Algo: Uninstall Instructions

Created on 10 Jun 2018  路  2Comments  路  Source: trailofbits/algo

OS / Environment (where do you run Algo on)

Linux veepeen 4.15.0-22-generic #24-Ubuntu SMP Wed May 16 12:15:17 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

Cloud Provider (where do you deploy Algo to)

None - local Ubuntu 18.04 server.

Summary of the problem

There doesn't seem to be any uninstall instructions. The only thing that I could find when searching was the previously closed wontfix issue #407. Is there really no way to uninstall algo and no plans to create uninstall instructions? If not, there should really be a warning on the install instructions. Uninstall is an important feature not just for users who no longer wish to use algo, but it's also needed to deal with user errors from configuration and sysadmin blunders.

I accidentally deleted files under the configuration directory (doh!) and am now unable to use algo on this server. Every attempt at reinstalling algo results in errors due to partial leftover configurations and I am left with no way to restart installation with a clean algo setup, other than reinstalling the entire OS, which is highly undesirable.

Are there any uninstall instructions, a list of installed files and changes made to the system during algo installation, or some other way to restart with a completely clean configuration?

Steps to reproduce the behavior

  1. Install algo
  2. Delete files under configs/ accidentally.
  3. Try to configure algo again.

Full log

#######################################################
# First attempt, answering Y for previously deployed ##
#######################################################

jeff@ubuntu:~/algo$ ./algo

  What provider would you like to use?
    1. DigitalOcean
    2. Amazon EC2
    3. Microsoft Azure
    4. Google Compute Engine
    5. Scaleway
    6. OpenStack (DreamCompute optimised)
    7. Install to existing Ubuntu 16.04 server (Advanced)

Enter the number of your desired provider
: 7

Enter the IP address of your server: (or use localhost for local installation)
[localhost]:


What user should we use to login on the server? (note: passwordless login required, or ignore if you're deploying to localhost)
[root]:


Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)
[]: WW.XXX.YY.ZZZ


Was this server deployed by Algo previously?
[y/N]: Y

Do you want macOS/iOS clients to enable "VPN On Demand" when connected to cellular networks?
[y/N]:

Do you want macOS/iOS clients to enable "VPN On Demand" when connected to Wi-Fi?
[y/N]:

Do you want to install a DNS resolver on this VPN server, to block ads while surfing?
[y/N]:

Do you want each user to have their own account for SSH tunneling?
[y/N]:

Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure)
[y/N]: Y

Do you want to retain the CA key? (required to add users in the future, but less secure)
[y/N]:
 [WARNING]: While constructing a mapping from /home/jeff/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.


PLAY [Configure the server] **************************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************************************
ok: [localhost]

TASK [Local pre-tasks] *******************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/local.yml for localhost

TASK [Generate the SSH private key] ******************************************************************************************************************************************************************
ok: [localhost]

TASK [Generate the SSH public key] *******************************************************************************************************************************************************************
ok: [localhost]

TASK [Change mode for the SSH private key] ***********************************************************************************************************************************************************
ok: [localhost]

TASK [Ensure the dynamic inventory exists] ***********************************************************************************************************************************************************
ok: [localhost]

TASK [Local pre-tasks] *******************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/local_ssh.yml for localhost

TASK [Ensure the local ssh directory is exist] *******************************************************************************************************************************************************
ok: [localhost]

TASK [Copy the algo ssh key to the local ssh directory] **********************************************************************************************************************************************
changed: [localhost]

TASK [local : Add the instance to an inventory group] ************************************************************************************************************************************************
skipping: [localhost]

TASK [local : Add the instance to an inventory group] ************************************************************************************************************************************************
changed: [localhost]

TASK [local : set_fact] ******************************************************************************************************************************************************************************
ok: [localhost]

TASK [local : Ensure the group local exists in the dynamic inventory file] ***************************************************************************************************************************
ok: [localhost]

TASK [local : Populate the dynamic inventory] ********************************************************************************************************************************************************
ok: [localhost]

PLAY [Configure the server and install required software] ********************************************************************************************************************************************

TASK [Common pre-tasks] ******************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/common.yml for localhost

TASK [Check the system] ******************************************************************************************************************************************************************************
changed: [localhost]

TASK [Ubuntu pre-tasks] ******************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/ubuntu.yml for localhost

TASK [Ubuntu | Install prerequisites] ****************************************************************************************************************************************************************
changed: [localhost] => (item=sleep 10)
changed: [localhost] => (item=apt-get update -qq)
changed: [localhost] => (item=apt-get install -qq -y python2.7 sudo)

TASK [FreeBSD pre-tasks] *****************************************************************************************************************************************************************************
skipping: [localhost]

TASK [include_tasks] *********************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/facts/main.yml for localhost

TASK [Gather Facts] **********************************************************************************************************************************************************************************
ok: [localhost]

TASK [Check if IPv6 configured] **********************************************************************************************************************************************************************
ok: [localhost]

TASK [Generate password for the CA key] **************************************************************************************************************************************************************
changed: [localhost -> localhost]

TASK [Generate p12 export password] ******************************************************************************************************************************************************************
changed: [localhost -> localhost]

TASK [Define password facts] *************************************************************************************************************************************************************************
ok: [localhost]

TASK [Define the commonName] *************************************************************************************************************************************************************************
ok: [localhost]

TASK [common : Install tools] ************************************************************************************************************************************************************************

TASK [common : Sysctl tuning] ************************************************************************************************************************************************************************

TASK [common : Install tools] ************************************************************************************************************************************************************************

TASK [common : Sysctl tuning] ************************************************************************************************************************************************************************

TASK [common : Install tools] ************************************************************************************************************************************************************************

TASK [common : Sysctl tuning] ************************************************************************************************************************************************************************

TASK [common : include_tasks] ************************************************************************************************************************************************************************
included: /home/jeff/algo/roles/common/tasks/ubuntu.yml for localhost

TASK [common : Loopback for services configured] *****************************************************************************************************************************************************
ok: [localhost]

TASK [common : systemd-networkd enabled and started] *************************************************************************************************************************************************
ok: [localhost]

TASK [common : Check apparmor support] ***************************************************************************************************************************************************************
changed: [localhost]

TASK [common : set_fact] *****************************************************************************************************************************************************************************
ok: [localhost]

TASK [common : set_fact] *****************************************************************************************************************************************************************************
ok: [localhost]

TASK [common : include_tasks] ************************************************************************************************************************************************************************
skipping: [localhost]

TASK [common : Install tools] ************************************************************************************************************************************************************************
ok: [localhost] => (item=git)
ok: [localhost] => (item=screen)
ok: [localhost] => (item=apparmor-utils)
ok: [localhost] => (item=uuid-runtime)
ok: [localhost] => (item=coreutils)
ok: [localhost] => (item=iptables-persistent)
ok: [localhost] => (item=cgroup-tools)
ok: [localhost] => (item=openssl,linux-headers-4.15.0-22-generic)

TASK [common : Sysctl tuning] ************************************************************************************************************************************************************************
ok: [localhost] => (item={u'item': u'net.ipv4.ip_forward', u'value': 1})
ok: [localhost] => (item={u'item': u'net.ipv4.conf.all.forwarding', u'value': 1})
ok: [localhost] => (item={u'item': u'net.ipv6.conf.all.forwarding', u'value': 1})

TASK [wireguard : WireGuard repository configured] ***************************************************************************************************************************************************
ok: [localhost]

TASK [wireguard : WireGuard installed] ***************************************************************************************************************************************************************
ok: [localhost]

TASK [wireguard : Ensure the required directories exist] *********************************************************************************************************************************************
ok: [localhost -> localhost] => (item=private)
ok: [localhost -> localhost] => (item=public)

TASK [wireguard : Delete the lock files] *************************************************************************************************************************************************************
skipping: [localhost] => (item=jeff)
skipping: [localhost] => (item=WW.XXX.YY.ZZZ)

TASK [wireguard : Generate private keys] *************************************************************************************************************************************************************
ok: [localhost] => (item=jeff)
ok: [localhost] => (item=WW.XXX.YY.ZZZ)
 [WARNING]: As of Ansible 2.4, the parameter 'executable' is no longer supported with the 'command' module. Not using 'bash'.


