Error in ansible 2.3.2- Unsupported proxy scheme: https - ansible-2.x

I am getting error:
Unsupported proxy scheme: https. Currently ansible only supports HTTP proxies
while running ansible playbook on ansible v2.3.2 but same is running with ansible v1.9.4:
environment:
http_proxy: "http://{{ address }}:{{ port }}"
https_proxy: "https://{{ address }}:{{ port }}"
Is there any change in ansible module or how to fix this?

This issue is present also in ansible 2.7.1
to avoid this problem you can set validate_certs: false
here is an example:
environment:
http_proxy: http://IP:PORT
https_proxy: https://IP:PORT
and in your get_url or apt task you add validate_certs: false
get_url:
url: url
dest: "{{ dest }}"
validate_certs: false

I troubleshooted and found if we set HTTPS_PROXY in place of http_proxy, strange but its working and package is installing.
HTTPS_PROXY: "https://{{ address }}:{{ port }}"

I'm confirming that adding validate_certs: false do the trick:
get_url:
url: url
dest: "{{ dest }}"
validate_certs: false
And following DOESN'T WORK: HTTPS_PROXY: "https://{{ address }}:{{ port }}"

Related

Ansible get_url behind Proxy requirements

I am trying to download various artefacts for confluent version using get_url module. I am behind a proxy and below is my playbook.
I have to put in a proxy information for one of the downloads, but not for other. Trying to find out how do I determine which ones need proxy details defined in the task and which ones should not have that information. I got verify cert error when I had added proxy information to the second task.
Is there a way to avoid setting that information in the task for the first download task as well
tasks:
- name: Download Confluent enterprise version
get_url:
url: https://packages.confluent.io/archive/7.0/confluent-7.0.7.tar.gz
dest: /export/home/svcuser/tmp
use_proxy: yes
register: showconfluentdlstatus
environment:
http_proxy: http://myuserid:mypassword#proxy.prudential.com:8080/
https_proxy: https://myuserid:mypassword#proxy.prudential.com:8080/
- name: show confluent enterprise download status
debug: var=showconfluentdlstatus
- name: uncompress confluent enterprise
unarchive:
src: /export/home/svcuser/tmp/confluent-7.0.7.tar.gz
dest: /export/home/svcuser/tmp/confluent_7.0.7/
register: unarchiveconfluentstatus
- name: show unarchive confluent status status
debug: var=unarchiveconfluentstatus
- name: Download Confluent playbook for same version as enterprise confluent version
# Proxy doesn't seem to be needed for this
get_url:
url: https://github.com/confluentinc/cp-ansible/archive/refs/heads/7.0.7-post.zip
dest: /export/home/svcuser/tmp
register: showconfluentplaybookdlstatus
- name: show confluent playbook for same version as enterprise confluent version download status
debug: var=showconfluentplaybookdlstatus
- name: uncompress playbook for same version as enterprise confluent version download status
unarchive:
src: /export/home/svcuser/tmp/cp-ansible-7.0.7-post.zip
dest: /export/home/svcuser/tmp/confluent_7.0.7/
register: unarchiveconfluentplaybookstatus
- name: show unarchive confluent playbook for same version as enterprise confluent version status
debug: var=unarchiveconfluentplaybookstatus

How to execute command from Github Action via SSH into whitelisted server?

