ansible issueshttps://dev.funkwhale.audio/funkwhale/ansible/-/issues2023-09-22T09:20:15Zhttps://dev.funkwhale.audio/funkwhale/ansible/-/issues/36Old version of pyopenssl causes trouble2023-09-22T09:20:15ZGeorg KrauseOld version of pyopenssl causes troubleReport: https://forum.funkwhale.audio/d/369-404-during-install/13
https://forum.funkwhale.audio/d/383-update-1210-to-133-failedReport: https://forum.funkwhale.audio/d/369-404-during-install/13
https://forum.funkwhale.audio/d/383-update-1210-to-133-failedhttps://dev.funkwhale.audio/funkwhale/ansible/-/issues/34Migrate to pipx installed Ansible2023-08-23T12:21:57ZGeorg KrauseMigrate to pipx installed AnsibleRight now we are using two different ways to install ansible:
- Install ansible with `pip install --user`, which is the method we used in the past
- Install using custom venv, which we needed to use because debian 12 with python 3.11 do...Right now we are using two different ways to install ansible:
- Install ansible with `pip install --user`, which is the method we used in the past
- Install using custom venv, which we needed to use because debian 12 with python 3.11 doesn't like installations with `--user`
~~Sadly we cannot use pipx, because Debian 12 is still supported and doesn't ship a package, so we can only migrate everyone to a pipx installed ansible after it got EOL, which is 30 Jun 2024.~~
Debian 11 doesn't have a pipx package available, so we need to figure how to handle this and the EOL of Debian 10 doesn't really matter.2024-07-31https://dev.funkwhale.audio/funkwhale/ansible/-/issues/32Make sources owned by root2023-01-18T09:09:36ZGeorg KrauseMake sources owned by rootThe following discussion from !35 should be addressed:
- [ ] @jooola started a [discussion](https://dev.funkwhale.audio/funkwhale/ansible/-/merge_requests/35#note_44319): (+1 comment)
> I think source files should not be writable ...The following discussion from !35 should be addressed:
- [ ] @jooola started a [discussion](https://dev.funkwhale.audio/funkwhale/ansible/-/merge_requests/35#note_44319): (+1 comment)
> I think source files should not be writable by the runtime funkwhale user. This should be owned by root.https://dev.funkwhale.audio/funkwhale/ansible/-/issues/31‘funkwhale_version’ might be undefined for task “Set version to install”2022-12-28T04:07:37ZBen Finney‘funkwhale_version’ might be undefined for task “Set version to install”The task “Set version to install” depends on a value set for the variable ‘funkwhale_version’:
```yaml
- name: Set version to install
set_fact:
funkwhale_install_version: "{{ latest_version.get('content', funkwhale_version) | trim...The task “Set version to install” depends on a value set for the variable ‘funkwhale_version’:
```yaml
- name: Set version to install
set_fact:
funkwhale_install_version: "{{ latest_version.get('content', funkwhale_version) | trim }}"
```
That variable, though, is not defined anywhere in the Ansible role.
So, when that condition is not met, the task “Check latest version” is not run, the ‘latest_version’ variable is undefined, and then the task “Set version to install” fails with an error:
```
$ ansible-playbook ansible/playbooks/site.ansible.yaml --check --diff
[…]
TASK [funkwhale : Check latest version] ******************************************************************************************************************************************************************************************************
skipping: [lindale.whitetree]
TASK [funkwhale : Set version to install] ****************************************************************************************************************************************************************************************************
fatal: [lindale.whitetree]: FAILED! =>
msg: |-
The task includes an option with an undefined variable. The error was: 'funkwhale_version' is undefined. 'funkwhale_version' is undefined
The error appears to be in '/home/bignose/.ansible/roles/funkwhale/tasks/funkwhale.yml': line 9, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: Set version to install
^ here
```https://dev.funkwhale.audio/funkwhale/ansible/-/issues/30Django secret key unreadable by “Retrieve secret key” task2023-07-03T21:30:54ZBen FinneyDjango secret key unreadable by “Retrieve secret key” taskThe task “Retrieve secret key from […]/django_secret_key” fails to read the generated secret key:
```
TASK [funkwhale : Create django_secret_key file] *************************************************************************************...The task “Retrieve secret key from […]/django_secret_key” fails to read the generated secret key:
```
TASK [funkwhale : Create django_secret_key file] *********************************************************************************************************************************************************************************************
--- before
+++ after: /home/bignose/.ansible/tmp/ansible-local-1119292ag4jz_a4/tmpbalcqqb6
@@ -0,0 +1 @@
+0e19646133b3e306ac4d03dca5f57cc6430d29c37e09a1bd47
\ No newline at end of file
changed: [lindale.whitetree]
TASK [funkwhale : Setup a dummy secret key] **************************************************************************************************************************************************************************************************
skipping: [lindale.whitetree]
TASK [funkwhale : Retrieve secret key from /srv/funkwhale/config/django_secret_key] **********************************************************************************************************************************************************
fatal: [lindale.whitetree]: FAILED! => changed=false
msg: 'file is not readable: /srv/funkwhale/config/django_secret_key'
```
This is because the task “Create django_secret_key file” correctly sets the file as readable only by the application user:
```
$ ls -l /srv/funkwhale/config/django_secret_key
-rw------- 1 funkwhale funkwhale 50 Dec 25 13:30 /srv/funkwhale/config/django_secret_key
```
but the “Retrieve secret key” task does not act as that user.
Instead, the “Retrieve secret key” task should use `become` and `become_user` to act as that application user on the remote host.https://dev.funkwhale.audio/funkwhale/ansible/-/issues/29Upgrade order incorrect2022-12-20T04:07:47ZJanekUpgrade order incorrect```sh
❯ sudo sh -c "$(curl -sSL https://get.funkwhale.audio/upgrade.sh)"
[Beginning upgrade]
[1/4] Retrieving currently installed version from /srv/funkwhale/ansible/playbook.yml
[1/4] No target version specified, retrieving latest vers...```sh
❯ sudo sh -c "$(curl -sSL https://get.funkwhale.audio/upgrade.sh)"
[Beginning upgrade]
[1/4] Retrieving currently installed version from /srv/funkwhale/ansible/playbook.yml
[1/4] No target version specified, retrieving latest version from https://docs.funkwhale.audio/latest.txt
Upgrade summary:
- Current version: 1.1.4
- Target version: 1.2.9
- Upgrading may cause temporary downtime on your pod
Do you want to proceed with the upgrade? [YES/no]:
[2/4] Replacing current version number in /srv/funkwhale/ansible/playbook.yml…
[3/4] Upgrading ansible dependencies...
[3/4] Upgrading Funkwhale using ansible playbook in /srv/funkwhale/ansible...
Traceback (most recent call last):
File "/root/.local/bin/ansible-galaxy", line 32, in <module>
from ansible import context
ModuleNotFoundError: No module named 'ansible'
❯ sudo sh -c "$(curl -sSL https://get.funkwhale.audio/upgrade.sh)"
[Beginning upgrade]
[1/4] Retrieving currently installed version from /srv/funkwhale/ansible/playbook.yml
[1/4] No target version specified, retrieving latest version from https://docs.funkwhale.audio/latest.txt
Upgrade summary:
- Current version: 1.2.9
- Target version: 1.2.9
- Upgrading may cause temporary downtime on your pod
Do you want to proceed with the upgrade? [YES/no]:
[2/4] Replacing current version number in /srv/funkwhale/ansible/playbook.yml…
[3/4] Upgrading ansible dependencies...
[3/4] Upgrading Funkwhale using ansible playbook in /srv/funkwhale/ansible...
Traceback (most recent call last):
File "/root/.local/bin/ansible-galaxy", line 32, in <module>
from ansible import context
ModuleNotFoundError: No module named 'ansible'
```
The version number should only be upgraded after the upgrade was successful.
