Skip to content

Instantly share code, notes, and snippets.

@conorsch
Created October 6, 2017 23:13
Show Gist options
  • Save conorsch/8a98839b4f8f312d70d9ca7aafac4e1e to your computer and use it in GitHub Desktop.
Save conorsch/8a98839b4f8f312d70d9ca7aafac4e1e to your computer and use it in GitHub Desktop.
Terminal session for QA of securedrop-keyring 0.1.1
(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ ansible-playbook -vv --diff securedrop-qa.yml
Using /home/amnesia/Persistent/securedrop/install_files/ansible-base/ansible.cfg as config file
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is 'sudo' (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
PLAYBOOK: securedrop-qa.yml ****************************************************
1 plays in securedrop-qa.yml
PLAY [Configure prod host to accept Release Candidate packages.] ***************
TASK [setup] *******************************************************************
ok: [app]
ok: [mon]
TASK [Add apt public key for release-candidate repo.] **************************
task path: /home/amnesia/Persistent/securedrop/install_files/ansible-base/securedrop-qa.yml:27
changed: [app] => {"changed": true}
changed: [mon] => {"changed": true}
TASK [Switch apt repo URLs to staging.] ****************************************
task path: /home/amnesia/Persistent/securedrop/install_files/ansible-base/securedrop-qa.yml:32
--- before: /etc/apt/sources.list.d/apt_freedom_press.list
+++ after: /etc/apt/sources.list.d/apt_freedom_press.list
@@ -1 +1 @@
-deb [arch=amd64] https://apt.freedom.press trusty main
+deb [arch=amd64] https://apt-test.freedom.press trusty main
changed: [app] => (item=/etc/apt/sources.list.d/apt_freedom_press.list) => {"changed": true, "item": "/etc/apt/sources.list.d/apt_freedom_press.list", "msg": "1 replacements made"}
NOTIFIED HANDLER update apt cache
--- before: /etc/apt/security.list
+++ after: /etc/apt/security.list
@@ -2,5 +2,5 @@
deb-src http://security.ubuntu.com/ubuntu trusty-security main
deb http://security.ubuntu.com/ubuntu trusty-security universe
deb-src http://security.ubuntu.com/ubuntu trusty-security universe
-deb [arch=amd64] https://apt.freedom.press trusty main
+deb [arch=amd64] https://apt-test.freedom.press trusty main
deb http://deb.torproject.org/torproject.org trusty main
changed: [app] => (item=/etc/apt/security.list) => {"changed": true, "item": "/etc/apt/security.list", "msg": "1 replacements made"}
--- before: /etc/apt/sources.list.d/apt_freedom_press.list
+++ after: /etc/apt/sources.list.d/apt_freedom_press.list
@@ -1 +1 @@
-deb [arch=amd64] https://apt.freedom.press trusty main
+deb [arch=amd64] https://apt-test.freedom.press trusty main
changed: [mon] => (item=/etc/apt/sources.list.d/apt_freedom_press.list) => {"changed": true, "item": "/etc/apt/sources.list.d/apt_freedom_press.list", "msg": "1 replacements made"}
NOTIFIED HANDLER update apt cache
--- before: /etc/apt/security.list
+++ after: /etc/apt/security.list
@@ -2,5 +2,5 @@
deb-src http://security.ubuntu.com/ubuntu trusty-security main
deb http://security.ubuntu.com/ubuntu trusty-security universe
deb-src http://security.ubuntu.com/ubuntu trusty-security universe
-deb [arch=amd64] https://apt.freedom.press trusty main
+deb [arch=amd64] https://apt-test.freedom.press trusty main
deb http://deb.torproject.org/torproject.org trusty main
changed: [mon] => (item=/etc/apt/security.list) => {"changed": true, "item": "/etc/apt/security.list", "msg": "1 replacements made"}
RUNNING HANDLER [update apt cache] *********************************************
changed: [mon] => {"cache_update_time": 1507331058, "cache_updated": true, "changed": true}
changed: [app] => {"cache_update_time": 1507331060, "cache_updated": true, "changed": true}
PLAY RECAP *********************************************************************
app : ok=4 changed=3 unreachable=0 failed=0
mon : ok=4 changed=3 unreachable=0 failed=0
TASK: Switch apt repo URLs to staging. --------------------------------- 72.53s
TASK: Add apt public key for release-candidate repo. -------------------- 6.94s
TASK: setup ------------------------------------------------------------- 6.43s
Playbook finished: Fri Oct 6 23:04:32 2017, 3 total tasks. 0:01:25 elapsed.