I met a problem when trying to apply CI/CD into our project using Github Action. The server has the firewall to enable access for a listed ip only.
I have found a method by using Github meta api https://api.github.com/meta but they denied to apply.
Is there any other way to apply this?
Our current ci.yml
name: remote ssh
on:
push:
branches: [ master ]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: execute ssh command via using private key
uses: appleboy/ssh-action#master
with:
host: ${{ secrets.REMOTE_HOST }}
username: ${{ secrets.REMOTE_USER }}
key: ${{ secrets.CICD_SSH_KEY }}
port: ${{ secrets.PORT }}
script:
pwd
In my case, I use an OpenVPN to access to the server.
About security. I think you should not load file VPN config to Git.
This is my config file.
name: remote ssh command to deploy
on:
push:
branches: [ master ]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v1
- name: Install Open VPN
run: |
sudo apt-get install openvpn
echo "${{ secrets.VPN_FILE }}" > .github/vpn/config.ovpn
- name: Connect VPN
uses: golfzaptw/action-connect-ovpn#master
id: connect_vpn
with:
PING_URL: ${{ secrets.REMOTE_HOST }}
FILE_OVPN: '.github/vpn/config.ovpn'
env:
CA_CRT: ${{ secrets.CA_CRT}}
USER_CRT: ${{ secrets.USER_CRT }}
USER_KEY: ${{ secrets.USER_KEY }}
- name: Check Connect VPN
run: echo ${{ steps.connect_vpn.outputs.STATUS }}
- name: Execute ssh command via using private key
uses: appleboy/ssh-action#master
with:
host: ${{ secrets.REMOTE_HOST }}
username: ${{ secrets.REMOTE_USER }}
key: ${{ secrets.CICD_SSH_KEY }}
port: ${{ secrets.PORT }}
script: |
pwd
cd ${{ secrets.REMOTE_TARGET }}
git pull
- name: kill vpn
if: always()
run: sudo killall openvpn
Follow https://github.com/marketplace/actions/connect-vpn#Example-prepare-file-.ovpn:
Copy data inside tag to encode base64 after that save to secret env github actions
Remove tag and replace to ca ca.crt cert user.crt key user.key
Aside OpenVPN, you can use Cloudflare WARP 1.1.1.1, its easy to use and no need for running any server or any kind of log in.
just make a job
name: remote ssh command to deploy
on:
push:
branches: [ master ]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Check Connect VPN
run: |
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
sudo apt update
sudo apt install cloudflare-warp
warp-cli --accept-tos register
warp-cli --accept-tos connect
put this there. Boom you're ready to go and surf anywhere.
Note:
the 1st line is to add the Cloudflare pkg host to apt host list because apt only use microsoft hosted pkg only, and it's not there. 2nd line for same reason.
5th line to register the service. --accept-tos part is for accepting TOS which needed to be done by human input if omitted
6th line Runs the service.
Full documentation here:
https://pkg.cloudflareclient.com/install
https://developers.cloudflare.com/warp-client/get-started/linux/

No suitable pipeline found for auth-register-login error in Express Gateway start up and get a 404 error when I POST to it

