Linux 4.4.0-45-generic #66-Ubuntu SMP Wed Oct 19 14:12:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Pre-existing server (using DigitalOcean
When I run ./algo, i get the error "Unable to find 'configs/198.199.93.177/wireguard//private/poipt."
I ran ./algo and got that error.
What provider would you like to use?
1. DigitalOcean
2. Amazon EC2
3. Microsoft Azure
4. Google Compute Engine
5. Scaleway
6. OpenStack (DreamCompute optimised)
7. Install to existing Ubuntu 16.04 server (Advanced)
Enter the number of your desired provider
: 7
Enter the IP address of your server: (or use localhost for local installation)
[localhost]:
What user should we use to login on the server? (note: passwordless login required, or ignore if you're deploying to localhost)
Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)
[]: 198.199.93.177
Was this server deployed by Algo previously?
Do you want macOS/iOS clients to enable "VPN On Demand" when connected to cellular networks?
Do you want macOS/iOS clients to enable "VPN On Demand" when connected to Wi-Fi?
Do you want to install a DNS resolver on this VPN server, to block ads while surfing?
Do you want each user to have their own account for SSH tunneling?
Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure)
Do you want to retain the CA key? (required to add users in the future, but less secure)
PLAY [Configure the server] ******************************
TASK [Gathering Facts] *******************************
ok: [localhost]
TASK [Local pre-tasks] *******************************
included: /home/jonah/algo/playbooks/local.yml for localhost
TASK [Generate the SSH private key] ****************************
changed: [localhost]
TASK [Generate the SSH public key] ***************************
ok: [localhost]
TASK [Change mode for the SSH private key] *************************
ok: [localhost]
TASK [Ensure the dynamic inventory exists] *************************
changed: [localhost]
TASK [Local pre-tasks] *******************************
skipping: [localhost]
TASK [local : Add the instance to an inventory group] **********************
skipping: [localhost]
TASK [local : Add the instance to an inventory group] **********************
changed: [localhost]
TASK [local : set_fact] ********************************
ok: [localhost]
TASK [local : Ensure the group local exists in the dynamic inventory file] ***************
changed: [localhost]
TASK [local : Populate the dynamic inventory] ************************
changed: [localhost]
PLAY [Configure the server and install required software] ********************
TASK [Common pre-tasks] ********************************
included: /home/jonah/algo/playbooks/common.yml for localhost
TASK [Check the system] ********************************
changed: [localhost]
TASK [Ubuntu pre-tasks] ********************************
included: /home/jonah/algo/playbooks/ubuntu.yml for localhost
TASK [Ubuntu | Install prerequisites] **************************
changed: [localhost] => (item=sleep 10)
changed: [localhost] => (item=apt-get update -qq)
changed: [localhost] => (item=apt-get install -qq -y python2.7 sudo)
TASK [FreeBSD pre-tasks] *******************************
skipping: [localhost]
TASK [include_tasks] *********************************
included: /home/jonah/algo/playbooks/facts/main.yml for localhost
TASK [Gather Facts] ********************************
ok: [localhost]
TASK [Check if IPv6 configured] ****************************
ok: [localhost]
TASK [Generate password for the CA key] **************************
changed: [localhost -> localhost]
TASK [Generate p12 export password] ****************************
changed: [localhost -> localhost]
TASK [Define password facts] *****************************
ok: [localhost]
TASK [Define the commonName] *****************************
ok: [localhost]
TASK [common : include_tasks] ******************************
included: /home/jonah/algo/roles/common/tasks/ubuntu.yml for localhost
TASK [common : Loopback for services configured] ***********************
