Unable to rerun install


#1

I’m trying to rerun the install (./securedrop-admin install) after updating the admin workstation to 0.7.0, but something breaks.
The task is:
TASK [restrict-direct-access : Copy IPv4 iptables rules.]

And the error message reads:
fatal: [app]: FAILED => {"changed": false, "msg": "AnsibleUndefinedVariable: ' dict object' has no attribute 'ipv4'"}
fatal: [mon]: FAILED => {"changed": false, "msg": "AnsibleUndefinedVariable: ' dict object' has no attribute 'ipv4'"}

Any good ideas ?

//Jonas

(I did all the steps first:
cd ~/Persistent/securedrop
git fetch --tags
gpg --recv-key "2224 5C81 E3BA EB41 38B3 6061 310F 5612 00F4 AD77"
git tag -v 0.7.0
git checkout 0.7.0
./securedrop-admin setup
./securedrop-admin tailsconfig

./securedrop-admin sdconfig
./securedrop-admin install

I also tried redoing the sdconfig config from scratch, by moving the file and rerunning sdconfig to recreate it)


#2

The Copy IPv4 iptables rules task evaluates the rules_v4 template which has a fragile logic introduced in 0.7.0. I ran into an issue in the same area and proposed a workaround that was accepted. This will also fix the problem you are currently facing when 0.8.0 is published late june.

In the meantime you can:

I suggest you file an issue so this particular problem can be fixed properly. If you are unsure how to file the bug report, I’d be happy to help.


#3

Thank you for the information. I will try to test it, when I get the time to do it, and report back.


#4

I didn’t get the time to try this before now. But your suggestion worked like a charm, thank you.