ftao
关于OPENVPN 怎么报错怎么解决
fatal: [vpn.saiweivpn.com] => {'msg': "AnsibleError: Failed to template {{ lookup('file', inventory_dir + '/cred/openvpn/server.key') }}: could not locate file in lookup: /root/vpn-deploy-playbook/cred/openvpn/server.key", 'failed': True} fatal: [vpn.saiweivpn.com] => {'msg': 'One or more items failed.', 'failed': True, 'changed': False, 'results': [{'msg': "AnsibleError: Failed to template {{ lookup('file', inventory_dir + '/cred/openvpn/server.key') }}: could not locate file in lookup: /root/vpn-deploy-playbook/cred/openvpn/server.key", 'failed': True}]}
certified 应该是这个role 去安装的, 你看看是否你的系统不支持。 https://github.com/ftao/vpn-deploy-playbook/tree/master/roles/ftao.certified
openvpn 部分好久没动, 我现在也不知道了, 需要有空的的时候重新整理一下了。
An ansible role to install certified in unbuntu/debian server . 上面写的是支持的,我是debian7.0的系统的,
你是在跑 openvpn-server.yml 这个playbook 是吧? 目前我这里可用的正常的openvpn 的设置方法是, 手工先将证书生成好, 然后用 openvpn 这个role . 自动化的应该是上次有尝试一些, 但是没有完全完成, 所以可能有各种问题。
配置如下,
openvpn_use_radius: true
openvpn_radius_servers: "{{ radius_servers }}"
openvpn_cred:
ca: "{{ lookup('file', inventory_dir + '/cred/openvpn/ca.crt') }}"
cert: "{{ lookup('file', inventory_dir + '/cred/openvpn/server.crt') }}"
key: "{{ lookup('file', inventory_dir + '/cred/openvpn/server.key') }}"
dh: "{{ lookup('file', inventory_dir + '/cred/openvpn/dh1024.pem') }}"
https://openvpn.net/index.php/open-source/documentation/miscellaneous/77-rsa-key-management.html
certified 没有找到 这个我装不上,郁闷啊。 echo "deb http://packages.rcrowley.org $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/rcrowley.list sudo wget -O /etc/apt/trusted.gpg.d/rcrowley.gpg http://packages.rcrowley.org/keyring.gpg 这样了也不行。
现在更新了一下, 现在 openvpn.yml 应该OK了 。 之前似乎没有把 ftao.certified 加入到 openvpn.yml 中了。
https://github.com/ftao/vpn-deploy-playbook/wiki/Setup-OpenVPN-Server
No package matching 'certified' 我是没有找到这个包 用http://packages.rcrowley.org 也不能安装啊。
failed: [vpnsaiweivpn] => {"failed": true} msg: No package matching 'certified' is available
FATAL: all hosts have already failed
ubuntu 14.04 也是报错误
TASK: [ftao.certified | install certified] ************************************ failed: [vpnsaiweivpn] => {"failed": true} msg: No package matching 'certified' is available
FATAL: all hosts have already failed -- aborting
PLAY RECAP ******************************************************************** to retry, use: --limit @/root/openvpn.retry
vpnsaiweivpn : ok=10 changed=0 unreachable=0 failed=1
root@nox2008:/home/nox/vpn-deploy-playbook# cat /etc/apt/sources.list.d/packages_rcrowley_org.list deb http://packages.rcrowley.org trusty main root@nox2008:/home/nox/vpn-deploy-playbook#
root@nox2008:/home/nox/vpn-deploy-playbook# apt-cache search certified libgeronimo-jms-1.1-spec-java - Geronimo API implementation of the JMS 1.1 spec libgeronimo-jta-1.1-spec-java - Geronimo API implementation of the JTA 1.1 spec libgeronimo-jta-1.1-spec-java-doc - Documentation for the JTA 1.1 spec empathy-skype - Skype plugin for libpurple messengers (Empathy-specific files) pidgin-skype - Skype plugin for libpurple messengers (Pidgin-specific files) pidgin-skype-common - Skype plugin for libpurple messengers (common files) pidgin-skype-dbg - Skype plugin for libpurple messengers (debug symbols) acl2-books - Computational Logic for Applicative Common Lisp: compiled libraries acl2-books-certs - Computational Logic for Applicative Common Lisp: library certificates jbossas4 - JBoss Application Server jython - Python seamlessly integrated with Java libctapimkt1 - Read German Krankenversichertenkarte and eGK libctapimkt1-dev - Read German Krankenversichertenkarte and eGK (development) libgeronimo-ejb-3.0-spec-java - Geronimo API implementation of the EJB 3.0 spec libgeronimo-interceptor-3.0-spec-java - Geronimo API implementation of the Interceptor 3.0 spec libgeronimo-j2ee-connector-1.5-spec-java - Geronimo API implementation of the J2EE connector 1.5 spec libgeronimo-jacc-1.1-spec-java - Geronimo API implementation of the JACC 1.1 spec libgeronimo-jpa-3.0-spec-java - Geronimo API implementation of the JPA 3.0 spec libiml-dev - Integer Matrix Library, development files libiml0 - Integer Matrix Library, runtime files libjboss-aspects-java - JBoss Aspects libjboss-classloader-java - JBoss Classloader libjboss-cluster-java - JBoss Cluster libjboss-connector-java - JBoss Connector libjboss-deployers-java - JBoss Deployment Framework libjboss-deployment-java - JBoss Deployment libjboss-ejb3-java - JBoss Enterprise Java Beans (EJB) 3.0 libjboss-ejb3x-java - JBoss Enterprise Java Beans (EJB3X) libjboss-integration-java - JBoss Integration libjboss-j2ee-java - JBoss J2EE core libraries libjboss-jms-java - JBoss Java Message Service (JMS) libjboss-managed-java - JBoss Managed libjboss-management-java - JBoss Management libjboss-messaging-java - JBoss Messaging libjboss-metadata-java - JBoss MetaData Repository libjboss-naming-java - JBoss Naming libjboss-reflect-java - JBoss Reflection api for ClassInfo and BeanInfo abstractions libjboss-security-java - JBoss Security libjboss-server-java - JBoss Server libjboss-system-java - JBoss System libjboss-transaction-java - JBoss Transaction libjboss-vfs-java - JBoss Virtual File System libjboss-webservices-java - JBoss Web Services python-nss - Python bindings for Network Security Services (NSS)
root@nox2008:/home/nox/vpn-deploy-playbook# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.2 LTS
Release: 14.04
Codename: trusty
root@nox2008:/home/nox/vpn-deploy-playbook# apt-get update
Hit http://security.ubuntu.com trusty-security InRelease
Ign http://us.archive.ubuntu.com trusty InRelease
Ign http://packages.rcrowley.org trusty InRelease
Hit http://us.archive.ubuntu.com trusty-updates InRelease
Hit http://packages.rcrowley.org trusty Release.gpg
Hit http://security.ubuntu.com trusty-security/main Sources
Hit http://us.archive.ubuntu.com trusty-backports InRelease
Hit http://packages.rcrowley.org trusty Release
Hit http://security.ubuntu.com trusty-security/restricted Sources
Hit http://us.archive.ubuntu.com trusty Release.gpg
Hit http://packages.rcrowley.org trusty/main i386 Packages
Hit http://security.ubuntu.com trusty-security/universe Sources
Hit http://us.archive.ubuntu.com trusty-updates/main Sources
Hit http://security.ubuntu.com trusty-security/multiverse Sources
Hit http://us.archive.ubuntu.com trusty-updates/restricted Sources
Hit http://security.ubuntu.com trusty-security/main i386 Packages
Hit http://us.archive.ubuntu.com trusty-updates/universe Sources
Hit http://security.ubuntu.com trusty-security/restricted i386 Packages
Hit http://us.archive.ubuntu.com trusty-updates/multiverse Sources
Hit http://security.ubuntu.com trusty-security/universe i386 Packages
Hit http://us.archive.ubuntu.com trusty-updates/main i386 Packages
Hit http://security.ubuntu.com trusty-security/multiverse i386 Packages
Hit http://us.archive.ubuntu.com trusty-updates/restricted i386 Packages
Hit http://security.ubuntu.com trusty-security/main Translation-en
Hit http://us.archive.ubuntu.com trusty-updates/universe i386 Packages
Hit http://security.ubuntu.com trusty-security/multiverse Translation-en
Hit http://us.archive.ubuntu.com trusty-updates/multiverse i386 Packages
Hit http://security.ubuntu.com trusty-security/restricted Translation-en
Ign http://packages.rcrowley.org trusty/main Translation-en_US
Hit http://us.archive.ubuntu.com trusty-updates/main Translation-en
Hit http://security.ubuntu.com trusty-security/universe Translation-en
Ign http://packages.rcrowley.org trusty/main Translation-en
Hit http://us.archive.ubuntu.com trusty-updates/multiverse Translation-en
Hit http://us.archive.ubuntu.com trusty-updates/restricted Translation-en
Hit http://us.archive.ubuntu.com trusty-updates/universe Translation-en
Hit http://us.archive.ubuntu.com trusty-backports/main Sources
Hit http://us.archive.ubuntu.com trusty-backports/restricted Sources
Hit http://us.archive.ubuntu.com trusty-backports/universe Sources
Hit http://us.archive.ubuntu.com trusty-backports/multiverse Sources
Hit http://us.archive.ubuntu.com trusty-backports/main i386 Packages
Hit http://us.archive.ubuntu.com trusty-backports/restricted i386 Packages
Hit http://us.archive.ubuntu.com trusty-backports/universe i386 Packages
Hit http://us.archive.ubuntu.com trusty-backports/multiverse i386 Packages
Hit http://us.archive.ubuntu.com trusty-backports/main Translation-en
Hit http://us.archive.ubuntu.com trusty-backports/multiverse Translation-en
Hit http://us.archive.ubuntu.com trusty-backports/restricted Translation-en
Hit http://us.archive.ubuntu.com trusty-backports/universe Translation-en
Hit http://us.archive.ubuntu.com trusty Release
Hit http://us.archive.ubuntu.com trusty/main Sources
Hit http://us.archive.ubuntu.com trusty/restricted Sources
Hit http://us.archive.ubuntu.com trusty/universe Sources
Hit http://us.archive.ubuntu.com trusty/multiverse Sources
Hit http://us.archive.ubuntu.com trusty/main i386 Packages
Hit http://us.archive.ubuntu.com trusty/restricted i386 Packages
Hit http://us.archive.ubuntu.com trusty/universe i386 Packages
Hit http://us.archive.ubuntu.com trusty/multiverse i386 Packages
Hit http://us.archive.ubuntu.com trusty/main Translation-en
Hit http://us.archive.ubuntu.com trusty/multiverse Translation-en
Hit http://us.archive.ubuntu.com trusty/restricted Translation-en
Hit http://us.archive.ubuntu.com trusty/universe Translation-en
Ign http://us.archive.ubuntu.com trusty/main Translation-en_US
Ign http://us.archive.ubuntu.com trusty/multiverse Translation-en_US
Ign http://us.archive.ubuntu.com trusty/restricted Translation-en_US
Ign http://us.archive.ubuntu.com trusty/universe Translation-en_US
Reading package lists... Done