Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"Get first server that listens on http port for default_server roulette" has no attribute 'name' #86

Open
damko opened this issue Dec 14, 2017 · 13 comments

Comments

@damko
Copy link

damko commented Dec 14, 2017

I'm running the latest debops and ansible 2.4.2.0
I'm trying to install owncloud package with nextcloud variant on a vanilla VPS debian stretch fully updated

This is my owncloud.yaml

---
# Which variant of the application should be used?
#
# Supported variants:
#
# * ``owncloud`` (legacy variant, not recommended for new deployments)
# * ``nextcloud`` (Main supported variant in the future. Currently supported on Debian stretch, refer to `issue 45 <https://github.com/debops/ansible-owncloud/issues/45>`_ for details)
#
owncloud__variant: 'nextcloud'
owncloud__release: '12.0'
owncloud__autosetup: True
owncloud__autosetup: True
owncloud__fqdn: 'my.domain.com'
owncloud__admin_username: 'damko'
owncloud__password_length: 20
owncloud__upload_size: '1G'

# Name of the system account which will perform signature and archive verification.
owncloud__system_user: 'nextcloud'

# Name of the primary system group of the Nextcloud account.
owncloud__system_group: 'nextcloud'

# Whether the `ownCloud documents application`_ should be enabled.
# Not enabled by default because, as of ownCloud 9.0, the application is not shipped by default.
# Note that this will install LibreOffice plus dependencies on the server.
owncloud__app_documents_enabled: True

# Should LibreOffice be installed on the server so that the documents app can
# work with proprietary document formats such as Microsoft Office?
owncloud__app_documents_libreoffice_enabled: True

# -------------------------------
#   ownCloud Mail configuration
# -------------------------------
#
# Refer to the `official ownCloud documentation about config.php <https://doc.owncloud.org/server/9.0/admin_manual/configuration_server/config_sample_php_parameters.html#mail-parameters>`__ and the `official ownCloud documentation about email configuration <https://doc.owncloud.org/server/9.0/admin_manual/configuration_server/email_configuration.html>`__ for details.
owncloud__mail_domain: 'domain.com'

# From address that overrides the built-in ``sharing-noreply`` and
# ``lostpassword-noreply`` from addresses.
owncloud__mail_from_address: 'noreply'

# Which mode to use for sending mail.
# Choices are:
# * ``sendmail``
# * ``smtp``
# * ``qmail``
# * ``php``
owncloud__mail_smtpmode: 'sendmail'

# Specify the IP address of your mail server host.
# This may contain multiple hosts separated by a semi-colon. If you need to
# specify the port number append it to the IP address separated by a colon,
# like this: ``127.0.0.1:24``.
# This depends on :envvar:`owncloud__mail_smtpmode`.
owncloud__mail_smtphost: 'smtp.{{ owncloud__domain }}'
owncloud__mail_smtpport: '25'

owncloud__webserver: 'nginx'

# Max children processes to run in php fpm.
# FIXME: Check if default of debops.php_ might be sufficient.
owncloud__php_max_children: '50'

# List of PHP packages recommended by Nextcloud.
# Refer to the `official Nextcloud documentation <https://docs.nextcloud.com/server/11/admin_manual/installation/source_installation.html>`__ for details.
owncloud__recommended_php_packages:
  - 'curl'
  - 'bz2'
  - 'imagick'
  - 'intl'
  - 'mcrypt'

# Should SMB/CIFS be support by installing the required system packages and
# enabling the required ownCloud application?
owncloud__smb_support: True

# PHP data caching. The redis server runs on dcnt
owncloud__apcu_enabled: false
owncloud__redis_enabled: true
owncloud__redis_host: '10.10.0.3'
owncloud__redis_password: 'some pass here'

# ownCloud recommends MySQL or MariaDB as database management system.
# Set to ``False`` to use SQLite.
# Refer to the `official ownCloud documentation <https://doc.owncloud.org/server/9.0/admin_manual/configuration_database/linux_database_configuration.html>`__ for details.
owncloud__database: 'mariadb'

# FQDN of the database server. It will be configured by
# the debops.mariadb_ or debops.postgresql_ role.
owncloud__database_server: '10.10.0.3'
owncloud__database_name: '{{ owncloud__variant }}'
owncloud__database_user: '{{ owncloud__variant }}'
owncloud__database_password: 'some pass here'

When I run

debops service/owncloud -l machine 

I get:

TASK [debops.nginx : Get first server that listens on http port for default_server roulette] ***

fatal: [dctl]: FAILED! => 

{
    "msg": 
    "The task includes an option with an undefined variable. The error was: 'ansible.utils.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'name'

    The error appears to have been in '/home/damko/.local/share/debops/debops-playbooks/roles/debops.nginx/tasks/nginx_servers.yml': line 80, column 3, but may be elsewhere in the file depending on the exact syntax problem.