ok: [localhost]
TASK [common : systemd services enabled and started] *********************
ok: [localhost] => (item=systemd-networkd)
ok: [localhost] => (item=systemd-resolved)
TASK [common : Check apparmor support] ***************************
changed: [localhost]
TASK [common : set_fact] *******************************
ok: [localhost]
TASK [common : set_fact] *******************************
ok: [localhost]
TASK [common : include_tasks] ******************************
skipping: [localhost]
TASK [common : Install tools] ******************************
ok: [localhost] => (item=git)
ok: [localhost] => (item=screen)
ok: [localhost] => (item=apparmor-utils)
ok: [localhost] => (item=uuid-runtime)
ok: [localhost] => (item=coreutils)
ok: [localhost] => (item=iptables-persistent)
ok: [localhost] => (item=cgroup-tools)
ok: [localhost] => (item=openssl,linux-headers-4.4.0-45-generic)
TASK [common : Sysctl tuning] ******************************
ok: [localhost] => (item={u'item': u'net.ipv4.ip_forward', u'value': 1})
ok: [localhost] => (item={u'item': u'net.ipv4.conf.all.forwarding', u'value': 1})
ok: [localhost] => (item={u'item': u'net.ipv6.conf.all.forwarding', u'value': 1})
TASK [dns_encryption : Include tasks for Ubuntu] ***********************
included: /home/jonah/algo/roles/dns_encryption/tasks/ubuntu.yml for localhost
TASK [dns_encryption : Add the repository] *************************
ok: [localhost]
TASK [dns_encryption : Install dnscrypt-proxy] ***********************
ok: [localhost]
TASK [dns_encryption : Configure unattended-upgrades] **********************
ok: [localhost]
TASK [dns_encryption : Ubuntu | Unbound profile for apparmor configured] ***************
ok: [localhost]
TASK [dns_encryption : Ubuntu | Enforce the dnscrypt-proxy AppArmor policy] **************
ok: [localhost]
TASK [dns_encryption : Ubuntu | Ensure that the dnscrypt-proxy service directory exist] **********
ok: [localhost]
TASK [dns_encryption : Ubuntu | Add capabilities to bind ports] ******************
ok: [localhost]
TASK [dns_encryption : Include tasks for FreeBSD] **********************
skipping: [localhost]
TASK [dns_encryption : dnscrypt-proxy ip-blacklist configured] *******************
ok: [localhost]
TASK [dns_encryption : dnscrypt-proxy configured] **********************
ok: [localhost]
TASK [dns_encryption : dnscrypt-proxy enabled and started] *******************
ok: [localhost]
TASK [dns_adblocking : The DNS tag is defined] ***********************
ok: [localhost]
TASK [dns_adblocking : Dnsmasq installed] **************************
ok: [localhost]
TASK [dns_adblocking : The dnsmasq directory created] **********************
ok: [localhost]
TASK [dns_adblocking : include_tasks] **************************
included: /home/jonah/algo/roles/dns_adblocking/tasks/ubuntu.yml for localhost
TASK [dns_adblocking : Ubuntu | Dnsmasq profile for apparmor configured] ***************
ok: [localhost]
TASK [dns_adblocking : Ubuntu | Enforce the dnsmasq AppArmor policy] *****************
changed: [localhost]
TASK [dns_adblocking : Ubuntu | Ensure that the dnsmasq service directory exist] *************
ok: [localhost]
TASK [dns_adblocking : Ubuntu | Setup the cgroup limitations for the ipsec daemon] ***********
ok: [localhost]
TASK [dns_adblocking : include_tasks] **************************
skipping: [localhost]
TASK [dns_adblocking : Dnsmasq configured] *************************
ok: [localhost]
TASK [dns_adblocking : Adblock script created] ***********************
ok: [localhost]
TASK [dns_adblocking : Adblock script added to cron] *********************
ok: [localhost]
TASK [dns_adblocking : Update adblock hosts] *************************
changed: [localhost]
TASK [dns_adblocking : Dnsmasq enabled and started] **********************
ok: [localhost]
TASK [ssh_tunneling : Ensure that the sshd_config file has desired options] **************
ok: [localhost]
TASK [ssh_tunneling : Ensure that the algo group exist] ********************
ok: [localhost]
TASK [ssh_tunneling : Ensure that the jail directory exist] ********************
ok: [localhost]
TASK [ssh_tunneling : Ensure that the SSH users exist] *********************
ok: [localhost] => (item=poipt)
ok: [localhost] => (item=dirtify)
TASK [ssh_tunneling : The authorized keys file created] ********************
ok: [localhost] => (item=poipt)
ok: [localhost] => (item=dirtify)
TASK [ssh_tunneling : Generate SSH fingerprints] ***********************
changed: [localhost]
TASK [ssh_tunneling : Fetch users SSH private keys] **********************
changed: [localhost] => (item=poipt)
changed: [localhost] => (item=dirtify)
TASK [ssh_tunneling : Change mode for SSH private keys] ********************
changed: [localhost -> localhost] => (item=poipt)
changed: [localhost -> localhost] => (item=dirtify)
TASK [ssh_tunneling : Fetch the known_hosts file] **********************
changed: [localhost -> localhost]
TASK [ssh_tunneling : Build the client ssh config] ***********************
changed: [localhost -> localhost] => (item=poipt)
changed: [localhost -> localhost] => (item=dirtify)
TASK [ssh_tunneling : SSH | Get active system users] *********************
skipping: [localhost]
TASK [ssh_tunneling : SSH | Delete non-existing users] *********************
skipping: [localhost] => (item=null)
TASK [wireguard : WireGuard repository configured] ***********************
ok: [localhost]
TASK [wireguard : WireGuard installed] ***************************
ok: [localhost]
TASK [wireguard : Configure unattended-upgrades] ***********************
ok: [localhost]
TASK [wireguard : Ensure the required directories exist] *********************
changed: [localhost -> localhost] => (item=private)
changed: [localhost -> localhost] => (item=public)
TASK [wireguard : Delete the lock files] *************************
skipping: [localhost] => (item=poipt)
skipping: [localhost] => (item=dirtify)
skipping: [localhost] => (item=198.199.93.177)
TASK [wireguard : Generate private keys] *************************
ok: [localhost] => (item=poipt)
ok: [localhost] => (item=dirtify)
ok: [localhost] => (item=198.199.93.177)
'bash'.
TASK [wireguard : Save private keys] ***************************
skipping: [localhost] => (item=None)
skipping: [localhost] => (item=None)
skipping: [localhost] => (item=None)
TASK [wireguard : Touch the lock file] ***************************
skipping: [localhost] => (item=poipt)
skipping: [localhost] => (item=dirtify)
skipping: [localhost] => (item=198.199.93.177)
TASK [wireguard : Generate public keys] **************************
fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a
PLAY RECAP ***********************************
localhost : ok=68 changed=18 unreachable=0 failed=1`
This sounds like #1050 but I didn't really see a good solution to that. Try installing the ansible2.5 branch onto a new Ubuntu 18.04 (not 16.04) server, and using the local install option.
That worked, thanks!
For someone who will face the same problem.
You simply need to remove all *.lock files at /etc/wireguard/
sudo rm -rf /etc/wireguard/*.lock
Thanks for pointing out the wireguard lock files! This problem was giving me a huge headache.
@IlyaGulya @voidlily Think this would look good as a PR for the troubleshooting docs?
You tried to install WireGuard and hit an error message as above, after "TASK [wireguard: Generate public keys]". This error is usually hit when using the local install option on a server that isn't Ubuntu 18.04. You can either upgrade your server to Ubuntu 18.04, or remove *.lock files at /etc/wireguard/ as follows:
sudo rm -rf /etc/wireguard/*.lock
I ran into the issue and was already on 18.04 on kernel 4.13 (latest kernel that my hypervisor would boot), so I'd lean towards the lock files more, but if upgrading solved the problem for other people feel free to leave it in.
@voidlily just to clarify, after removing the *.lock files, you immediately then run /.algo again?
Yes, that's what worked for me
Most helpful comment
Yes, that's what worked for me