Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sidekick launch fails silently #47

Open
rawnly opened this issue Nov 3, 2024 · 6 comments
Open

sidekick launch fails silently #47

rawnly opened this issue Nov 3, 2024 · 6 comments
Labels
question Further information is requested

Comments

@rawnly
Copy link

rawnly commented Nov 3, 2024

Hey, i'm trying to use sidekick launch but if I specify a .env file it fails without logs. Otherwise I get the following:

CleanShot 2024-11-04 at 00 56 36@2x

api is the friendly name of the project

do you any suggesstion so far?
@rawnly
Copy link
Author

rawnly commented Nov 4, 2024

More info on my environment, I have my mac setup with docker buildx, If i run just docker build without --load or --push the image is not saved on my disk. Maybe this is the cause?

@rawnly
Copy link
Author

rawnly commented Nov 4, 2024

Ok buildx was the issue, you might want to add this to docs. Btw I'm still unable to deploy my application, unfortunately errors are cut and it's nearly impossible do debug. May i suggest to save the stderr to a file when this happens?

CleanShot 2024-11-04 at 11 28 31@2x

@MightyMoud
Copy link
Owner

Hi @rawnly,

Could you explain more to me about using buildx only on your env? so for you if you run docker build that doesn't add it to the daemon as an image?

As for saving logs to a file, Yes that's a great suggestion. I'll do that soon.
If you take a look at that last snapshot, you can see it's complaining about missing file to decrypt. Can you ssh sidekick@IP_HERE go into the api folder and check whats in the encrypted.env file.

Also could you check your local system has both sops and age? Sidekick init should make sure that's the case, but I'm thinking that didn't happen here

@MightyMoud MightyMoud added the question Further information is requested label Nov 4, 2024
@rawnly
Copy link
Author

rawnly commented Nov 4, 2024

Could you explain more to me about using buildx only on your env? so for you if you run docker build that doesn't add it to the daemon as an image?

Hey sure! I in the past I using buildx for multiplatform builds and then I forgot to remove it but I think that at least a warning should be prompted to the user from sidekick in order to ease the debug.

As for saving logs to a file, Yes that's a great suggestion. I'll do that soon.

Nice!

Also could you check your local system has both sops and age?

Both correctly installed:

age: 1.2.0
sops: 3.9.1

Also a side note: I tried running sidekick on a brand new vps hosted on hetzner with ubuntu 24.0, it's ssh_config file doesn't contain any PermitRootLogin so after sidekick init the root login was still enabled. Maybe you should update with a check like grep -q 'PermitRootLogin yes' /etc/ssh/sshd_config:

        SpinnerSuccessMessage: "VPS updated and setup successfully",
        SpinnerFailMessage:    "Error happened running basic setup commands",
        Commands: []string{
-               "sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config && sudo systemctl restart ssh",
+               "grep -q 'PermitRootLogin yes' /etc/ssh/sshd_config && sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config && sudo systemctl restart ssh || echo 'PermitRootLogin no' >> /etc/ssh/sshd_config && sudo systemctl restart ssh",
                "sudo apt-get update -y",
                "sudo apt-get upgrade -y",
                "sudo apt-get install age -y",

