> localhost] => (item=localhost)

PLAY [Configure the server and install required software] ********************************************************************************

TASK [common : Check the system] *********************************************************************************************************
ok: [localhost]
included: /opt/algo/roles/common/tasks/ubuntu.yml for localhost

TASK [common : Gather facts] *************************************************************************************************************
ok: [localhost]

TASK [common : Install unattended-upgrades] **********************************************************************************************
ok: [localhost]

TASK [common : Configure unattended-upgrades] ********************************************************************************************
ok: [localhost]

TASK [common : Periodic upgrades configured] *********************************************************************************************
ok: [localhost]

TASK [common : Disable MOTD on login and SSHD] *******************************************************************************************
ok: [localhost] => (item={'regexp': '^session.*optional.*pam_motd.so.*', 'line': '# MOTD DISABLED', 'file': '/etc/pam.d/login'})
ok: [localhost] => (item={'regexp': '^session.*optional.*pam_motd.so.*', 'line': '# MOTD DISABLED', 'file': '/etc/pam.d/sshd'})

TASK [common : Loopback for services configured] *****************************************************************************************
ok: [localhost]

TASK [common : systemd services enabled and started] *************************************************************************************
ok: [localhost] => (item=systemd-networkd)
ok: [localhost] => (item=systemd-resolved)

TASK [common : Check apparmor support] ***************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "cmd": ["apparmor_status"], "delta": "0:00:00.142816", "end": "2020-07-16 10:41:24.318090", "msg": "non-zero return code", "rc": 1, "start": "2020-07-16 10:41:24.175274", "stderr": "apparmor module is not loaded.", "stderr_lines": ["apparmor module is not loaded."], "stdout": "", "stdout_lines": []}
...ignoring

TASK [common : Define facts] *************************************************************************************************************
ok: [localhost]

TASK [common : Set facts] ****************************************************************************************************************
ok: [localhost]

TASK [common : Set IPv6 support as a fact] ***********************************************************************************************
ok: [localhost]

TASK [common : Check size of MTU] ********************************************************************************************************
ok: [localhost]

TASK [common : Set OS specific facts] ****************************************************************************************************
ok: [localhost]

TASK [common : Install tools] ************************************************************************************************************
ok: [localhost]

TASK [common : Install headers] **********************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "No package matching 'linux-headers-4.4.0' is available"}
included: /opt/algo/playbooks/rescue.yml for localhost

TASK [debug] *****************************************************************************************************************************
ok: [localhost] => {
    "fail_hint": [
        "Sorry, but something went wrong!",
        "Please check the troubleshooting guide.",
        "https://trailofbits.github.io/algo/troubleshooting.html"
    ]
}

TASK [Fail the installation] *************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed as requested from task"}

PLAY RECAP *******************************************************************************************************************************
localhost                  : ok=46   changed=2    unreachable=0    failed=1    skipped=21   rescued=1    ignored=1

I also tired installing Algo on Ubuntu 18.04 (same VPS) but during installation, it got an error that systemd-resolved service is masked. I searched the error but couldn't find anyway to unmask the service.

davidemyers commented 4 years ago
  1. Install to existing Ubuntu 18.04 or 20.04 server (for more advanced users)

As the prompt says, Ubuntu 16.04 is not supported. 20.04 is the best choice.

It sounds like Hostinger has modified 18.04. Try a different provider.