Pls help. I am new to Express Gateway.
During npm start I am getting the following errors. I dont see any problems (being novice) any problems with gateway.config.yml and the way pipelines are configured.
When I POST a message I get Not Found.. Also attached below a simple post message..
2020-03-28T02:20:04.382Z [EG:gateway] debug: mounting routes for apiEndpointName auth-email-confirm, mount /auth/email-confirm/:token
2020-03-28T02:20:04.382Z [EG:gateway] debug: No suitable pipeline found for auth-email-confirm
2020-03-28T02:20:04.382Z [EG:gateway] debug: methods specified, registering for each method individually
2020-03-28T02:20:04.382Z [EG:gateway] debug: mounting routes for apiEndpointName auth-register-login, mount /auth/register-user
2020-03-28T02:20:04.382Z [EG:gateway] debug: No suitable pipeline found for auth-register-login
2020-03-28T02:20:04.382Z [EG:gateway] debug: methods specified, registering for each method individually
2020-03-28T02:20:04.382Z [EG:gateway] debug: mounting routes for apiEndpointName auth-register-login, mount /auth/login
2020-03-28T02:20:04.382Z [EG:gateway] debug: No suitable pipeline found for auth-register-login
2020-03-28T02:20:04.382Z [EG:gateway] debug: methods specified, registering for each method individually
2020-03-28T02:20:04.383Z [EG:gateway] debug: mounting routes for apiEndpointName auth-user, mount /auth/user*
2020-03-28T02:20:04.383Z [EG:gateway] debug: No suitable pipeline found for auth-user
2020-03-28T02:20:04.383Z [EG:gateway] debug: no methods specified. handle all mode.
2020-03-28T02:20:04.383Z [EG:gateway] debug: mounting routes for apiEndpointName properties, mount /property*
2020-03-28T02:20:04.383Z [EG:gateway] debug: No suitable pipeline found for properties
2020-03-28T02:20:04.383Z [EG:gateway] debug: no methods specified. handle all mode.
2020-03-28T02:20:04.383Z [EG:gateway] info: hot-reload config completed
Here is my gateway.config.yml:
http:
port: 8080
admin:
host: localhost
port: 9876
apiEndpoints:
auth-email-confirm:
host: localhost
path: '/auth/email-confirm/:token'
methods: ["GET"]
auth-register-login:
host: localhost
paths: ['/auth/register-user', '/auth/login']
methods: ["POST"]
auth-user:
host: localhost
path: '/auth/user*'
properties:
host: localhost
path: '/property*'
serviceEndpoints:
auth:
url: 'http://localhost:3003'
properties:
url: 'http://localhost:4004'
#policies to be used
policies:
- log
- proxy
- jwt
- request-transformer
#pipelines
pipelines:
# this pipeline is used for user clicking on email confirmation
authEmailConfirmPipeline:
apiEndPoints:
- auth-email-confirm
policies:
- log:
action:
message: '${req.method} ${req.originalUrl}'
- proxy:
action:
serviceEndpoint: auth
changeOrigin: true
# this pipeline is used for user registration or login apis
authRegisterPipeline:
apiEndPoints: # in this case we dont need to validate the jwt
- auth-register-login
policies:
- log:
action:
message: '${req.method} ${req.originalUrl}'
- proxy:
action:
serviceEndpoint: auth
changeOrigin: true
# this pipeline is used for user logout or other user update functions (roles, privileges etc)
authPipeline:
apiEndpoints:
- auth
policies:
- log:
action:
message: '${req.method} ${req.originalUrl}'
- jwt:
action:
secretOrPublicKeyFile: ./.key/pubkey.pem
checkCredentialExistence: false
- proxy:
action:
serviceEndpoint: auth
changeOrigin: true
Using requests.rest in visual studio code:
POST http://localhost:8080/auth/register-user
Content-Type: application/json
{
"username": "gurs#hotmail.com",
"password": "ravig",
"provider": "local",
"firstName": "Ravi",
"lastName": "Guduru",
"middleName": "Udaya",
"phones": [{"6827014411", "mobile"}]
}
The problem causing the "Not Found" response is in the definition of your authRegisterPipeline pipeline. The line:
apiEndPoints: # in this case we dont need to validate the jwt
It's apiEndpoints, not apiEndPoints! Change it to:
apiEndpoints: # in this case we dont need to validate the jwt
and the "Not Found" response should go away. (In my case, it was replaced with a "Bad Gateway" response since I don't have a service running on 3003.)
I have not observed the startup errors you describe runnning NPM version 1.16.10.

create a playbook test.yml that will install apache2 sqlite3 git?

---
- name: install apache2, sqlite3, git pn remote server
hosts: host01
sudo: yes
tasks:
- name: Install list of packages
action: apt pkg={{item}} state=installed
with_items:
- apache2
- sqlite3
- git
INVENTORY FILE NAME: myhosts
$cat myhosts
[group1]
host01 ansible_ssh_user=ubuntu
COMMAND USED: ansible-playbook -i myhosts test.yml
ERROR is below one, I don't know what went wrong someone help me in this.
ERROR: Syntax Error while loading YAML script, test.yml
Note: The error may actually appear before this position: line 7, column 12
- name: Install list of packages
action: apt pkg={{item}} state=installed
^
We could be wrong, but this one looks like it might be an issue with
missing quotes. Always quote template expression brackets when they
start a value. For instance:
with_items:
- {{ foo }}
Should be written as:
with_items:
- "{{ foo }}"
Indendation seems wrong at it should be two spaces character by level so try with something like this regarding indentation issue.
---
- name: install apache2, sqlite3, git pn remote server
hosts: host01
sudo: yes
tasks:
- name: Install list of packages
action: apt pkg={{item}} state=installed
with_items:
- apache2
- sqlite3
- git
---
- hosts: all
become: yes
name: install apache2, sqlite3, git pn remote server
tasks:
- name: Install list of packages
action: apt pkg={{item}} state=installed
with_items:
- apache2
- sqlite3
- git
this works for me...
Given command as
---
- name: install apache2, sqlite3, git pn remote server
hosts: host01
become: yes
tasks:
- name: Install list of packages
action: apt pkg={{item}} state=installed
with_items:
- apache2
- sqlite3
- git
below error
ansible-playbook -i myhosts test.yml -b
PLAY [install apache2, sqlite3, git pn remote server] *************************
GATHERING FACTS ***************************************************************
fatal: [host01] => SSH Error: ssh: connect to host host01 port 22: Connection refused
while connecting to 172.17.3.177:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
TASK: [Install list of packages] **********************************************
FATAL: no hosts matched or all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit #/home/scrapbook/test.retry
host01 : ok=0 changed=0 unreachable=1 failed=0

