I am a pretty much a newbie using Trellis and I am stuck with an issue which might be silly but it’s blocking me; I have asked on the Trellis Roots' forum but I had no answer yet so I though I could ask here. I have my project running on an Intel MacBook Pro and I have deployed with no issues, but on cloning it on a new machine (M1), I am not able to run it locally here below the specs:
- Parallels Desktop Pro Edition for Mac - Version 18.1.1 (53328)
- MacBook Pro (13-inch, 2020) - Apple M1 / Memory 8 GB
- vagrant_box: jeffnoxon/ubuntu-20.04-arm64
- vagrant_box_version: >= 1.0.0
It looks like VM is mounting and running correctly:
➜ trellis up
Starting galaxy role install process
- composer (1.9.0) is already installed, skipping.
- ntp (2.3.1) is already installed, skipping.
- logrotate (v0.0.5) is already installed, skipping.
- swapfile (v2.0.32) is already installed, skipping.
- mailhog (2.3.0) is already installed, skipping.
Running command => vagrant up
Bringing machine 'default' up with 'parallels' provider...
==> default: Checking if box 'jeffnoxon/ubuntu-20.04-arm64' version '1.0.1' is up to date...
==> default: [vagrant-hostmanager:guests] Updating hosts file on active guest virtual machines...
==> default: [vagrant-hostmanager:host] Updating hosts file on your workstation (password may be required)...
==> default: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> default: flag to force provisioning. Provisioners marked to run always will still run.
==> default: Running action triggers after up ...
==> default: Running trigger...
==> default: Adding vagrant ssh-config for ernestoianuario.local to ~/.ssh/config
==> default: Machine 'default' has a post `vagrant up` message. This is a message
==> default: from the creator of the Vagrantfile, and not from Vagrant itself:
==> default:
==> default: Your Trellis Vagrant box is ready to use!
==> default: * Composer and WP-CLI commands need to be run on the virtual machine
==> default: for any post-provision modifications.
==> default: * You can SSH into the machine with `vagrant ssh`.
==> default: * Then navigate to your WordPress sites at `/srv/www`
==> default: or to your Trellis files at `/home/vagrant/trellis`.
Plus I can connect via ssh:
➜ vagrant ssh
Welcome to Ubuntu 20.04.4 LTS (GNU/Linux 5.4.0-117-generic aarch64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Fri 30 Dec 2022 07:36:48 AM CST
System load: 0.0
Usage of /: 14.9% of 30.11GB
Memory usage: 26%
Swap usage: 0%
Processes: 123
Users logged in: 0
IPv4 address for eth0: 10.211.55.4
IPv6 address for eth0: fdb2:2c26:f4e4:0:21c:42ff:fe4b:1bc1
IPv4 address for eth1: 192.168.56.5
IPv6 address for eth1: fdb2:2c26:f4e4:2:21c:42ff:fe23:978c
This system is built by the Bento project by Chef Software
More information can be found at https://github.com/chef/bento
Last login: Fri Dec 30 07:00:48 2022 from 10.211.55.2
But visiting on the browser I have the typical “site cannot be reached”:
So I realised that trellis (vagrant) up haven’t done the provision and I tried to run trellis-cli command, which produces this error:
➜ trellis provision development
Starting galaxy role install process
- composer (1.9.0) is already installed, skipping.
- ntp (2.3.1) is already installed, skipping.
- logrotate (v0.0.5) is already installed, skipping.
- swapfile (v2.0.32) is already installed, skipping.
- mailhog (2.3.0) is already installed, skipping.
Running command => ansible-playbook dev.yml -e env=development --inventory-file .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory
PLAY [WordPress Server: Install LEMP Stack with PHP and MariaDB MySQL] *********
[WARNING]: Failure using method (v2_playbook_on_play_start) in callback plugin
(<ansible.plugins.callback.vars.CallbackModule object at 0x105f06bc0>):
Decryption failed (no vault secrets were found that could decrypt) on
/Users/ernestoianuario/ernestoianuario.com/trellis/group_vars/all/vault.yml
ERROR! Decryption failed (no vault secrets were found that could decrypt) on /Users/ernestoianuario/ernestoianuario.com/trellis/group_vars/all/vault.yml
exit status 4
And if I use the ansible-playbook command:
ansible-playbook dev.yml --ask-vault-password -e env=development
Vault password:
PLAY [WordPress Server: Install LEMP Stack with PHP and MariaDB MySQL] ******************
TASK [Gathering Facts] ******************************************************************
[WARNING]: Unhandled error in Python interpreter discovery for host 192.168.56.5: Failed
to connect to the host via ssh: [email protected]: Permission denied
(publickey,password).
fatal: [192.168.56.5]: UNREACHABLE! => {"changed": false, "msg": "Data could not be sent to remote host \"192.168.56.5\". Make sure this host can be reached over ssh: [email protected]: Permission denied (publickey,password).\r\n", "unreachable": true}
PLAY RECAP ******************************************************************************
192.168.56.5 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
I am not sure what am I doing wrong, any suggestion would be really appreciated, thanks in advance!
I finally solved the issue (for reference, see this discussion on Roots' forum). Apparently, an incorrect decryption password can lead to this error so, after running the decrypt command
ansible-vault decrypt group_vars/all/vault.yml, it turned out that not only that, but all vault.yml files under trellis/group_vars folder (all, development and production in my case) were corrupted on the old machine for some reason; I couldn't decrypt any of them and I was receiving this errorERROR! Decryption failed (no vault secrets were found that could decrypt). Furthermore, running the verbose version of command above (adding -vvvv). I was receiving a more specific errorError: HMAC verification failed: Signature did not match digest., hence, passwords couldn't be decrypted because password weren't matching. I had to recreate all new passwords on the old machine, encrypting them, pushing to my repo and pulling on the new machine; then, simplyvagrant destroy && trellis upand it worked like a charm.