Ale*_*der 8 git ruby-on-rails ssh-agent capistrano3
本地操作系统:Windows 10 Pro(使用 Git Bash 作为我的终端)
暂存服务器操作系统:Ubuntu 16.04 LTS
我一直在努力让基本的 Capistrano 部署在我的登台服务器上工作。我按照本指南设置了 Capistrano。
git:check由于据称无权访问我在 GitLab上的存储库,部署过程总是在舞台上失败。我确信我的 SSH 代理转发工作正常,因为我能够通过 SSH 连接到我的服务器并使用我的 SSH 密钥访问 GitLab。SSH 密钥未存储在我服务器上的任何位置:
$ ssh deploy@myserver.com
deploy@MyServer:~$ ssh -T git@gitlab.com
debug1: client_input_channel_open: ctype auth-agent@openssh.com rchan 2 win 65536 max 16384
debug1: channel 1: new [authentication agent connection]
debug1: confirm auth-agent@openssh.com
Welcome to GitLab, Alexander!debug1: channel 1: FORCE input drain
到目前为止,关于这个问题的所有问题都没有对我有用。
这是我的部署文件:
部署文件
set :application, "myapp"
set :branch, "master"
set :repo_url, "git@gitlab.com:MyApp/myapp.git"
# Defaults to false
# Skip migration if files in db/migrate were not modified
set :conditionally_migrate, true
set :ssh_options, { forward_agent: true }
set :rvm_ruby_version, '2.2.6'
# Default deploy_to directory is /var/www/my_app_name
set :deploy_to, "/var/www/#{fetch(:application)}/"
set :deploy_user, "deploy"
# Tells Capistrano to store config/database.yml file inside a directory called /shared, which is meant for any files
# we want to persist between deploys
set :linked_files, fetch(:linked_files, []).push('config/database.yml', 'config/secrets.yml')
# Directories that are meant to persist between deploys, and they will also be stored inside /shared
set :linked_dirs, fetch(:linked_dirs, []).push('bin', 'log', 'tmp/pids', 'tmp/cache', 'tmp/sockets', 'vendor/bundle', 'public/system', 'public/uploads')
# The specs that should be run before deployment is allowed to continue
set :tests, []
# Delayed Job Config: https://github.com/AgileConsultingLLC/capistrano3-delayed-job
set :delayed_job_workers, 3
# Keep the last 5 deploys for rollback purposes
set :keep_releases, 5
namespace :deploy do
after :restart, :clear_cache do
on roles(:web), in: :groups, limit: 3, wait: 10 do
# Here we can do anything such as:
# within release_path do
# execute :rake, 'cache:clear'
# end
end
end
end
分期文件
set :stage, :staging
set :rails_env, :staging
role :app, %w{deploy@myserver.com}
role :web, %w{deploy@myserver.com}
role :db, %w{deploy@myserver.com}
这是我部署时的 Capistrano 调试日志:
$ bundle exec cap staging deploy --trace
** Invoke staging (first_time)
** Execute staging
** Invoke load:defaults (first_time)
** Execute load:defaults
** Invoke rvm:hook (first_time)
** Invoke passenger:rvm:hook (first_time)
** Invoke passenger:test_which_passenger (first_time)
** Execute passenger:test_which_passenger
** Execute passenger:rvm:hook
** Execute rvm:hook
** Invoke rvm:check (first_time)
** Execute rvm:check
rvm 1.29.3 (latest) by Michal Papis, Piotr Kuczynski, Wayne E. Seguin [https://rvm.io]
ruby-2.2.6
ruby 2.2.6p396 (2016-11-15 revision 56800) [x86_64-linux]
** Invoke bundler:map_bins (first_time)
** Invoke passenger:bundler:hook (first_time)
** Execute passenger:bundler:hook
** Execute bundler:map_bins
** Invoke deploy:set_rails_env (first_time)
** Execute deploy:set_rails_env
** Invoke deploy:set_linked_dirs (first_time)
** Execute deploy:set_linked_dirs
** Invoke deploy:set_rails_env
** Invoke deploy (first_time)
** Execute deploy
** Invoke deploy:starting (first_time)
** Execute deploy:starting
** Invoke deploy:check (first_time)
** Invoke git:check (first_time)
** Invoke git:wrapper (first_time)
** Execute git:wrapper
00:00 git:wrapper
01 mkdir -p /tmp
? 01 deploy@myserver.com 0.286s
Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
02 chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
? 02 deploy@myserver.com 0.277s
** Execute git:check
00:01 git:check
01 git ls-remote git@gitlab.com:MyApp/myapp.git HEAD
01 Permission denied (publickey).
01 fatal: Could not read from remote repository.
01
01 Please make sure you have the correct access rights
01 and the repository exists.
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as deploy@myserver.com: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
Caused by:
SSHKit::Command::Failed: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/command.rb:99:in `exit_status='
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/netssh.rb:169:in `execute_command'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `block in create_command_and_execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `tap'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `create_command_and_execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:74:in `execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/git.rb:77:in `git'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/git.rb:38:in `check_repo_is_reachable'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/tasks/git.rake:19:in `block (4 levels) in eval_rakefile'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:93:in `with'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/tasks/git.rake:18:in `block (3 levels) in eval_rakefile'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:29:in `instance_exec'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:29:in `run'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
Tasks: TOP => deploy:check => git:check
The deploy has failed with an error: Exception while executing as deploy@myserver.com: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
** Invoke deploy:failed (first_time)
** Execute deploy:failed
** DEPLOY FAILED
** Refer to log/capistrano.log for details. Here are the last 20 lines:
DEBUG [6b6ba2d0] Finished in 0.471 seconds with exit status 0 (successful).
DEBUG [c6e2d7dc] Running ~/.rvm/bin/rvm 2.2.6 do ruby --version as deploy@myserver.com
DEBUG [c6e2d7dc] Command: ~/.rvm/bin/rvm 2.2.6 do ruby --version
DEBUG [c6e2d7dc] ruby 2.2.6p396 (2016-11-15 revision 56800) [x86_64-linux]
DEBUG [c6e2d7dc] Finished in 0.608 seconds with exit status 0 (successful).
INFO [fd5500a8] Running /usr/bin/env mkdir -p /tmp as deploy@myserver.com
DEBUG [fd5500a8] Command: /usr/bin/env mkdir -p /tmp
INFO [fd5500a8] Finished in 0.286 seconds with exit status 0 (successful).
DEBUG Uploading /tmp/git-ssh-myapp-staging-localuser.sh 0.0%
INFO Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
INFO [f33d4873] Running /usr/bin/env chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh as deploy@myserver.com
DEBUG [f33d4873] Command: /usr/bin/env chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
INFO [f33d4873] Finished in 0.277 seconds with exit status 0 (successful).
INFO [86d3cd5a] Running /usr/bin/env git ls-remote git@gitlab.com:MyApp/myapp.git HEAD as deploy@myserver.com
DEBUG [86d3cd5a] Command: ( export GIT_ASKPASS="/bin/echo" GIT_SSH="/tmp/git-ssh-myapp-staging-localuser.sh" ; /usr/bin/env git ls-remote git@gitlab.com:MyApp/myapp.git HEAD )
DEBUG [86d3cd5a] Permission denied (publickey).
DEBUG [86d3cd5a] fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
我尝试手动运行 Capistrano 在本地和远程服务器上尝试的命令,它们都成功了。我真的被困住了,任何帮助将不胜感激!
感谢所有回答的人,我已经设法找到了解决方案!罪魁祸首是 Git Bash,无论出于何种原因,~/.ssh当我运行chmod 700 ~/.ssh. 这阻止了 SSH 代理转发在 Capistrano 部署时工作,但在我手动通过 SSH 连接到我的服务器时不会工作。我决定尝试在 Windows (BUW) 上的 Ubuntu 上使用 Bash 而不是 Git Bash,果然,我的部署成功了!我将完全相同的配置和密钥从 Git Bash 复制到 BUW。唯一的区别是我能够将 BUW~/.ssh目录的权限更改为 0700。话虽如此,这里是我的问题的解决方案:
1. 创建部署密钥并将其添加到 GitLab
正如@Onur 和@grizzthedj 以及@Gokul M 所指出的,我需要为 GitLab 创建一个部署密钥并在我的服务器上对其进行授权。这是我如何做到的:
ssh-keygen -t rsa -b 4096cat ~/.ssh/id_rsa.pub~/.ssh/authorized_keys2.使用BUW代替Git Bash
~/.ssh:chmod 700 ~/.ssh启动 SSH 代理并将我的部署密钥添加到其中:
eval $(ssh-agent -s)
ssh-add ~/.ssh/id_rsa
我已经set :ssh_options从我的deploy.rb文件中删除了这一行,因为没有它它也能正常工作。
就是这样!从现在开始,我似乎将使用 BUW 进行部署。
按照以下步骤将您的公钥添加到您的存储库设置中的部署密钥列表中:
本地机器设置:
检查您的本地系统是否有~/.ssh/id_rsa.pub密钥文件。如果没有,请创建一个新的:
$ ssh-keygen -t rsa
~/.ssh/id_rsa.pub在设置中将新创建的公钥添加到存储库的部署(访问)密钥中:
将密钥加载到ssh-agent:
检查是否ssh-agent正在运行,如果没有,启动ssh代理
$ ssh-agent /bin/bash
将id_rsa密钥添加到代理:
$ ssh-add ~/.ssh/id_rsa
注意:有时,如果您在部署期间收到“拒绝访问存储库”错误,则需要在每次部署之前完成此步骤(步骤 - 3)。
将您的本地 SSH Key 添加到部署服务器 Authorized Keys 文件中(记住将端口号替换为您自定义的端口号):
$ cat ~/.ssh/id_rsa.pub | ssh -p port_num user@server_ip 'cat >> ~/.ssh/authorized_keys'
参考: https : //www.digitalocean.com/community/tutorials/deploying-a-rails-app-on-ubuntu-14-04-with-capistrano-nginx-and-puma
部署文件
尝试改变ssh_options在deploy.rb文件,如下:
set :ssh_options, { forward_agent: true, user: "deploy", auth_methods: ['publickey'], keys: %w(~/.ssh/privatekey.pem) }
替换~/.ssh/privatekey.pem为您的 SSH 私钥文件路径。
部署:
只需运行cap staging deploy即可部署到服务器。
更换staging在cap需要部署命令与环境。
| 归档时间: |
|
| 查看次数: |
4932 次 |
| 最近记录: |