How to solve this SQLSTATE[HY000] [2002] no connection could be made because the target machine actively refused it

I am trying to follow an e-commerce tutorial where I have to create the connection with the database. I am on windows 7 with xampp v3.2.
So I use this : php bin/console generate:doctrine:entity
which gives me this error :
SQLSTATE[HY000] [2002] no connection could be made because the target
machine actively refused it
I closed xampp and I still had the same error. So I understand it comes from the configuration; somehow my shell doesn't communicate with my sql server from xampp.
here is my parameters.yml :
# This file is auto-generated during the composer install
parameters:
database_host: localhost
database_port: 3306
database_name: market
database_user: sebastian
database_password:
mailer_transport: smtp
mailer_host: localhost
mailer_user: null
mailer_password: null
secret:
and here my config.yml
imports:
- { resource: parameters.yml }
- { resource: security.yml }
- { resource: services.yml }
- { resource: "#EcommerceBundle/Resources/config/services.yml" }
# Put parameters here that don't need to change on each machine where the app is deployed
# http://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
locale: en
framework:
#esi: ~
#translator: { fallbacks: ["%locale%"] }
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
#serializer: { enable_annotations: true }
templating:
engines: ['twig']
default_locale: "%locale%"
trusted_hosts: ~
trusted_proxies: ~
session:
# http://symfony.com/doc/current/reference/configuration/framework.html#handler-id
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"
fragments: ~
http_method_override: true
assets: ~
# Twig Configuration
twig:
debug: "%kernel.debug%"
strict_variables: "%kernel.debug%"
# Doctrine Configuration
doctrine:
dbal:
driver: pdo_mysql
host: "%database_host%"
port: "%database_port%"
dbname: "%database_name%"
user: "%database_user%"
password: "%database_password%"
charset: UTF8
# if using pdo_sqlite as your database driver:
# 1. add the path in parameters.yml
# e.g. database_path: "%kernel.root_dir%/data/data.db3"
# 2. Uncomment database_path in parameters.yml.dist
# 3. Uncomment next line:
# path: "%database_path%"
orm:
auto_generate_proxy_classes: "%kernel.debug%"
naming_strategy: doctrine.orm.naming_strategy.underscore
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: "%mailer_transport%"
host: "%mailer_host%"
username: "%mailer_user%"
password: "%mailer_password%"
spool: { type: memory }
I checked for the extension php_pdo_mysql.dl and it is enabled.
I verified the database name, user and password.
here is a netstat :
netstat
Make sure that your MySQL server is running and that it's using that port (in xampp\mysql\bin\my.ini). Make sure that you're able to connect manually with those credentials as well.
Also, where are you specifying the database driver in your parameters.yml? Normally you should have something like this:
database_driver: pdo_mysql
And lastly, make sure that you don't have a different parameters.yml file included in your config_dev.yml because Symfony commands, by default, use the dev environment.
thank you for your answer.
I have in my.ini 3306 port so it is the good one. I have intalled symfony2.8 and it is working so there is no credentials problems. I also tried to add the line with pdo_mysql but the error message is an pdo_exception, that means pdo works as well.
I also check config.dev but I don't really know what can be wrong inside. So I show you what it looks like :
imports:
- { resource: config.yml }
framework:
router:
resource: "%kernel.root_dir%/config/routing_dev.yml"
strict_requirements: true
profiler: { only_exceptions: false }
web_profiler:
toolbar: true
intercept_redirects: false
monolog:
handlers:
main:
type: stream
path: "%kernel.logs_dir%/%kernel.environment%.log"
level: debug
channels: [!event]
console:
type: console
channels: [!event, !doctrine]
# uncomment to get logging in your browser
# you may have to allow bigger header sizes in your Web server configuration
#firephp:
# type: firephp
# level: info
#chromephp:
# type: chromephp
# level: info
#swiftmailer:
# delivery_address: me#example.com
thank for your help
i cant connect to mysql on xamppp
install mysql 8 on my system on port 3307
and its worked great with laravel.
if you want please install mysql workbench (instead of phpmyadmin)

Resources