    The offending line appears to be:
    - name: Get first server that listens on http port for default_server roulette
    ^ here
    exception type: <class 'ansible.errors.AnsibleUndefinedVariable'>
    exception: 'ansible.utils.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'name'"
}

I'm looking into this and I will report what I find. Meanwhile any help is appreciated.

@drybjed
Copy link
Member

drybjed commented Dec 14, 2017

Can you try and run the debops.nginx role by itself on that host? You will need to add it to the [debops_service_nginx] inventory group first.

@damko
Copy link
Author

damko commented Dec 14, 2017

yeah I already did. Same result.

It just finished to execute this command though:

debops --tags="role::owncloud" -l machine

It finished successfully but at a first glance there isn't everything (no vhost for instance). I'm looking at it now.

Now I'm executing the entire playbook to see what happens

@damko
Copy link
Author

damko commented Dec 14, 2017

I'm looking at this portion of the playbook

- name: Get first server that listens on http port for default_server roulette
  set_fact:
    nginx_register_default_server_http: '{{ item.name if item.name is string else item.name[0] | d("default") }}'
  with_flattened: '{{ (nginx__servers + nginx__default_servers + nginx__internal_servers + nginx__dependent_servers +
                   nginx_servers|d([]) + nginx_default_servers|d([]) + nginx_internal_servers|d([]) + nginx_dependent_servers|d([]))

I doubt that the flattened list is empty therefore, out of the top of my head, it might happen that there is no "name" key in the list

Now I'm investigating about the structure that those list are supposed to have and which one can be actually empty

@damko
Copy link
Author

damko commented Dec 14, 2017

Nothing, same issue even after running the entire playbook

I tried putting in my nginx.yaml

nginx_welcome_domain: 'domain.com'

which should populate nginx__default_servers but it doesn't help. This is weird because

nginx__default_servers:
- '{{ nginx_server_welcome }}'

nginx_server_welcome:
  enabled: True
  name: [ 'welcome' ]
  welcome: True
  welcome_domain: '{{ nginx_welcome_domain }}'
  csp: "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self';"
csp_enabled: True

therefore there should be at least one item.name populated

I don't get it

@drybjed
Copy link
Member

drybjed commented Dec 14, 2017

What happens if you remove any custom configuration in the inventory and go with the DebOps defaults? I know that you want to configure it - just check how the defaults behave, then you can add your configuration bit by bit to see where the error is.

You might also need to remove the /etc/ansible/facts.d/nginx.fact file to ensure that the role will try and find the default server every time. This file is not changed once it's created and this my skew the results.

@damko
Copy link
Author

damko commented Dec 14, 2017

You might also need to remove the /etc/ansible/facts.d/nginx.fact

that's a valuable piece of information.

Yes I am proceeding step by step in order to understand where is the issue.

The biggest pain is due to the fact that running the playbook is SO slow. (I don't know if it's due to my slow internet connection)

@drybjed
Copy link
Member

drybjed commented Dec 14, 2017

Since the issue is definitely located in debops.nginx role, you can skip the rest of the roles entirely, using this command:

debops service/owncloud -l host --skip-tags role::ferm,role::mariadb,role::owncloud

The 'debops.ferm' role is particularly slow, sorry about that. You could also add tags to all of the tasks that affect the selection of the default server, add debug tasks that display the result for the HTTP and HTTPS server and run just them - no need to modify the configuration files, checking the variables should be enough.

@damko
Copy link
Author

damko commented Dec 14, 2017

I ran it with
debops service/owncloud -l dctl --skip-tags role::ferm,role::mariadb,role::owncloud
after removing my .yaml file from inventory and after removing .fact

Exactly the same behavior.

I'm going to run it with nginx.yaml

---
nginx__default_servers: [ 'domain.com' ]
nginx_welcome_domain: 'domain.com'
nginx_manage_ipv6only: False

@damko
Copy link
Author

damko commented Dec 14, 2017

which gives (.fact was removed)

TASK [debops.nginx : Create global webroot directories if allowed] **************************

fatal: [dctl]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'ansible.utils.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'name'

The error appears to have been in '/home/damko/.local/share/debops/debops-playbooks/roles/debops.nginx/tasks/nginx_servers.yml': line 3, column 3, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  • name: Create global webroot directories if allowed
    ^ here

    exception type: <class 'ansible.errors.AnsibleUndefinedVariable'>
    exception: 'ansible.utils.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'name'"
    }

@drybjed
Copy link
Member

drybjed commented Dec 14, 2017

Umm.. I guess the issue is lack of documentation for the debops.nginx role. So, some explanation of the variables you just posted.

The nginx__default_server variable is a list of YAML dictionaries, each dictionary defines the configuration of a server. You cannot just put there a domain name and expect the role to generate the correct config. Well, you could, but that's not implemented yet. It's best if you leave the default value as is, and create your server configuration in the nginx__servers variable, again as a YAML dictionary in a list, for example:

nginx__servers:
  - name: 'domain.com'
    enabled: True

Because you used a string instead of a YAML dictionary, the above error showed up. If you change your entry to be similar to the one I wrote above, role should behave correctly.

The nginx_welcome_domain is used in the index.html page generated for the welcome server which should be the default server if nothing else is defined. If other servers are defined, for example by other Ansible roles, the welcome server is generated but shouldn't be normally accessible, unless users try to access the webserver via its IP address and you didn't include it in any other server. You can basically ignore the welcome server for now, it shouldn't normally get in your way.

The nginx_manage_ipv6only variable specifies if the debops.nginx role should manage the ipv6only=off configuration entry. By default it's set to True, in that case the role will add the ipv6only=off configuration entry in the server configuration that includes default_server option, independently for the HTTP and HTTPS servers. This gets tracked in the Ansible local facts and shouldn't change once set. This is because ipv6only=off configuration entry can be specified only once per socket (80, 443).

If you disable the above variable, the role will not manage ipv6only=off by itself. This means that at least in Debian, nginx server will listen only for IPv6 connections by default, not IPv4. This can be useful if you want to configure the TCP ports in some advanced way, so that you can specify multiple listen directives with specific binds for [::] (IPv6) and 0.0.0.0 (IPv4). But this is a host-wide thing, and in that case all of the nginx servers need to be maintained in the same way.

So, unless you know what you want to do, you shouldn't disable nginx_manage_ipv6only variable.

@damko
Copy link
Author

damko commented Dec 14, 2017

Thank you SO much for this explanation! No I see the root of the mistake. Most likely one of the variables in my owncloud.yaml should also be a dictionary but it's not. This would explain the original error.

I guess the issue is lack of documentation for the debops.nginx role
No. Debops is awesome. Period. Here there are few things:

  1. Most important, it's me not being prepared enough

  2. I didn't plan to configure the nginx role and I just wanted to run the nextcloud role (as I did in the past) I was focuse on nextcloud configuration and not on nginx. Mistake by mistake I found myself in the nginx jungle. You probably know how it works

  3. I understand your YAML dictionary (I didn't re-run it yet)

    nginx__servers:

    • name: 'domain.com'
      enabled: True

and this clearly belong to nginx.yaml. Shouldn't this be automatically created by the owncloud role starting from the owncloud__fqdn variable? Maybe I screwed up some variables and that's why it didn't happen?

note: If I had to wish for an improvement in the debops doc it would be to see more "kick start" yaml examples.

@drybjed
Copy link
Member

drybjed commented Dec 14, 2017 via email

@damko
Copy link
Author

damko commented Dec 15, 2017

I'm reporting this in case someone else needs it.
I've got the installation done via debops without errors. Nextcloud still doesn't work (some more tuning is required) but this is already a success.

