ansible-adguard
ansible-adguard copied to clipboard
Freekers
Couple of issues installing on Ubuntu 20.04.6 LTS
Hey, thanks for this cool project! I'm trying to execute the playbook on Ubuntu 20.04.6 LTS and ran into the following problems:
TASK [robertdebock.selinux : assert | Test if selinux_reboot is set correctly] *****************************************
fatal: [127.0.0.1 -> localhost]: FAILED! => {"msg": "The conditional check 'selinux_reboot is boolean' failed. The error was: template error while templating string: no test named 'boolean'. String: {% if selinux_reboot is boolean %} True {% else %} False {% endif %}"}
I temporarily removed the role to be able to proceed.
failed: [127.0.0.1] (item={'username': '<removed>', 'name': '<removed>', 'email': '<removed>', 'groups': 'sudo, adm, ubuntu'}) => {"ansible_loop_var": "item", "changed": false, "item": {"email": "<removed>", "groups": "sudo, adm, ubuntu", "name": "<removed>", "username": "<removed>"}, "msg": "Group ubuntu does not exist"}
To fix this, I removed the ubuntu group under user-management.yml.
TASK [user-management : Add authorized keys] ***************************************************************************
[WARNING]: Unable to find 'ssh-keys/DevSecNinja.key.pub' in expected paths (use -vvvvv to see paths)
fatal: [127.0.0.1]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: ssh-keys/DevSecNinja.key.pub. could not locate file in lookup: ssh-keys/DevSecNinja.key.pub"}
Added my public key to the ssh-keys folder. Might be useful to document this in the readme.
It seems DNS is broken here since I can't resolve any domains like google.com anymore:
TASK [geerlingguy.docker : Ensure dependencies are installed.] *********************************************************
fatal: [127.0.0.1]: FAILED! => {"cache_update_time": 1688294248, "cache_updated": false, "changed": false, "msg": "'/usr/bin/apt-get -y -o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\" install 'apt-transport-https'' failed: E: Failed to fetch http://azure.archive.ubuntu.com/ubuntu/pool/universe/a/apt/apt-transport-https_2.0.9_all.deb Temporary failure resolving 'azure.archive.ubuntu.com'\nE: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?\n", "rc": 100, "stderr": "E: Failed to fetch http://azure.archive.ubuntu.com/ubuntu/pool/universe/a/apt/apt-transport-https_2.0.9_all.deb Temporary failure resolving 'azure.archive.ubuntu.com'\nE: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?\n", "stderr_lines": ["E: Failed to fetch http://azure.archive.ubuntu.com/ubuntu/pool/universe/a/apt/apt-transport-https_2.0.9_all.deb Temporary failure resolving 'azure.archive.ubuntu.com'", "E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?"], "stdout": "Reading package lists...\nBuilding dependency tree...\nReading state information...\nThe following NEW packages will be installed:\n apt-transport-https\n0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.\nNeed to get 1,704 B of archives.\nAfter this operation, 162 kB of additional disk space will be used.\nErr:1 http://azure.archive.ubuntu.com/ubuntu focal-updates/universe amd64 apt-transport-https all 2.0.9\n Temporary failure resolving 'azure.archive.ubuntu.com'\n", "stdout_lines": ["Reading package lists...", "Building dependency tree...", "Reading state information...", "The following NEW packages will be installed:", " apt-transport-https", "0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.", "Need to get 1,704 B of archives.", "After this operation, 162 kB of additional disk space will be used.", "Err:1 http://azure.archive.ubuntu.com/ubuntu focal-updates/universe amd64 apt-transport-https all 2.0.9", " Temporary failure resolving 'azure.archive.ubuntu.com'"]}
I guess this comes from the name: Disable internal DNS task since it disables the stub listener. Would it be better to install the packages before disabling the stub listener? Or disabling it just before the Deploy Stack using Docker Compose task to get the port 53 binding to work. Although that task also needs DNS to function since it needs to pull containers.
Host became unreachable after this step (both SSH and HTTPS). Even after a reboot, I couldn't connect anymore (connection refused on SSH):
TASK [cleanup : Remove dependencies that are no longer required Debian]
Hope this helps!
