keyserver in template with saltstack unreachable
40 views
Skip to first unread message
lik...@gmx.de
Dec 4, 2021, 7:13:55 AM12/4/21
to qubes...@googlegroups.com
Hi,
I'm using in my saltstack formulas creating of repositories in a debian template e.g.
add-repo:
pkgrepo.managed:
- name: deb http://repository.spotify.com stable non-free
- file: /etc/apt/sources.list.d/spotify-client.list
- humanname: spotify
- keyid: 5E3C45D7B312C643
- keyserver: keys.openpgpg.org
- gpgkey: https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg
- gpgcheck: 1
Unfortunately, I get this error after execution:
ID: add-repo
Function: pkgrepo.managed
Name: deb http://repository.spotify.com stable non-free
Result: False
Comment: Failed to configure repo 'deb [trusted=yes] http://repository.spotify.com stable non-free': Error: key retrieval failed: Executing: /tmp/apt-key-gpghome.xyY44SvGz1/gpg.1.sh --batch --keyserver keys.openpgpg.org --logger-fd 1 --recv-keys 5E3C45D7B312C643
gpg: keyserver receive failed: Network is unreachable
Any ideas how to fix that? Is that connected that templates are using a proxy for outbound connections which salt is not able to use for retrieving keys?
Btw. none of the options works: keyid + keyserver nor gpgkey. I just added both of the in the salt snipped.
Thanks! P.
I'm using in my saltstack formulas creating of repositories in a debian template e.g.
add-repo:
pkgrepo.managed:
- name: deb http://repository.spotify.com stable non-free
- file: /etc/apt/sources.list.d/spotify-client.list
- humanname: spotify
- keyid: 5E3C45D7B312C643
- keyserver: keys.openpgpg.org
- gpgkey: https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg
- gpgcheck: 1
Unfortunately, I get this error after execution:
ID: add-repo
Function: pkgrepo.managed
Name: deb http://repository.spotify.com stable non-free
Result: False
Comment: Failed to configure repo 'deb [trusted=yes] http://repository.spotify.com stable non-free': Error: key retrieval failed: Executing: /tmp/apt-key-gpghome.xyY44SvGz1/gpg.1.sh --batch --keyserver keys.openpgpg.org --logger-fd 1 --recv-keys 5E3C45D7B312C643
gpg: keyserver receive failed: Network is unreachable
Any ideas how to fix that? Is that connected that templates are using a proxy for outbound connections which salt is not able to use for retrieving keys?
Btw. none of the options works: keyid + keyserver nor gpgkey. I just added both of the in the salt snipped.
Thanks! P.
unman
Dec 4, 2021, 8:50:43 AM12/4/21
to qubes...@googlegroups.com
a proxy.
I have a note on this at http://github.com/unman/notes/ - that's a way
to get keys in to the template. Run that and keep the key retrieval out
of the salt state. Its workable.
Reply all
Reply to author
Forward
0 new messages