Check your credentials issue
Closed this issue · 2 comments
Hello,
A few days ago, I had to reprovision a server that's been working fine with trellis backup for 2 years and was getting errors due to the duply or duplicity repo moving. I also saw that this role had changed a bit... mostly usage names... and the lafranceinsoumise/ansible-backup had a bunch of updates as well.
So I deleted both roles from trellis folder and changed trellis-backup to backup and ran galaxy install and provisioning worked fine. But, backups are no longer running.
--- Start running command BKP at 12:15:09.047 ---
Traceback (innermost last):
File "/usr/bin/duplicity", line 1581, in <module>
with_tempdir(main)
File "/usr/bin/duplicity", line 1567, in with_tempdir
fn()
File "/usr/bin/duplicity", line 1406, in main
action = commandline.ProcessCommandLine(sys.argv[1:])
File "/usr/lib/python2.7/dist-packages/duplicity/commandline.py", line 1140, in ProcessCommandLine
backup, local_pathname = set_backend(args[0], args[1])
File "/usr/lib/python2.7/dist-packages/duplicity/commandline.py", line 1015, in set_backend
globals.backend = backend.get_backend(bend)
File "/usr/lib/python2.7/dist-packages/duplicity/backend.py", line 223, in get_backend
obj = get_backend_object(url_string)
File "/usr/lib/python2.7/dist-packages/duplicity/backend.py", line 209, in get_backend_object
return factory(pu)
File "/usr/lib/python2.7/dist-packages/duplicity/backends/_boto_single.py", line 166, in __init__
self.resetConnection()
File "/usr/lib/python2.7/dist-packages/duplicity/backends/_boto_single.py", line 188, in resetConnection
self.conn = get_connection(self.scheme, self.parsed_url, self.storage_uri)
File "/usr/lib/python2.7/dist-packages/duplicity/backends/_boto_single.py", line 99, in get_connection
is_secure=(not globals.s3_unencrypted_connection))
File "/usr/lib/python2.7/dist-packages/boto/storage_uri.py", line 117, in connect
**connection_args)
File "/usr/lib/python2.7/dist-packages/boto/s3/connection.py", line 191, in __init__
validate_certs=validate_certs, profile_name=profile_name)
File "/usr/lib/python2.7/dist-packages/boto/connection.py", line 569, in __init__
host, config, self.provider, self._required_auth_capability())
File "/usr/lib/python2.7/dist-packages/boto/auth.py", line 995, in get_auth_handler
'Check your credentials' % (len(names), str(names)))
NoAuthHandlerFound: No handler was ready to authenticate. 1 handlers were checked. ['S3HmacAuthV4Handler'] Check your credentials
I did see that the lafranceinsoumise removed back_target_user and pass and wrote to use:
backup_env:
AWS_ACCESS_KEY_ID: aws_access_key
AWS_SECRET_ACCESS_KEY: aws_secret
instead but saw no changes here to reflect that and from what I see.. it should still I did try adding the above to my vault but there was no change.
The last thing I saw was my serve is using duplicity 0.7.19 and i saw that 0.8 is out and not sure if I should maybe upgrade.
I would love to get this working without having to provision about 12 servers from scratch. Any ideas why the authentication error would have popped up after reinstalling the backup and lafranceinsoumise roles?
Thanks!
Josh
Thought it would help to know that I just did a fresh trellis/bedrock site and have the same error. My credential variables aren't getting through for some reason. Thanks.
wordpress_sites.yml backup section:
backup:
enabled: true
auto: true
target: s3://ams3.digitaloceanspaces.com/xxxxxx/xxxxxxx/staging # any location supported by duplicity
schedule: '*/30 * * * *' # cron time of backups (change this value)
purge: true # switch to true to enable automatic purging of old backups
params:
- 'export S3_USE_SIGV4="True"'
vaulty.yml:
env:
backup_target_user: "XXXXXXXX"
backup_target_pass: "XXXXXXXX"
Hi! Please check the documentation of https://github.com/lafranceinsoumise/ansible-backup wich we use internally.
You need to define your AWS_ env variables for the authentication to work. This is indeed changed in duply somewhere in 2017.