Common Issues
Error: SSH key not found: main
The issue is that there is not SSH called main in your Hetzner Project. Please refer to section ssh-section
Error: Could not assume role with OIDC: Not authorized to perform sts:AssumeRoleWithWebIdentity
The issue is that the github runner do not have permissions to assume the IAM role in AWS. Make sure that:
- The Trusted Policy the repository name is the correct one.
- The IAM role
github-oidc
exists and is calledgithub-oidc
Error: volume deletion is protected
You might face this issue when terraform tries to destroy/replace the volume. The reason is that by default the volume is protected. To allow destroying the existing volume you can set volume_delete_protection = false
in containers-host/terragrunt.hcl
before running the terraform destroy.
Alternatively you can disable manually the delete protection from the Hetzner console and re-run terraform destroy.
ERROR Error checking access to S3 bucket
The issue is that the name for the S3 bucket you choose is already in use very likely from another AWS account. You need to update the AWS_S3_BUCKET
to use a different name.
Error: cannot change type because the selected server_type has not sufficient disk space
This issue is because you are trying to replace the VPS with an instance type that is smaller compared to the previous one. The reason is that the smaller instance types comes with smaller root disks.
error: unable to authenticate with universal auth [err=APIError: CallUniversalAuthLogin unsuccessful response
You will see this error in logs of the deployr script. The reason might be one of the followings:
- The infisical client ID might be set wrong
- The infisical client secret is wrong
- The infisical project ID is wrong
- The infisical_api_url is set to wrong region.
Please review the configuration of External Secret at the preparation page.
conflicts with imported resourcei
You will see this error in logs of the deployr script. The reason is that you have define two services with the same name in two different docker-compose.yaml
files. You need to rename one of the two services so both are unique.