-
-
Notifications
You must be signed in to change notification settings - Fork 366
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
hetzner deploy fails with curl error 60 #356
Comments
@aszlig Is this perhaps related to the rescue image change you were talking about, a while back? |
@rbvermaa: Hm, nope... this should be completely unrelated. @manveru: What is it printing after those lines? Because deploying to the target machine while in rescue mode could probably lead to these errors but they shouldn't be hard failures (as in: the closures then should have been copied over from the local machine). |
There's nothing afterwards... I'm only on DSL and thought it was stuck after nothing happened after about 5 minutes. I just checked my iftop and it seems to be uploading a ton of stuff, so I'll try waiting around until it finishes this time. |
Well, it only took 9 hours, but my deploy finished. Thanks for the hint. It might be a good idea to give some feedback about this operation and not let users read an error message for hours and expecting them to think everything's alright :) |
I ran into the same problem. I see what I can do to further analyze it. I am currently stuck at getting access to the machine: |
I think I fixed the ssh issue by setting |
I interrupted the process when closures are copied and got access to the root server. The following might help:
So it all boils down to certificates. |
I saw those messages, but both times deployment was successful with no action from my side. |
here is how to fix this |
The solution from @NikolaMandic didn't seem to fix it when starting with a fresh machine. Adding the following to export CURL_CA_BUNDLE=<path-to-pkgs.cacert>/etc/ssl/certs/ca-bundle.crt Note: After nixops gets past:
you can use |
@grahamc I might have used old nixos I had this problem this weekend but was to lazy to work trought |
This bundles ca-certs with hetzner-bootstrap.nix, so it should fix #356 where @manveru reported that binary cache substititions didn't work because of certificate errors. Although the change is quite trivial I usually try to test things on a real machine before actually merging it, but I currently don't have a free Hetzner machine available for testing. I'm merging this based on @grahamc's assertion "This patch has worked on provisioning several boxes" and testing this by building and manually verifying the bootstrap installer and also running the "hetzner" VM test on x86_64-linux. So I think the worst thing that could happen is that #356 isn't fixed after all. Fixes: #356
Let me know if you need any other info... this seems to be missing a certificate? It's my first attempt to deploy to hetzner.
The text was updated successfully, but these errors were encountered: