this post was submitted on 20 Jul 2023
7 points (88.9% liked)
Lemmy Support
4661 readers
72 users here now
Support / questions about Lemmy.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It seems like you have the keys configured for putty but not whatever SSH client Ansible uses.
It's going to sound unhelpful, but have you tried running the Ansible stuff from WSL? This is tested on Linux (and macOS probably), but probably not Windows.
You may also want to nuke the box of any previous state if you can. The NGINX errors you're getting are that it expects to find a LetsEncrypt certificate that doesn't exist yet. Typically you need to start NGINX without it first then certbot will generate it and update the NGINX config to use it.
Some people have been using Lemmy-Easy-Deploy, it might be worth a try. It's supposed to be easier and more turnkey. The author is also very open to suggestions and help if the instructions are unclear.
The docs are definitely geared towards people with existing server admin experience at the moment. There's talk on Matrix to improve those.
Please post full logs of what you're running, it will be easier for people to troubleshoot, including everything before. The extra context can be very helpful to know what Ansible did before and give clues as to what it did previously that might fail. That stuff is a moving target, it gets updated frequently and may fail under some unanticipated conditions.
And I've tried Lemmy-Easy-Deploy, and it worked fine, but the developer told me that they didn't intend for this to be used for an actual deployment instance with many users. I plan to scale this as large as I need. They also said that it did not support SMTP and that they had no intention of supporting SMTP. But without SMTP, users won't be able to confirm emails or reset passwords... So it just won't work.
Good point. I can do that. I have made so many impromptu modifications to my current server that troubleshooting it any further would surely cause errors. So I will blow up the droplet, start fresh, and get it to the first error and post back. Thanks for the advice!
Hmm, I see. In that case I'm afraid you will definitely need to get familiar with a lot of stuff really fast, because there's a lot of rough edges right now. It's super beta software after all. Even the admins of lemmy.world and beehaw.org are hitting pretty complex problems that needs a lot of digging. You'll definitely need to become fairly intimate with how Lemmy works under the hood if you want to scale up to hundreds of users. Especially the pict-rs storage as it grows pretty fast. People have been having to migrate it to object-storage.
You can always join the install support Matrix room for additional help: https://matrix.to/#/#lemmy-support-new-instance:discuss.online. Or the whole Lemmy Matrix Space at #lemmy-space:matrix.org.
I don't want to demotivate you or anything - it's a great learning experience! But beware you'll definitely have to troubleshoot and spend some time to keep it running smoothly. It's far from set and forget at the moment, particularly at scale.
But one thing at a time, lets see how Ansible does on a blank droplet, and lets figure out how to fix your Ansible problems first before getting into manual installs and scaling up.
I can't even get that far.
I used a different PC, installed WSL, created a new rsa key stored at "/home/wsl/.ssh". Added the public key to my DO droplet. Rebuilt the droplet to ensure that the keys transferred.
every 👏 fucking 👏 time 👏
I would love to try the ansible method, but apparently I'm the only person to not just instinctively know how to ssh from another pc. I've searched for a reference to this and none of them help. Any advice?
I think that's supposed to be an underscore in
id_rsa
, notid-rsa
, unless you changed it from the default.I figured out the problem, digital ocean was only applying the top RSA key, which is my Putty key. The keys I added to DO via WSL were not getting added to the authorized key list. So I added my key to the authorized keys file and it worked. Well, it let ansible access the server. I'm having other issues but will work on them later.