Why ansible is missing (just as celery, looking at the logs), is still a mystery to me.https://dev.funkwhale.audio/funkwhale/ansible/-/issues/21Delete venv and recreate it to avoid issues2022-02-20T04:04:05ZGeorg KrauseDelete venv and recreate it to avoid issueshttps://dev.funkwhale.audio/funkwhale/ansible/-/issues/19TASK [funkwhale: Create letsencrypt certificate] FAILED2021-08-19T04:04:09ZDanielTASK [funkwhale: Create letsencrypt certificate] FAILED<!--
Hi there! You are reporting a bug on this project, and we want to thank you!
If it's the first time you post here, please take a moment to read our Code of Conduct
(https://funkwhale.audio/code-of-conduct/) and ensure your issue re...<!--
Hi there! You are reporting a bug on this project, and we want to thank you!
If it's the first time you post here, please take a moment to read our Code of Conduct
(https://funkwhale.audio/code-of-conduct/) and ensure your issue respect our guidelines.
To ensure your bug report is as useful as possible, please try to stick
to the following structure. You can leave the parts text between `<!- ->`
markers untouched, they won't be displayed in your final message.
Please do not edit the following line, it's used for automatic classification
-->
## Steps to reproduce
Try installing funkwhale using the 'Quick Install' script.
## What happens?
When I try installing funkwhale using the 'Quick Install' guide, I get an error on 'Create letsencrypt certificate'. **I know that Let's Encrypt recently changed their way of verifying ownership of a domain.**
## What is expected?
Successfully installing funkwhale.
## Context
![output](/uploads/7d959755412c557104d166de3767f4c2/output.png)
I'm using Debian 11 (5.10.0-8-amd64) and I can't install funkwhale using the 'Quick Install' script `sudo sh -c "$(curl -sSL https://get.funkwhale.audio/)"`https://dev.funkwhale.audio/funkwhale/ansible/-/issues/18Certbot not working as expected on Ubuntu 20.04 and 21.042022-01-17T12:32:50ZCiarán Ainsworthsporiff@funkwhale.audioCertbot not working as expected on Ubuntu 20.04 and 21.04We've received the following report [through Twitter](https://twitter.com/komputerow/status/1392505480971526150?s=21):
> Hey, @funkwhaleaudio! Your automatic ansible-based istall is broken on ubuntu 20.04 and 21.04 The solution is to ru...We've received the following report [through Twitter](https://twitter.com/komputerow/status/1392505480971526150?s=21):
> Hey, @funkwhaleaudio! Your automatic ansible-based istall is broken on ubuntu 20.04 and 21.04 The solution is to run sudo snap install certbot --classic before running your scripthttps://dev.funkwhale.audio/funkwhale/ansible/-/issues/17Funkwhale worker not running after quick install2021-04-05T09:56:25ZGeorg KrauseFunkwhale worker not running after quick installI got several reports that the `funkwhale-worker` is not running after the quick install.I got several reports that the `funkwhale-worker` is not running after the quick install.https://dev.funkwhale.audio/funkwhale/ansible/-/issues/12Missing dependency on Ansible install and problem with Ansible - wheel2021-03-19T21:16:26ZGhost UserMissing dependency on Ansible install and problem with Ansible - wheelHi, I've installed Funkwhale on a new Debian 10 server.
I have followed the installation guide on the documentation.
```
[2/4] Installing Ansible...
Collecting ansible==2.8.2
Downloading https://files.pythonhosted.org/packages/d8/b5/...Hi, I've installed Funkwhale on a new Debian 10 server.
I have followed the installation guide on the documentation.
```
[2/4] Installing Ansible...
Collecting ansible==2.8.2
Downloading https://files.pythonhosted.org/packages/d8/b5/5c5eb96463427da7b7206ff22a3470aae374656de2317eaac41dfb69a64a/ansible-2.8.2.tar.gz (14.3MB)
100% |████████████████████████████████| 14.3MB 99kB/s
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 1, in <module>
ModuleNotFoundError: No module named 'setuptools'
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-install-qtrr3qk8/ansible/`
after giving apt install python3-setuptools the installation proceeded as expected but gave a small error about failing building wheel for ansible.
