I couldn't connect to my Streisand host after a fresh install.
I noticed that server doesn't seem to be started since
ps aux | grep ss-server
doesn't return anything.
I then tried to restart it via initd:
/etc/init.d/shadowsocks-libev start
But that didn't work either.
Lastly I juts manually started the server from the host console:
# ss-server
2018-03-30 08:55:07 INFO: using tcp fast open
2018-03-30 08:55:07 INFO: plugin "obfs-server" enabled
2018-03-30 08:55:07 INFO: initializing ciphers... chacha20-ietf-poly1305
2018-03-30 08:55:07 INFO: tcp server listening at 127.0.0.1:33860
2018-03-30 08:55:07 INFO: running from root user
2018-03-30 08:55:07 [simple-obfs] INFO: obfuscating enabled
2018-03-30 08:55:07 [simple-obfs] INFO: tcp port reuse enabled
2018-03-30 08:55:07 [simple-obfs] INFO: listening at 195.XXX.YYY.ZZZ:8530
2018-03-30 08:55:07 [simple-obfs] INFO: running from root user
And it worked.
There seems to be a bug related to this specific service.
streisand-diagnostics.md
### Ansible Information
* Ansible version: 2.5.0
* Ansible system: Linux
* Host OS: Archlinux
* Host OS version: NA
* Python interpreter: python
* Python version: 3.6.4
### Streisand Information
* Streisand Git revision: bae2cb531330d69e2a2e307c09a7e17770ff8881
* Streisand Git clone has untracked changes: no
* Genesis role: existing-server
* Custom SSH key: True
### Enabled Roles
* Shadowsocks enabled: True
* Wireguard enabled: True
* OpenVPN enabled: True
* stunnel enabled: True
* Tor enabled: True
* Openconnect enabled: True
* TinyProxy enabled: True
* SSH forward user enabled: True
* L2TP enabled: False
* Configured number of VPN clients: 10
ansible --version :git rev-parse HEAD in your Streisand directory :Same thing, Digitalocean fresh install with default settings except certificates count.
It works only if i launch ss-server -c /etc/shadowsocks-libev/config.json manually.
Ubuntu 16.04 latest update, streisand from today's master branch. Client Android 8.0 Shadowsocks 4.5.5.
UPD: I noticed that service is disabled
root@tuna:~# sudo service shadowsocks-libev status
● shadowsocks-libev.service - Shadowsocks-libev Default Server Service
Loaded: loaded (/lib/systemd/system/shadowsocks-libev.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:shadowsocks-libev(8)
Tried to enable service manually.
This one didn't worked:
root@tuna:~# service shadowsocks-libev enable
root@tuna:~# service shadowsocks-libev start
This one worked:
root@tuna:~# systemctl enable shadowsocks-libev
root@tuna:~# service shadowsocks-libev start
It is working! :) OpenVPN and Tor still working too
This bug is pretty mysterious! It seems to be affecting multiple people lately (e.g. #1293) so I've pulled it into my immediate TODO list.
Anecdotally, I ran a localhost provision of server with only shadowsocks enabled yesterday for something unrelated and the ss-server process was running at the end and the shadowsocks-libev service was both up and enabled. This makes me think its either related to the default service configuration or perhaps is something provider specific. I will try to reproduce using the default service list and DigitalOcean this evening after work.
@alimakki Noticed we were missing daemon_reload: yes in the shadowsocks systemd task:
https://github.com/StreisandEffect/streisand/blob/65173b02470c8a7373a72cfd1b7a5733cb68da8b/playbooks/roles/shadowsocks/tasks/main.yml#L68-L72
That would explain the shadowsocks-libev service not being enabled and ss-server not starting after a reboot.
Anecdotally, I ran a localhost provision of server with only shadowsocks enabled yesterday for something unrelated and the ss-server process was running at the end and the shadowsocks-libev service was both up and enabled.
I went back to this instance and ss-server did come up after first provisioning but I misread the output of systemctl status shadowsocks-libev when I concluded it was enabled. It was not, and so after a reboot ss-server would not have started again.
@alphazo @diman94 Is it possible that when you created your Streisand instance ss-server _did_ start up successfully, but that the server was rebooted (perhaps due to the automatic updates configuration scheduling a reboot) and upon booting again ss-server did not start?
This would make sense since we also explicitly check that a process is listening on the ss-server port before provisioning will continue: https://github.com/StreisandEffect/streisand/blob/65173b02470c8a7373a72cfd1b7a5733cb68da8b/playbooks/roles/shadowsocks/tasks/main.yml#L79-L93
@cpu yes, I rebooted server after installing to check that everthing is working.
@diman94 great, thanks for confirming! this is now fixed in master thanks to @alimakki and #1297
Thanks for reporting the problem everyone!
Most helpful comment
Same thing, Digitalocean fresh install with default settings except certificates count.
It works only if i launch
ss-server -c /etc/shadowsocks-libev/config.jsonmanually.Ubuntu 16.04 latest update, streisand from today's master branch. Client Android 8.0 Shadowsocks 4.5.5.
UPD: I noticed that service is disabled
Tried to enable service manually.
This one didn't worked:
This one worked:
It is working! :) OpenVPN and Tor still working too