@rawnly
Copy link
Author

rawnly commented Nov 4, 2024

Here's the content of the encrypted file

{
        "data": "ENC[AES256_GCM,data:YssIWdk+yRhLH/aG6tx7SYLqwOGETyj2bvq9mk3dJh0dRiB4h1kKC5Y/6ELibSwpHt5/G8mkd/9zwKmTFGHmhAttutlslStWnAzMXjYfGUQtKRcPn//VoQKJOj7ouTr0b5fKPV72EHJR2egC8bAnu8W3ZLqg+Vg07Hjn4Go5PIk81l8Pwmjxw53OyYF/D4IlSpkP8g8Y7ZVVp41H91o4FQFZB31RlIArO2nsOsft96hKZdZ4ACCgZJNj23hTq9OS8PW1O6U3C6r0E3lXSj5IqZMBmvArGnj6jt0oKBNwj2I2yoDaCAmnSt+w7MPf3qqtOx69ot/tnwgMwDpDCt90pfkj1QfbZBXwEMzDTFW/oiWq6dOEMbN9aHNkNXS5r0ITFU1dUnj9K/0wXM8t+dm9e74kS2jQ28B11141himDjjkolHXKIXHPgWaDzcaKf9PYOPrD9YAFsaQzzSzfMg1Q8tsSGqh8J0It6EoSHzl5Cfbno8e9a50iufGy1c96K5CD+Wo7KRKLz3T3Npq7mwy3kXDkJPR6VSzkdwXO4oAQkv+6VtDMI9MnDuRwW5dscWP+XekPHQCUpN6cVEM8DctEoCO9GCukEjCMvWrdLQI43TSy2bqMO4HP9QdjODSPXmTCvaxNzYhLWMKcUS9rDEkGUQrGaGD/N1/3fiikKTeaiHxzt3SPM4l+c2FaZ6jC20wRFMgcb8jOVsFT/tm3XTtVNMatcXbVGcPKFL1memDKHfM4ggvIRYHGbz1g/L1t6KZK+oSOC3YvMA6aXM+ZjspTbplFNIql0Te7m9zmoN9jtsfowcW/Xx4+VbbLUMpsTv6amDsG6PXs7bwF29WiQG4SSIKR4MnIEcFrF8kwYak+E/82sX+FAfPvI/2A8ohEjx7qPxqsCwWv8X5qlFYwRilIVrJv4fBsZORWFC1S37zuM1tMs68qVG54ifyFqjAjZ+CrDhUjBit5krDAPy7CNNob4YIRqQ7KWrYV5cIwCmxRF3MasuKhZBlWxk5XdhrUybPQ8qFd0Pjub1dHpvpY9q7DZME/6MO69/WS3Kcx4NVEWsDLty31uygvWrxUq3CtUJjHK9R3JxVQWmOR7pFYIuhMZbNlufRHe1pF1X3tGlM8gJTfCE7tYXsqgtBs94W2c2oe+FoUJnsnCWhrbJjLfnT35bEBWv7k1zVtw60vs58M+a7oaL5FElBfTBh8F4kS1ondyEB9/E22HLtZfszkLNErvZmq7NDksl6hRcjClyWx/ItdOVETk6siORsM5pZzBMU0LNvleVRULBF1J9MLAY3a1e96d93Mavh/5GL0DH5poZLA50ZUK/4hVGbIXr95DZPgfh5ziHousLx4BNZ0K1yTQ/DLkF8i7U3ANVb4CwIZXOo1B18SE0Ho+nYia8Zh2gH7e3aehXighCPVsp7H9TlG4YNoN0h+pbgK4L5r3JCOzXCPOTilkIegFq3WUQ1/WhRF4MN01ZhlqnLV5xvf0Kg69zMFeEvtbuBN0v0Csrk4gFbUBANw2OR4nkDM0hqno/LSYULITkglQ+rnsp+t8zQK+kayyPeQVZYDGNRSo6gWiJdDf94nkET0E9NFsVe0UV2nc5ABH1WfSyiuhl12EOCgfkobhDks/v4YsDEWjTynw45ZP2kIch/aFvEcA9AsQOHEZa5Y374pBDc7d66KNsQNR+Oh39bsyGbKMqWhX4+kcoCgMRxtzBwdTMkJgDcCkVz9nmwSoBOg9mj+OGFY4tBLmgzwVZ3tqOmYPnNKNjZvctbfdOY1AEWUd8bg8bwKkk4DVVOOlE+A0Aor0jCt705ESPbyo23hzMe977hPXTli+NU9bRSLDOJXgId0o285T2MSakBQHjWuZ44HcYvFZ68siwwJAmMPxepeHkIBnCqfOeuMy9MDoh37ogD1R6L9n39Z1a9i5kdl8Qv3HeK9bwfpehz949O3UTsg2B6FtJEqihxmzwZBw6xHfet4rXqV1PlcsOHyBc2Ri500PI0wOmhxYcpI017QqJtEef0+R4EMnNVHRyuZ1Ujjbo/F,iv:vB7C9d3Z+ZuWJg6DdVtERWVKbEvw7SrCi+szB7eaL0U=,tag:dnUphDI02Cjouc7nTbBfYA==,type:str]",
        "sops": {
                "kms": null,
                "gcp_kms": null,
                "azure_kv": null,
                "hc_vault": null,
                "age": [
                        {
                                "recipient": "age1u7k7a4fzz6umm672ec03u6333f9hre2z37msw7nfqwxv0hss6djqwtepdl",
                                "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPRFFiODZlTnViTjkwZ0ZQ\na2w1VTcrdWUwcVB1UWxnbXZoM0NEbWMyMnhzCkF3SERMVXl2ZVZRWFFsd1JLeFk5\nbnJHSmU5UUpJNzRlZWtKK2dVcTJyY1EKLS0tIGRkd0hIcVM3eTQybVBhVlhGY25B\neUsra04zQmd3dlo2ejVTNWJnd3UwUmcKnpec46gTFZGI8cgPY5Nk0tIJ8H1TAOZq\nSrgYc3x0xEQ9zb1heD+c2vqdLG5CC74Zy2M/ljjXNIruYU+Eic1djA==\n-----END AGE ENCRYPTED FILE-----\n"
                        }
                ],
                "lastmodified": "2024-11-04T10:25:44Z",
                "mac": "ENC[AES256_GCM,data:FfbQQG5mxMHQ3/99htRJK65v6Iz80Y2z4pPr9VMNk2QE+3/lWd/eWjsJGqNEh4LLLzVAqu+C6n4hPGgqCKYct+O+5+8GMreMNL6YMRtL0Ykggw8gD7aWqpbRC5RL6EOmTYFbnEXOV7PWDKbNVmVSw2o7PVjTqnit/e5OOao1zZ0=,iv:hC0F+q0fTvrMxOGKP/Jr5myZdxlZSU5Ai9UnREA9YgQ=,tag:2qq0T8rJKhwEdqrmE5XEhQ==,type:str]",
                "pgp": null,
                "unencrypted_suffix": "_unencrypted",
                "version": "3.9.1"
        }
}

@rawnly
Copy link
Author

rawnly commented Nov 4, 2024

If i try to run the failed script

# api = $service_name
$ sops exec-env encrypted.env 'docker compose -p sideckick up -d --no-deps --scale api=2 --no-recreate api'

invalid dotenv input line: {

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rawnly @MightyMoud