TASK [wireguard : Save private keys] *****************************************************************************************************************************************************************
skipping: [localhost] => (item=None)
skipping: [localhost] => (item=None)

TASK [wireguard : Touch the lock file] ***************************************************************************************************************************************************************
skipping: [localhost] => (item=jeff)
skipping: [localhost] => (item=WW.XXX.YY.ZZZ)

TASK [wireguard : Generate public keys] **************************************************************************************************************************************************************
 [WARNING]: Unable to find 'configs/WW.XXX.YY.ZZZ/wireguard//private/jeff' in expected paths.

fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: configs/WW.XXX.YY.ZZZ/wireguard//private/jeff"}

PLAY RECAP *******************************************************************************************************************************************************************************************
localhost                  : ok=36   changed=7    unreachable=0    failed=1


#######################################################
# Second attempt, answering N for previously deployed #
#######################################################


jeff@ubuntu:~/algo$ ./algo

  What provider would you like to use?
    1. DigitalOcean
    2. Amazon EC2
    3. Microsoft Azure
    4. Google Compute Engine
    5. Scaleway
    6. OpenStack (DreamCompute optimised)
    7. Install to existing Ubuntu 16.04 server (Advanced)

Enter the number of your desired provider
: 7

Enter the IP address of your server: (or use localhost for local installation)
[localhost]:


What user should we use to login on the server? (note: passwordless login required, or ignore if you're deploying to localhost)
[root]:


Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)
[]: WW.XXX.YY.ZZZ


Was this server deployed by Algo previously?
[y/N]: N

Do you want macOS/iOS clients to enable "VPN On Demand" when connected to cellular networks?
[y/N]:

Do you want macOS/iOS clients to enable "VPN On Demand" when connected to Wi-Fi?
[y/N]:

Do you want to install a DNS resolver on this VPN server, to block ads while surfing?
[y/N]:

Do you want each user to have their own account for SSH tunneling?
[y/N]:

Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure)
[y/N]: y

Do you want to retain the CA key? (required to add users in the future, but less secure)
[y/N]:

 [WARNING]: While constructing a mapping from /home/jeff/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.


PLAY [Configure the server] **************************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************************************
ok: [localhost]

TASK [Local pre-tasks] *******************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/local.yml for localhost

TASK [Generate the SSH private key] ******************************************************************************************************************************************************************
ok: [localhost]

TASK [Generate the SSH public key] *******************************************************************************************************************************************************************
ok: [localhost]

TASK [Change mode for the SSH private key] ***********************************************************************************************************************************************************
ok: [localhost]

TASK [Ensure the dynamic inventory exists] ***********************************************************************************************************************************************************
ok: [localhost]

TASK [Local pre-tasks] *******************************************************************************************************************************************************************************
skipping: [localhost]

TASK [local : Add the instance to an inventory group] ************************************************************************************************************************************************
skipping: [localhost]

TASK [local : Add the instance to an inventory group] ************************************************************************************************************************************************
changed: [localhost]

TASK [local : set_fact] ******************************************************************************************************************************************************************************
ok: [localhost]

TASK [local : Ensure the group local exists in the dynamic inventory file] ***************************************************************************************************************************
ok: [localhost]

TASK [local : Populate the dynamic inventory] ********************************************************************************************************************************************************
ok: [localhost]

PLAY [Configure the server and install required software] ********************************************************************************************************************************************

TASK [Common pre-tasks] ******************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/common.yml for localhost

TASK [Check the system] ******************************************************************************************************************************************************************************
changed: [localhost]

TASK [Ubuntu pre-tasks] ******************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/ubuntu.yml for localhost

TASK [Ubuntu | Install prerequisites] ****************************************************************************************************************************************************************
changed: [localhost] => (item=sleep 10)
changed: [localhost] => (item=apt-get update -qq)
changed: [localhost] => (item=apt-get install -qq -y python2.7 sudo)

TASK [FreeBSD pre-tasks] *****************************************************************************************************************************************************************************
skipping: [localhost]

TASK [include_tasks] *********************************************************************************************************************************************************************************
included: /home/jeff/algo/playbooks/facts/main.yml for localhost

TASK [Gather Facts] **********************************************************************************************************************************************************************************
ok: [localhost]

TASK [Check if IPv6 configured] **********************************************************************************************************************************************************************
ok: [localhost]

TASK [Generate password for the CA key] **************************************************************************************************************************************************************
changed: [localhost -> localhost]

TASK [Generate p12 export password] ******************************************************************************************************************************************************************
changed: [localhost -> localhost]

TASK [Define password facts] *************************************************************************************************************************************************************************
ok: [localhost]

TASK [Define the commonName] *************************************************************************************************************************************************************************
ok: [localhost]

TASK [common : Install tools] ************************************************************************************************************************************************************************

TASK [common : Sysctl tuning] ************************************************************************************************************************************************************************

