Skip to main content

Common Issues

Error: SSH key not found: main

The issue is that there is not SSH called main in your Hetzner Project. Please refer to section ssh-section

Error: Could not assume role with OIDC: Not authorized to perform sts:AssumeRoleWithWebIdentity

The issue is that the github runner do not have permissions to assume the IAM role in AWS. Make sure that:

  1. The Trusted Policy the repository name is the correct one.
  2. The IAM role github-oidc exists and is called github-oidc
Error: volume deletion is protected

You might face this issue when terraform tries to destroy/replace the volume. The reason is that by default the volume is protected. To allow destroying the existing volume you can set volume_delete_protection = false in containers-host/terragrunt.hcl before running the terraform destroy.

Alternatively you can disable manually the delete protection from the Hetzner console and re-run terraform destroy.

ERROR Error checking access to S3 bucket

The issue is that the name for the S3 bucket you choose is already in use very likely from another AWS account. You need to update the AWS_S3_BUCKET to use a different name.

Error: cannot change type because the selected server_type has not sufficient disk space

This issue is because you are trying to replace the VPS with an instance type that is smaller compared to the previous one. The reason is that the smaller instance types comes with smaller root disks.

error: unable to authenticate with universal auth [err=APIError: CallUniversalAuthLogin unsuccessful response

You will see this error in logs of the deployr script. The reason might be one of the followings:

  1. The infisical client ID might be set wrong
  2. The infisical client secret is wrong
  3. The infisical project ID is wrong
  4. The infisical_api_url is set to wrong region.

Please review the configuration of External Secret at the preparation page.

conflicts with imported resourcei

You will see this error in logs of the deployr script. The reason is that you have define two services with the same name in two different docker-compose.yaml files. You need to rename one of the two services so both are unique.