-
Notifications
You must be signed in to change notification settings - Fork 116
Solutions to problems you may encounter
- Tasks are skipped when you're positive they shouldn't be skipped
- Error when gathering facts while running Ansible
- Randomly locked out of SSH with an SSH exchange error
- Containers are unable to ping external hosts
Chances are you forgot to add the host to the inventory for the role that's being skipped. For example if you want to deploy a rails application and it gets skipped then you would add this to your inventory file:
[debops_rails_deploy]
yourhostname
Run the command with -vvvv
and you will see that is likely due to SSH warning you that it may have detected a DNS spoofing attempt.
This occurs when you use the same container name as one that was previously deleted. The fix requires you to run this:
ssh-keygen -f "~/.ssh/known_hosts" -R YOURCONTAINERNAME
The ferm role will block ssh connections after you attempt to connect too many times in a row. This is a security precaution to prevent brute force attacks.
If you are testing things locally you may want to add this to:
inventory/group_vars/all.yml
file:
# White list your local network from ever being blocked.
sshd_allow: ['192.168.0.0/16']
Then re-run Ansible on all hosts: debops -t sshd
.
The local IP address of your controller likely changed. You should turn on nat masquerading by adding this to your controller's inventory:
nat_masquerade: True
Then re-run Ansible on your controller: debops -l ansible_controllers -t nat,debops_lxc
.
Gitlab creates a default root account for you when it gets setup, the credentials are:
Username: root
Password: 5iveL!fe
You should immediately change the password to something secure.
This is likely due to 1 of 2 things:
- Your IP address is not set in the allowed list for that pg cluster.
- The network interface is incorrect (it defaults to using br2).
Open your inventory and make sure your pg cluster settings look similar to this:
postgresql_default_cluster:
- name: 'main'
port: '5432'
# Allow everyone to potentially connect to postgresql.
listen_addresses: '0.0.0.0'
# Let postgresql accept connections from this IP range.
# You can pass in either a single address, IP range, or a group of hosts.
hba:
- address: '192.168.0.0/16'
# Uncomment the line below if you're not using br2.
#interface: 'eth0'
# Only allow this range of IPs to connect through the firewall.
# Feel free to add individual hosts here as well.
allow:
- '192.168.0.0/16'