`Building wheels for collected packages: ansible
Running setup.py bdist_wheel for ansible ... error
Complete output from command /usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-w71a4y3d/ansible/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" bdist_wheel -d /tmp/pip-wheel-_byqi297 --python-tag cp37:
usage: -c [global_opts] cmd1 [cmd1_opts] [cmd2 [cmd2_opts] ...]
or: -c --help [cmd1 cmd2 ...]
or: -c --help-commands
or: -c cmd --help
error: invalid command 'bdist_wheel'
----------------------------------------
Failed building wheel for ansible
Running setup.py clean for ansible
Failed to build ansible
Installing collected packages: ansible, psycopg2-binary
Running setup.py install for ansible ... done
Successfully installed ansible-2.8.2 psycopg2-binary-2.8.6
[2/4] Creating ansible configuration files in /srv/funkwhale/ansible...
[2/4] Downloading Funkwhale playbook dependencies
- extracting funkwhale to /root/.ansible/roles/funkwhale
- funkwhale (master) was installed successfully
[3/4] Installing Funkwhale using ansible playbook in /srv/funkwhale/ansible...
[3/4] Applying playbook with:
/root/.local/bin/ansible-playbook -i /srv/funkwhale/ansible/inventory.ini /srv/funkwhale/ansible/playbook.yml -u root --diff
```
but the installation went on and finished correctly.
![setup-tools](/uploads/a1861384d28de5e909f3a9cddcdcc8cb/setup-tools.png)
![wheel-ansible](/uploads/23cf3c7ee5e4840589b5d9acc276614d/wheel-ansible.png)backloghttps://dev.funkwhale.audio/funkwhale/ansible/-/issues/10Automatic cert renewal is broken (possibly due to cron env?)2021-12-27T19:58:33ZxenofemAutomatic cert renewal is broken (possibly due to cron env?)I'm consistently finding that the certbot renewal cronjob fails when a certificate actually needs renewing. It looks like the ACME challenge request that certbot makes to the server returns a 404 page instead of the correct response. Whe...I'm consistently finding that the certbot renewal cronjob fails when a certificate actually needs renewing. It looks like the ACME challenge request that certbot makes to the server returns a 404 page instead of the correct response. When I run the exact same command from the crontab in a shell, it works fine and the certificate gets renewed. Possibly there's something missing from the environment cron runs commands in?
This is what the error looks like (redacting my domain name, IP, and the actual acme challenge path)
```
Challenge failed for domain example.com
http-01 challenge for example.com
Reporting to user: The following errors were reported by the server:
Domain: example.com
Type: unauthorized
Detail: Invalid response from https://example.com/.well-known/acme-challenge/SoMeR4Nd0mJuNk [my ip address]: "\n<!doctype html>\n<html lang=\"en\">\n<head>\n <title>Not Found</title>\n</head>\n<body>\n <h1>Not Found</h1><p>The requested resource"
```https://dev.funkwhale.audio/funkwhale/ansible/-/issues/2Systemd process not restarted properly after playbook run2021-03-16T04:22:52ZAgateSystemd process not restarted properly after playbook runThis issue is forked from https://dev.funkwhale.audio/funkwhale/ansible/merge_requests/3#note_14741.
cc @kevitThis issue is forked from https://dev.funkwhale.audio/funkwhale/ansible/merge_requests/3#note_14741.
cc @kevithttps://dev.funkwhale.audio/funkwhale/ansible/-/issues/1Make media and music directories configurable during installation2022-12-16T10:30:32ZAgateMake media and music directories configurable during installationAs suggested in https://governance.funkwhale.audio/d/uLmPZ8yw/allow-for-the-custom-configuration-of-a-new-storage-directory-for-music-and-mediaAs suggested in https://governance.funkwhale.audio/d/uLmPZ8yw/allow-for-the-custom-configuration-of-a-new-storage-directory-for-music-and-mediabacklog