TASK [common : Install tools] ************************************************************************************************************************************************************************

TASK [common : Sysctl tuning] ************************************************************************************************************************************************************************

TASK [common : Install tools] ************************************************************************************************************************************************************************

TASK [common : Sysctl tuning] ************************************************************************************************************************************************************************

TASK [common : include_tasks] ************************************************************************************************************************************************************************
included: /home/jeff/algo/roles/common/tasks/ubuntu.yml for localhost

TASK [common : Loopback for services configured] *****************************************************************************************************************************************************
ok: [localhost]

TASK [common : systemd-networkd enabled and started] *************************************************************************************************************************************************
ok: [localhost]

TASK [common : Check apparmor support] ***************************************************************************************************************************************************************
changed: [localhost]

TASK [common : set_fact] *****************************************************************************************************************************************************************************
ok: [localhost]

TASK [common : set_fact] *****************************************************************************************************************************************************************************
ok: [localhost]

TASK [common : include_tasks] ************************************************************************************************************************************************************************
skipping: [localhost]

TASK [common : Install tools] ************************************************************************************************************************************************************************
ok: [localhost] => (item=git)
ok: [localhost] => (item=screen)
ok: [localhost] => (item=apparmor-utils)
ok: [localhost] => (item=uuid-runtime)
ok: [localhost] => (item=coreutils)
ok: [localhost] => (item=iptables-persistent)
ok: [localhost] => (item=cgroup-tools)
ok: [localhost] => (item=openssl,linux-headers-4.15.0-22-generic)

TASK [common : Sysctl tuning] ************************************************************************************************************************************************************************
ok: [localhost] => (item={u'item': u'net.ipv4.ip_forward', u'value': 1})
ok: [localhost] => (item={u'item': u'net.ipv4.conf.all.forwarding', u'value': 1})
ok: [localhost] => (item={u'item': u'net.ipv6.conf.all.forwarding', u'value': 1})

TASK [wireguard : WireGuard repository configured] ***************************************************************************************************************************************************
ok: [localhost]

TASK [wireguard : WireGuard installed] ***************************************************************************************************************************************************************
ok: [localhost]

TASK [wireguard : Ensure the required directories exist] *********************************************************************************************************************************************
ok: [localhost -> localhost] => (item=private)
ok: [localhost -> localhost] => (item=public)

TASK [wireguard : Delete the lock files] *************************************************************************************************************************************************************
skipping: [localhost] => (item=jeff)
skipping: [localhost] => (item=WW.XXX.YY.ZZZ)

TASK [wireguard : Generate private keys] *************************************************************************************************************************************************************
ok: [localhost] => (item=jeff)
ok: [localhost] => (item=WW.XXX.YY.ZZZ)
 [WARNING]: As of Ansible 2.4, the parameter 'executable' is no longer supported with the 'command' module. Not using 'bash'.


TASK [wireguard : Save private keys] *****************************************************************************************************************************************************************
skipping: [localhost] => (item=None)
skipping: [localhost] => (item=None)

TASK [wireguard : Touch the lock file] ***************************************************************************************************************************************************************
skipping: [localhost] => (item=jeff)
skipping: [localhost] => (item=WW.XXX.YY.ZZZ)

TASK [wireguard : Generate public keys] **************************************************************************************************************************************************************
 [WARNING]: Unable to find 'configs/WW.XXX.YY.ZZZ/wireguard//private/jeff' in expected paths.

fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: configs/WW.XXX.YY.ZZZ/wireguard//private/jeff"}

PLAY RECAP *******************************************************************************************************************************************************************************************
localhost                  : ok=33   changed=6    unreachable=0    failed=1

Most helpful comment

For someone who will face the same problem.
You simply need to remove all *.lock files at /etc/wireguard/

sudo rm -rf /etc/wireguard/*.lock

All 2 comments

That鈥檚 correct, there are no uninstall directions. Delete the server and try again.

For someone who will face the same problem.
You simply need to remove all *.lock files at /etc/wireguard/

sudo rm -rf /etc/wireguard/*.lock
Was this page helpful?
0 / 5 - 0 ratings

Related issues

dsecareanu picture dsecareanu  路  5Comments

dguido picture dguido  路  3Comments

jwebbstevens picture jwebbstevens  路  4Comments

mikaelf picture mikaelf  路  5Comments

mosesrenegade picture mosesrenegade  路  5Comments