i’m doing my first deploy tests with a test project and looks like ansible fails with ferm for me.
Here’s my log/output:
TASK: [ferm | ensure iptables rules are enabled] ******************************
failed: [212.47.250.123] => {"changed": false, "cmd": ["ferm", "--slow", "/etc/ferm/ferm.conf"], "delta": "0:00:00.330372", "end": "2015-09-18 14:01:44.816909", "rc": 1, "start": "2015-09-18 14:01:44.486537", "warnings": []}
stderr: iptables: No chain/target/match by that name.
Firewall rules rolled back.
NOTIFIED: [fail2ban | restart fail2ban] ***************************************
changed: [212.47.250.123]
NOTIFIED: [ferm | restart ferm] ***********************************************
failed: [212.47.250.123] => {"failed": true}
msg: iptables: No chain/target/match by that name.
Firewall rules rolled back.
PLAY RECAP ********************************************************************
to retry, use: --limit @/Users/helmi/server.retry
212.47.250.123 : ok=24 changed=15 unreachable=0 failed=2
Don’t worry about the IP address being public - this is just a test machine that i will delete afterwards.
May there be a problem with the fact that this servers network interface only has a private IP instead of the public IP? I guess the provider does a NAT to map the public to the private IP, the interface itself only has a private one:
Haven’t ever seen or come across that error, but the easy solution for the time being is just to skip ferm by setting ferm_enabled: false.
You could further debug by looking at the generated /etc/ferm/ferm.conf and the files in /etc/ferm/conf.d to see what’s going on. You could then try commenting things out until you got it working to actually narrow down the problem.
I should also point out there’s a ton of results on Google for exactly this error. You can probably assume it’s not directly a problem with Trellis/Ansible but with ferm and your networking setup (not saying you caused it though )
thanks, @swalkinshaw. Probably it was a bit too optimistic to try it on an arm based Ubuntu
Even when disabling ferm this led to serveral other problems. I switched to DigitalOcean for a bit more easiness
And i’ve come way further but i’m stuck a bit. I enabled hhvm which made ansible not skip the php5-fpm installation which i think should be right but then in the deploy process it seems to want to restart php5-fpm what i don’t understand.
TASK: [deploy | Run post_finalize_commands] ***********************************
changed: [1.2.3.4] => (item=if wp core is-installed; then wp eval 'wp_clean_themes_cache(); switch_theme(get_stylesheet());'; fi)
failed: [1.2.3.4] => (item=sudo service php5-fpm reload) => {"changed": true, "cmd": "sudo service php5-fpm reload", "delta": "0:00:00.037030", "end": "2015-09-18 16:48:38.742472", "item": "sudo service php5-fpm reload", "rc": 1, "start": "2015-09-18 16:48:38.705442", "warnings": []}
stderr: php5-fpm: unrecognized service
In the meantime I wouldn’t use it. Please start a new thread if you have further separate issues. We don’t like these threads continuing on with multiple different subjects.