netmaker
netmaker copied to clipboard
gravitl
[Bug]: Installation fails
aa### Contact Details
No response
What happened?
I spent several hours already trying to install netmaker following instalation instructions exactly like they are described on github, ignoring https://docs.netmaker.io/install.html because they are obsolete https://github.com/gravitl/netmaker/issues/2790
even the process looks easy, it fails with: Error Status: 403 Response: {"Code":403,"Message":"invalid license: empty license-key (LICENSE_KEY environment variable)"}
Seems to me that it not problem of code but documentation. By default it's installing PRO, but I don't have any registration.
I would love to see login page, but getting nowhere so far.
I redacted domain and ip in log
Version
v0.22.0
What OS are you using?
Linux
Relevant log output
./nm-quick.sh
Using config: /root/netmaker.env
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
__ __ ______ ______ __ __ ______ __ __ ______ ______
/\ "-.\ \ /\ ___\ /\__ _\ /\ "-./ \ /\ __ \ /\ \/ / /\ ___\ /\ == \
\ \ \-. \ \ \ __\ \/_/\ \/ \ \ \-./\ \ \ \ __ \ \ \ _"-. \ \ __\ \ \ __<
\ \_\\"\_\ \ \_____\ \ \_\ \ \_\ \ \_\ \ \_\ \_\ \ \_\ \_\ \ \_____\ \ \_\ \_\
\/_/ \/_/ \/_____/ \/_/ \/_/ \/_/ \/_/\/_/ \/_/\/_/ \/_____/ \/_/ /_/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-----------Build Options-----------------------------
Pro or CE: pro
Build Tag: v0.22.0
Image Tag: v0.22.0
Installer: v0.1.1
-----------------------------------------------------
checking dependencies...
Hit:1 http://deb.debian.org/debian bookworm InRelease
Hit:2 http://deb.debian.org/debian bookworm-updates InRelease
Hit:3 http://security.debian.org/debian-security bookworm-security InRelease
Hit:4 https://download.docker.com/linux/debian bookworm InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
1 package can be upgraded. Run 'apt list --upgradable' to see it.
git is installed
wireguard is installed
wireguard-tools is installed
dnsutils is installed
jq is installed
docker.io is installed
docker-compose is installed
grep is installed
gawk is installed
-----------------------------------------------------
dependency check complete
-----------------------------------------------------
-----------------------------------------------------
Would you like to use your own domain for netmaker, or an auto-generated domain?
To use your own domain, add a Wildcard DNS record (e.x: *.netmaker.example.com) pointing to 11.11.11.11
IMPORTANT: Due to the high volume of requests, the auto-generated domain has been rate-limited by the certificate provider.
For this reason, we STRONGLY RECOMMEND using your own domain. Using the auto-generated domain may lead to a failed installation due to rate limiting.
-----------------------------------------------------
1) Auto Generated (nm.217-16-183-148.nip.io)
2) Custom Domain (e.x: netmaker.example.com)
#? 2
Enter Custom Domain (make sure *.domain points to 11.11.11.11 first): vpn.domain.eu
using vpn.domain.eu
. . .
. . .
-----------------------------------------------------
The following subdomains will be used:
dashboard.vpn.domain.eu
api.vpn.domain.eu
broker.vpn.domain.eu
-----------------------------------------------------
before continuing, confirm DNS is configured correctly, with records pointing to 11.11.11.11
Does everything look right? [y/n]: y
. . .
Email Address for Domain Registration (click 'enter' to use [email protected]): [email protected]
. . .
Enter Credentials For MQ...
MQ Username (click 'enter' to use 'netmaker'):
using default username for mq
1) Auto Generated / Config Password
2) Input Your Own Password
#? 1
using random password for mq
. . .
. . .
-----------------------------------------------------------------
SETUP ARGUMENTS
-----------------------------------------------------------------
domain: vpn.domain.eu
email: [email protected]
public ip: 11.11.11.11
-----------------------------------------------------------------
Confirm Settings for Installation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Does everything look right? [y/n]: y
-----------------------------------------------------------------
Beginning installation...
-----------------------------------------------------------------
. . .
. . .
. . .
Pulling config files...
Saving the config to /root/netmaker.env
Starting containers...
Creating netmaker ... done
Creating caddy ... done
Creating netmaker-ui ... done
Creating coredns ... done
Creating mq ... done
/root
. . .
. . .
Testing Caddy setup (please be patient, this may take 1-2 minutes)
Certificates ok
Downloading nmctl...
using server api.vpn.domain.eu
using master key csacsacgrecascascas
2024/01/24 23:35:20 Error Status: 403 Response: {"Code":403,"Message":"invalid license: empty license-key (LICENSE_KEY environment variable)"}
. . .
. . .
. . .
. . .
. . .
2024/01/24 23:35:26 Error Status: 403 Response: {"Code":403,"Message":"invalid license: empty license-key (LICENSE_KEY environment variable)"}
./nm-quick.sh: line 636: [: : integer expression expected
Obtaining a netmaker enrollment key...
2024/01/24 23:35:26 Error Status: 403 Response: {"Code":403,"Message":"invalid license: empty license-key (LICENSE_KEY environment variable)"}
Error creating an enrollment key
Contributing guidelines
- [X] Yes, I did.
i guess I figured out how to enter the licence key, but still
curl answers with OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error
there no apparent error in any docker logs
we have updated the install script yesterday, to install Pro by default and if it's a fresh install then you get 14-day free trial.
i guess I figured out how to enter the licence key, but still
curl answers with OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error
there no apparent error in any docker logs
this looks like problem with your ssl certs, can you check logs of caddy container for any errors
Thank you for updating the docs. I still have SSL_ERROR_INTERNAL_ERROR_ALERT problem. I have public ip on mikrotik router. To debug the problem I set the router to forward all ports to netmaker vm. Also ufw firewall in vm is disabled. I assume certificates are stored inside caddy container, so I stopped it and pruned it, hoping that new certificates will be generated. I started whole stack and I saw no error in logs, but it started within 2 seconds, too fast for certificates to be generated.
whole log:
docker compose up
[+] Running 5/0
✔ Container caddy Created 0.1s
✔ Container netmaker Running 0.0s
✔ Container mq Running 0.0s
✔ Container netmaker-ui Running 0.0s
✔ Container coredns Running 0.0s
Attaching to caddy, coredns, mq, netmaker, netmaker-ui
caddy | {"level":"info","ts":1706180783.8069122,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
caddy | {"level":"info","ts":1706180783.813568,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
caddy | {"level":"info","ts":1706180783.8143508,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0002308c0"}
caddy | {"level":"info","ts":1706180783.8145657,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
caddy | {"level":"info","ts":1706180783.814714,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
caddy | {"level":"info","ts":1706180783.8165226,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
caddy | {"level":"info","ts":1706180783.8166883,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
caddy | {"level":"info","ts":1706180783.8169656,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details."}
caddy | {"level":"info","ts":1706180783.817202,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
caddy | {"level":"info","ts":1706180783.8175876,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
caddy | {"level":"info","ts":1706180783.8177028,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["prometheus.vpn.simplecoin.eu","dashboard.vpn.simplecoin.eu","grafana.vpn.simplecoin.eu","broker.vpn.simplecoin.eu","api.vpn.simplecoin.eu","netmaker-exporter.vpn.simplecoin.eu"]}
caddy | {"level":"info","ts":1706180783.8253558,"logger":"tls","msg":"finished cleaning storage units"}
caddy | {"level":"info","ts":1706180783.828106,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
caddy | {"level":"info","ts":1706180783.8281403,"msg":"serving initial configuration"}
@PavelNiedoba In the latest script, the default installation type is pro and you will given a 14-day free trial, post the trial period you can either downgrade to community version or obtain a license from https://app.netmaker.io/ to continue using PRO. https://docs.netmaker.io/install.html