fail2ban error

TASK: [fail2ban | ensure fail2ban is configured] ******************************
fatal: [default] => {‘msg’: “AnsibleError: Failed to template 127.0.0.1/8 {{ lookup(‘pipe’, ‘dig +short myip.opendns.com @resolver1.opendns.com’) }}: lookup_plugin.pipe(dig +short myip.opendns.com @resolver1.opendns.com) returned 9”, ‘failed’: True}
fatal: [default] => {‘msg’: ‘One or more items failed.’, ‘failed’: True, ‘changed’: False, ‘results’: [{‘msg’: “AnsibleError: Failed to template 127.0.0.1/8 {{ lookup(‘pipe’, ‘dig +short myip.opendns.com @resolver1.opendns.com’) }}: lookup_plugin.pipe(dig +short myip.opendns.com @resolver1.opendns.com) returned 9”, ‘failed’: True}]}

I don’t understand what is wrong.

The fail2ban service blocks IPs after 6 failed connections, but the default attempts to whitelist your machine’s IP by adding it to the fail2ban_ignoreip list. Trellis attempts a dig DNS lookup to automatically detect and add your IP.

I’m not aware of this failing for anyone yet, but the feature has only been in Trellis for a little over 5 weeks.

  • What is the output from running this on your local control machine dig +short myip.opendns.com @resolver1.opendns.com
  • What version of Ansible are you using? ansible --version
  • What is your OS?

I hope you’ll respond to the questions above to help us debug this, but if you need to just get your playbook running, and if you’re leaving sshd_permit_root_login: "yes", you could temporarily remove the ip lookup:

- fail2ban_ignoreip: 127.0.0.1/8 {{ lookup('pipe', 'dig +short myip.opendns.com @resolver1.opendns.com') }}
+ fail2ban_ignoreip: 127.0.0.1/8

Edit: Also, I’ve noticed sometimes people have mysterious Failed to template errors that go away after a vagrant destroy -f && vagrant up. In fact, that’s true for many vagrant vm troubles seem to occur from re-running the playbook (without destroying) after it failed previously.

getting a similar issue when trying to provision a digital ocean box

TASK: [fail2ban | ensure fail2ban is configured] ******************************
fatal: [XXX.XXX.XXX.XXX] => Failed to template 6u+WpX{%>!ViHY,Tk&zgb|!~b+@.Q`–TD+Fud0>&/NJ~n >pm5,eY&-X-E[FqXS: template error while templating string: tag name expected

not sure where that hash looking thing is coming from…

EDIT: I am running this from my OSX machine, not a vagrant box. ansible 1.9.3

EDIT2: this seems to have been from one of the wordpress salts… not sure why, but generating all new ones fixed my issue. apologies for the thread jack attempt…

3 Likes

Same error for me today, the offending salt was:

yhI4bKV6be,tG~j$@=Y#x0(- 3iET),-:}V-;--9O0&@G4|xt+-k]{{=VBgh=:+?

Generating a new one fixed it :thumbsup:

Related: https://github.com/roots/trellis/commit/da8d3c82f34ed0caf7903339295f1030c73eadb7

Thanks Ben but my failing salt didn’t contain {%

(or am I reading that message wrong and {{ is also expected to fail?)

Hello my friends, Im new to Trellis.

I followed all the instructions from the roots-example-project, and everything seamed to be working untill I ran into the same exact problem as @cenkce.

For now I just want to get the development deal working on my computer. Working on Windows 8.1

Can somebody help?

@ben. Sorry for opening the same thread again. I guess I should just stick to my old response on the same issue. Can you help?

What have you tried so far? There are two possible solutions already in this thread.

Thanks for the answear, After starting the project from scratch following the tip from @fullyint I was able to get it working! :smile:

Getting a new set of WordPress salts fixed it for me as well (after hours of debugging…).