I deleted /etc/ansible/facts.d/owncloud.fact and /etc/ansible/nginx.fact. Then I ran

debops service/owncloud -l dctl

These are my .yaml files in the inventory dir:

nginx.yaml

---
nginx__servers:
  - name: 'domain.com'
    enabled: True
nginx_webroot_create: False

owncloud.yaml

---
# Which variant of the application should be used?
#
# Supported variants:
#
# * ``owncloud`` (legacy variant, not recommended for new deployments)
# * ``nextcloud`` (Main supported variant in the future. Currently supported on Debian stretch, refer to `issue 45 <https://github.com/debops/ansible-owncloud/issues/45>`_ for details)
#
owncloud__variant: 'nextcloud'
owncloud__release: '12.0'
owncloud__autosetup: True
owncloud__fqdn: 'domain.com'
owncloud__admin_username: 'damko'
owncloud__password_length: 20
owncloud__upload_size: '1G'

# Name of the system account which will perform signature and archive verification.
owncloud__system_user: 'nextcloud'

# Name of the primary system group of the Nextcloud account.
owncloud__system_group: 'nextcloud'

# Whether the `ownCloud documents application`_ should be enabled.
# Not enabled by default because, as of ownCloud 9.0, the application is not shipped by default.
# Note that this will install LibreOffice plus dependencies on the server.
owncloud__app_documents_enabled: True

# Should LibreOffice be installed on the server so that the documents app can
# work with proprietary document formats such as Microsoft Office?
owncloud__app_documents_libreoffice_enabled: True

# -------------------------------
#   ownCloud Mail configuration
# -------------------------------
#
# Refer to the `official ownCloud documentation about config.php <https://doc.owncloud.org/server/9.0/admin_manual/configuration_server/config_sample_php_parameters.html#mail-parameters>`__ and the `official ownCloud documentation about email configuration <https://doc.owncloud.org/server/9.0/admin_manual/configuration_server/email_configuration.html>`__ for details.
owncloud__mail_domain: 'domain.com'

# From address that overrides the built-in ``sharing-noreply`` and
# ``lostpassword-noreply`` from addresses.
owncloud__mail_from_address: 'noreply'

# Which mode to use for sending mail.
# Choices are:
# * ``sendmail``
# * ``smtp``
# * ``qmail``
# * ``php``
owncloud__mail_smtpmode: 'sendmail'

# Specify the IP address of your mail server host.
# This may contain multiple hosts separated by a semi-colon. If you need to
# specify the port number append it to the IP address separated by a colon,
# like this: ``127.0.0.1:24``.
# This depends on :envvar:`owncloud__mail_smtpmode`.
owncloud__mail_smtphost: 'smtp.{{ owncloud__domain }}'
owncloud__mail_smtpport: '25'

owncloud__webserver: 'nginx'

# Max children processes to run in php fpm.
# FIXME: Check if default of debops.php_ might be sufficient.
owncloud__php_max_children: '50'

# List of PHP packages recommended by Nextcloud.
# Refer to the `official Nextcloud documentation <https://docs.nextcloud.com/server/11/admin_manual/installation/source_installation.html>`__ for details.
owncloud__recommended_php_packages:
  - 'curl'
  - 'bz2'
  - 'imagick'
  - 'intl'
  - 'mcrypt'

# Should SMB/CIFS be support by installing the required system packages and
# enabling the required ownCloud application?
owncloud__smb_support: True

# PHP data caching. The redis server runs on dcnt
owncloud__apcu_enabled: false
owncloud__redis_enabled: true
owncloud__redis_host: '10.10.0.3'
owncloud__redis_password: 'some pass here'



# ownCloud recommends MySQL or MariaDB as database management system.
# Set to ``False`` to use SQLite.
# Refer to the `official ownCloud documentation <https://doc.owncloud.org/server/9.0/admin_manual/configuration_database/linux_database_configuration.html>`__ for details.
owncloud__database: 'mariadb'

# FQDN of the database server. It will be configured by
# the debops.mariadb_ or debops.postgresql_ role.
owncloud__database_server: '10.10.0.3'
owncloud__database_name: '{{ owncloud__variant }}'
owncloud__database_user: '{{ owncloud__variant }}'
owncloud__database_password: 'some pass here'

As @drybjed said the nginx.yaml shouldn't be necessary but it works in my scenario.
I'm kind of tempted to replace a previous snapshot and to run without it to see what happens. If I'll do I report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants