Digital Ocean Deploy from Mac not working
larryqiann opened this issue · 4 comments
larryqiann commented
Describe the bug
A clear and concise description of what the bug is.
The script fails at creating a droplet when deploying from macOS (latest) to Digital Ocean.
To Reproduce
Steps to reproduce the behavior:
- Follow instructions on the page
- Note error
Expected behavior
The server should deploy a droplet.
Additional context
Add any other context about the problem here.
Full log
PUT THE OUTPUT HERE
(.env) mini@minis-Mac-mini algo % ./algo
PLAY [localhost] *********************************************************************************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************************************************************************
ok: [localhost]
TASK [Playbook dir stat] *************************************************************************************************************************************************************
ok: [localhost]
TASK [Ensure Ansible is not being run in a world writable directory] *****************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
[WARNING]: The value '' is not a valid IP address or network, passing this value to ipaddr filter might result in breaking change in future.
TASK [Ensure the requirements installed] *********************************************************************************************************************************************
ok: [localhost]
TASK [Set required ansible version as a fact] ****************************************************************************************************************************************
ok: [localhost] => (item=ansible-core==2.12.3)
TASK [Verify Python meets Algo VPN requirements] *************************************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [Verify Ansible meets Algo VPN requirements] ************************************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
[WARNING]: Found variable using reserved name: no_log
PLAY [Ask user for the input] ********************************************************************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************************************************************************
ok: [localhost]
[Cloud prompt]
What provider would you like to use?
1. DigitalOcean
2. Amazon Lightsail
3. Amazon EC2
4. Microsoft Azure
5. Google Compute Engine
6. Hetzner Cloud
7. Vultr
8. Scaleway
9. OpenStack (DreamCompute optimised)
10. CloudStack (Exoscale optimised)
11. Linode
12. Install to existing Ubuntu 18.04 or 20.04 server (for more advanced users)
Enter the number of your desired provider
:
1^M
TASK [Cloud prompt] ******************************************************************************************************************************************************************
ok: [localhost]
TASK [Set facts based on the input] **************************************************************************************************************************************************
ok: [localhost]
[VPN server name prompt]
Name the vpn server
[algo]
:
^M
TASK [VPN server name prompt] ********************************************************************************************************************************************************
ok: [localhost]
[Cellular On Demand prompt]
Do you want macOS/iOS clients to enable "Connect On Demand" when connected to cellular networks?
[y/N]
:
n^M
TASK [Cellular On Demand prompt] *****************************************************************************************************************************************************
ok: [localhost]
[Wi-Fi On Demand prompt]
Do you want macOS/iOS clients to enable "Connect On Demand" when connected to Wi-Fi?
[y/N]
:
n^M
TASK [Wi-Fi On Demand prompt] ********************************************************************************************************************************************************
ok: [localhost]
[Retain the PKI prompt]
Do you want to retain the keys (PKI)? (required to add users in the future, but less secure)
[y/N]
:
y^M
TASK [Retain the PKI prompt] *********************************************************************************************************************************************************
ok: [localhost]
[DNS adblocking prompt]
Do you want to enable DNS ad blocking on this VPN server?
[y/N]
:
y^M
TASK [DNS adblocking prompt] *********************************************************************************************************************************************************
ok: [localhost]
[SSH tunneling prompt]
Do you want each user to have their own account for SSH tunneling?
[y/N]
:
n^M
TASK [SSH tunneling prompt] **********************************************************************************************************************************************************
ok: [localhost]
TASK [Set facts based on the input] **************************************************************************************************************************************************
ok: [localhost]
PLAY [Provision the server] **********************************************************************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************************************************************************
ok: [localhost]
--> Please include the following block of text when reporting issues:
Algo running on: macOS 12.2.1
Created from git clone. Last commit: 9f241b1 Bump ansible-core from 2.12.1 to 2.12.3 (#14425)
Python 3.9.10
Runtime variables:
algo_provider "digitalocean"
algo_ondemand_cellular "False"
algo_ondemand_wifi "False"
algo_ondemand_wifi_exclude "X251bGw="
algo_dns_adblocking "True"
algo_ssh_tunneling "False"
wireguard_enabled "True"
dns_encryption "True"
TASK [Display the invocation environment] ********************************************************************************************************************************************
changed: [localhost]
TASK [Install the requirements] ******************************************************************************************************************************************************
ok: [localhost]
TASK [Generate the SSH private key] **************************************************************************************************************************************************
ok: [localhost]
TASK [Generate the SSH public key] ***************************************************************************************************************************************************
ok: [localhost]
TASK [Copy the private SSH key to /tmp] **********************************************************************************************************************************************
ok: [localhost]
TASK [Include a provisioning role] ***************************************************************************************************************************************************
[cloud-digitalocean : pause]
Enter your API token. The token must have read and write permissions (https://cloud.digitalocean.com/settings/api/tokens):
(output is hidden):
TASK [cloud-digitalocean : pause] ****************************************************************************************************************************************************
ok: [localhost]
TASK [cloud-digitalocean : Set the token as a fact] **********************************************************************************************************************************
ok: [localhost]
TASK [cloud-digitalocean : Get regions] **********************************************************************************************************************************************
ok: [localhost]
TASK [cloud-digitalocean : Set facts about the regions] ******************************************************************************************************************************
ok: [localhost]
TASK [cloud-digitalocean : Set default region] ***************************************************************************************************************************************
ok: [localhost]
[cloud-digitalocean : pause]
What region should the server be located in?
1. ams2 Amsterdam 2
2. ams3 Amsterdam 3
3. blr1 Bangalore 1
4. fra1 Frankfurt 1
5. lon1 London 1
6. nyc1 New York 1
7. nyc2 New York 2
8. nyc3 New York 3
9. sfo1 San Francisco 1
10. sfo2 San Francisco 2
11. sfo3 San Francisco 3
12. sgp1 Singapore 1
13. tor1 Toronto 1
Enter the number of your desired region
[8]
:
10^M
TASK [cloud-digitalocean : pause] ****************************************************************************************************************************************************
ok: [localhost]
TASK [cloud-digitalocean : Set additional facts] *************************************************************************************************************************************
ok: [localhost]
TASK [cloud-digitalocean : Upload the SSH key] ***************************************************************************************************************************************
ok: [localhost]
TASK [cloud-digitalocean : Creating a droplet...] ************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: AttributeError: 'NoneType' object has no attribute 'get'
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"<stdin>\", line 107, in <module>\n File \"<stdin>\", line 99, in _ansiballz_main\n File \"<stdin>\", line 47, in invoke_module\n File \"/opt/homebrew/Cellar/python@3.9/3.9.10/Frameworks/Python.framework/Versions/3.9/lib/python3.9/runpy.py\", line 210, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/opt/homebrew/Cellar/python@3.9/3.9.10/Frameworks/Python.framework/Versions/3.9/lib/python3.9/runpy.py\", line 97, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/opt/homebrew/Cellar/python@3.9/3.9.10/Frameworks/Python.framework/Versions/3.9/lib/python3.9/runpy.py\", line 87, in _run_code\n exec(code, run_globals)\n File \"/var/folders/h4/4f2_6k_s7qz0_m8lj6dx_wd00000gn/T/ansible_digital_ocean_droplet_payload_ik7j807b/ansible_digital_ocean_droplet_payload.zip/ansible_collections/community/digitalocean/plugins/modules/digital_ocean_droplet.py\", line 869, in <module>\n File \"/var/folders/h4/4f2_6k_s7qz0_m8lj6dx_wd00000gn/T/ansible_digital_ocean_droplet_payload_ik7j807b/ansible_digital_ocean_droplet_payload.zip/ansible_collections/community/digitalocean/plugins/modules/digital_ocean_droplet.py\", line 865, in main\n File \"/var/folders/h4/4f2_6k_s7qz0_m8lj6dx_wd00000gn/T/ansible_digital_ocean_droplet_payload_ik7j807b/ansible_digital_ocean_droplet_payload.zip/ansible_collections/community/digitalocean/plugins/modules/digital_ocean_droplet.py\", line 819, in core\n File \"/var/folders/h4/4f2_6k_s7qz0_m8lj6dx_wd00000gn/T/ansible_digital_ocean_droplet_payload_ik7j807b/ansible_digital_ocean_droplet_payload.zip/ansible_collections/community/digitalocean/plugins/modules/digital_ocean_droplet.py\", line 708, in create\nAttributeError: 'NoneType' object has no attribute 'get'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
TASK [include_tasks] *****************************************************************************************************************************************************************
included: /Users/mini/Desktop/algo/playbooks/rescue.yml for localhost
TASK [debug] *************************************************************************************************************************************************************************
ok: [localhost] => {
"fail_hint": [
"Sorry, but something went wrong!",
"Please check the troubleshooting guide.",
"https://trailofbits.github.io/algo/troubleshooting.html"
]
}
TASK [Fail the installation] *********************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed as requested from task"}
PLAY RECAP ***************************************************************************************************************************************************************************
localhost : ok=33 changed=1 unreachable=0 failed=1 skipped=1 rescued=1 ignored=0
davidemyers commented
This appears to be an issue with Droplet availability in DigitalOcean regions. I was able to deploy to nyc3 and sfo3 but encountered the same error with sfo1 and sfo2. If I attempt to create a Droplet from the DigitalOcean web page I see this:
davidemyers commented
Here's a patch you can apply to your copy of Algo with git apply that should only show you the available regions. Let me know if this works for you and I'll submit a PR.
diff --git a/roles/cloud-digitalocean/tasks/prompts.yml b/roles/cloud-digitalocean/tasks/prompts.yml
index b288d93..5fdfe4a 100644
--- a/roles/cloud-digitalocean/tasks/prompts.yml
+++ b/roles/cloud-digitalocean/tasks/prompts.yml
@@ -24,7 +24,7 @@
- name: Set facts about the regions
set_fact:
- do_regions: "{{ _do_regions.json.regions | sort(attribute='slug') }}"
+ do_regions: "{{ _do_regions.json.regions | selectattr('available', 'true') | sort(attribute='slug') }}"
- name: Set default region
set_fact:dimazen commented
@davidemyers I can confirm that it is working for me. At least list of available regions was smaller as well as I was finally able to proceed.
cojarbi commented
Im having the same issue after making this changes.