(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ ansible all -a 'apt-key finger'
app | SUCCESS | rc=0 >>
/etc/apt/trusted.gpg
--------------------
pub 1024D/437D05B5 2004-09-12
Key fingerprint = 6302 39CC 130E 1A7F D81A 27B1 4097 6EAF 437D 05B5
uid Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
sub 2048g/79164387 2004-09-12
pub 1024D/FBB75451 2004-12-30
Key fingerprint = C598 6B4F 1257 FFA8 6632 CBA7 4618 1433 FBB7 5451
uid Ubuntu CD Image Automatic Signing Key <cdimage@ubuntu.com>
pub 4096R/C0B21F32 2012-05-11
Key fingerprint = 790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
uid Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>
pub 4096R/EFE21092 2012-05-11
Key fingerprint = 8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>
pub 2048R/2211B03C 2016-12-12
Key fingerprint = 4ED7 9CC3 362D 7D12 8370 4602 4A3B E4A9 2211 B03C
uid SecureDrop TESTING key <securedrop@freedom.press>
sub 2048R/4721D6D8 2016-12-12
/etc/apt/trusted.gpg.d/deb.torproject.org-keyring.gpg
-----------------------------------------------------
pub 2048R/886DDD89 2009-09-04 [expires: 2020-08-29]
Key fingerprint = A3C4 F0F9 79CA A22C DBA8 F512 EE8C BC9E 886D DD89
uid deb.torproject.org archive signing key
sub 2048R/219EC810 2009-09-04 [expires: 2018-08-30]
/etc/apt/trusted.gpg.d/securedrop-keyring.gpg
---------------------------------------------
pub 4096R/00F4AD77 2016-10-20 [expires: 2017-10-20]
Key fingerprint = 2224 5C81 E3BA EB41 38B3 6061 310F 5612 00F4 AD77
uid SecureDrop Release Signing Key
mon | SUCCESS | rc=0 >>
/etc/apt/trusted.gpg
--------------------
pub 1024D/437D05B5 2004-09-12
Key fingerprint = 6302 39CC 130E 1A7F D81A 27B1 4097 6EAF 437D 05B5
uid Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
sub 2048g/79164387 2004-09-12
pub 1024D/FBB75451 2004-12-30
Key fingerprint = C598 6B4F 1257 FFA8 6632 CBA7 4618 1433 FBB7 5451
uid Ubuntu CD Image Automatic Signing Key <cdimage@ubuntu.com>
pub 4096R/C0B21F32 2012-05-11
Key fingerprint = 790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
uid Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>
pub 4096R/EFE21092 2012-05-11
Key fingerprint = 8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>
pub 2048R/2211B03C 2016-12-12
Key fingerprint = 4ED7 9CC3 362D 7D12 8370 4602 4A3B E4A9 2211 B03C
uid SecureDrop TESTING key <securedrop@freedom.press>
sub 2048R/4721D6D8 2016-12-12
/etc/apt/trusted.gpg.d/deb.torproject.org-keyring.gpg
-----------------------------------------------------
pub 2048R/886DDD89 2009-09-04 [expires: 2020-08-29]
Key fingerprint = A3C4 F0F9 79CA A22C DBA8 F512 EE8C BC9E 886D DD89
uid deb.torproject.org archive signing key
sub 2048R/219EC810 2009-09-04 [expires: 2018-08-30]
/etc/apt/trusted.gpg.d/securedrop-keyring.gpg
---------------------------------------------
pub 4096R/00F4AD77 2016-10-20 [expires: 2017-10-20]
Key fingerprint = 2224 5C81 E3BA EB41 38B3 6061 310F 5612 00F4 AD77
uid SecureDrop Release Signing Key
(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ ssh app
Last login: Tue Oct 3 23:02:07 2017 from 127.0.0.1
no sessions
[detached]
vagrant@app-prod:~$ logout
Connection to xeqktoozou5q635q.onion closed.
(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ ssh mon
Last login: Tue Oct 3 23:02:07 2017 from 127.0.0.1
no sessions
[detached]
vagrant@mon-prod:~$ logout
Connection to hgxcxxhmtk4sgzc4.onion closed.
(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ ansible all -a 'apt-key finger'
app | SUCCESS | rc=0 >>
/etc/apt/trusted.gpg
--------------------
pub 1024D/437D05B5 2004-09-12
Key fingerprint = 6302 39CC 130E 1A7F D81A 27B1 4097 6EAF 437D 05B5
uid Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
sub 2048g/79164387 2004-09-12
pub 1024D/FBB75451 2004-12-30
Key fingerprint = C598 6B4F 1257 FFA8 6632 CBA7 4618 1433 FBB7 5451
uid Ubuntu CD Image Automatic Signing Key <cdimage@ubuntu.com>
pub 4096R/C0B21F32 2012-05-11
Key fingerprint = 790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
uid Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>
pub 4096R/EFE21092 2012-05-11
Key fingerprint = 8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>
pub 2048R/2211B03C 2016-12-12
Key fingerprint = 4ED7 9CC3 362D 7D12 8370 4602 4A3B E4A9 2211 B03C
uid SecureDrop TESTING key <securedrop@freedom.press>
sub 2048R/4721D6D8 2016-12-12
/etc/apt/trusted.gpg.d/deb.torproject.org-keyring.gpg
-----------------------------------------------------
pub 2048R/886DDD89 2009-09-04 [expires: 2020-08-29]
Key fingerprint = A3C4 F0F9 79CA A22C DBA8 F512 EE8C BC9E 886D DD89
uid deb.torproject.org archive signing key
sub 2048R/219EC810 2009-09-04 [expires: 2018-08-30]
/etc/apt/trusted.gpg.d/securedrop-keyring.gpg
---------------------------------------------
pub 4096R/00F4AD77 2016-10-20 [expires: 2018-10-05]
Key fingerprint = 2224 5C81 E3BA EB41 38B3 6061 310F 5612 00F4 AD77
uid SecureDrop Release Signing Key
mon | SUCCESS | rc=0 >>
/etc/apt/trusted.gpg
--------------------
pub 1024D/437D05B5 2004-09-12
Key fingerprint = 6302 39CC 130E 1A7F D81A 27B1 4097 6EAF 437D 05B5
uid Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
sub 2048g/79164387 2004-09-12
pub 1024D/FBB75451 2004-12-30
Key fingerprint = C598 6B4F 1257 FFA8 6632 CBA7 4618 1433 FBB7 5451
uid Ubuntu CD Image Automatic Signing Key <cdimage@ubuntu.com>
pub 4096R/C0B21F32 2012-05-11
Key fingerprint = 790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
uid Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>
pub 4096R/EFE21092 2012-05-11
Key fingerprint = 8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>
pub 2048R/2211B03C 2016-12-12
Key fingerprint = 4ED7 9CC3 362D 7D12 8370 4602 4A3B E4A9 2211 B03C
uid SecureDrop TESTING key <securedrop@freedom.press>
sub 2048R/4721D6D8 2016-12-12
/etc/apt/trusted.gpg.d/deb.torproject.org-keyring.gpg
-----------------------------------------------------
pub 2048R/886DDD89 2009-09-04 [expires: 2020-08-29]
Key fingerprint = A3C4 F0F9 79CA A22C DBA8 F512 EE8C BC9E 886D DD89
uid deb.torproject.org archive signing key
sub 2048R/219EC810 2009-09-04 [expires: 2018-08-30]
/etc/apt/trusted.gpg.d/securedrop-keyring.gpg
---------------------------------------------
pub 4096R/00F4AD77 2016-10-20 [expires: 2018-10-05]
Key fingerprint = 2224 5C81 E3BA EB41 38B3 6061 310F 5612 00F4 AD77
uid SecureDrop Release Signing Key
(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment