Capistrano and GitHub Private Repo – Permission de

2020-06-03 06:54发布

站内问答 / 后端开发
578 5 6

I've inherited a Rails project, hosted on Linode.

The previous developer was using a BitBucket repository, along with Capistrano for deployments.

I've since setup a private repository on GitHub, and I'm trying to get the Capistrano recipe to work. I'm having no luck. I continue to get a publickey error during deployment.

Here are the steps I've taken –

  1. Updated the Git remote (origin) URL on the Linode server to point to my new repository
  2. Updated the repository reference in the Capfile, to reference my new repository
  3. Ensured ssh_options[:forward_agent] was set to true in the Capfile
  4. Generated an SSH key locally (id_rsa.pub) and added it to my user account in GitHub
  5. Executed the ssh-add command, to ensure the identity was added for auth agent
  6. Ran ssh -T git@github.com to confirm ssh was properly setup locally
  7. Logged into my Linode server and ran ssh -T git@github.com to ensure it was working also

Additionally, just in case the forward_agent property wasn't working, I even tried generating an SSH key on the Linode server, and adding it to GitHub as well. No luck.

After all of this, when I run cap deploy, I get the following error:

Permission denied (publickey).
fatal: The remote end hung up unexpectedly

Below is the recipe I'm using – 

require "bundler/capistrano"

server "----SERVER IP----", :web, :app, :db, primary: true

set :application, "blog"
set :user, "deployer"
set :deploy_to, "/var/www/blog"
set :deploy_via, :remote_cache
set :use_sudo, false

set :scm, "git"
set :repository, "git@github.com:--MY USERNAME--/blog.git"
set :branch, "master"

default_run_options[:pty] = true
ssh_options[:forward_agent] = true

after "deploy", "deploy:cleanup" # keep only the last 5 releases

namespace :deploy do
  task :start do; end
  task :stop do; end
  task :restart, roles: :app, except: {no_release: true} do
    run "touch #{deploy_to}/current/tmp/restart.txt"
  end

  task :setup_config, roles: :app do
    sudo "ln -nfs #{current_path}/config/apache.conf /etc/apache2/sites-available/blog"
    run "mkdir -p #{shared_path}/config"
    put File.read("config/database.example.yml"), "#{shared_path}/config/database.yml"
    puts "Now edit the config files in #{shared_path}."
  end
  after "deploy:setup", "deploy:setup_config"

  task :symlink_config, roles: :app do
    run "ln -nfs #{shared_path}/config/database.yml #{release_path}/config/database.yml"
    run "ln -nfs #{shared_path}/public/avatars #{release_path}/public/avatars"    
  end
  after "deploy:finalize_update", "deploy:symlink_config"

  desc "Make sure local git is in sync with remote."
  task :check_revision, roles: :web do
    unless `git rev-parse HEAD` == `git rev-parse origin/master`
      puts "WARNING: HEAD is not the same as origin/master"
      puts "Run `git push` to sync changes."
      exit
    end
  end
  before "deploy", "deploy:check_revision"
end

I can't seem to figure out where I'm going wrong – any help would be greatly appreciated.

UPDATE

I've also ensured the following was added to my local ~/.ssh/config file...

Host mydomain.com
  ForwardAgent yes

5条回答
ら.Afraid
2楼-- · 2020-06-03 07:16

Today I found the root cause on MAC. My ssh key was not added to the authentication agent so the key was not forwarded. The solution was to execute the following command:

 ssh-add ~/.ssh/id_dsa

(or ssh-add ~/.ssh/id_rsa if you use rsa key)

To remove all the ssh keys added to agent 

ssh-add -D
查看更多
0人赞 添加讨论(0) 举报
狗以群分
3楼-- · 2020-06-03 07:18

for me the only way it has deploy was:

adding the local id_rsa to the server cat ~/.ssh/github_rsa.pub | ssh -i /Users/jasmo2/Documents/AWS-keypair/designmatch.pem ubuntu@52.37.202.32 "cat >> .ssh/authorized_keys"

after typing the command. Is preferable to set the set :ssh_options. Then set :use_sudo, true on the deploy.rb file. Finally instal

  • On the server :

sudo apt-get install libpq-dev gem install pg -v '0.18.4'

  • On the deploy.rb (local):

desc 'Restart application' task :restart do on roles(:app), in: :sequence, wait: 5 do execute :mkdir, '-p', "#{ release_path }/tmp" execute :touch, release_path.join('tmp/restart.txt') end end

查看更多
0人赞 添加讨论(0) 举报
太酷不给撩
4楼-- · 2020-06-03 07:19

Similarly I could SSH from dev machine to the staging machine and also SSH from staging machine to github.com.

However cap deploy failed doing the git clone 

Permission denied (publickey).

however the git ls-remote worked which is strange.

If I added this to my config on the staging machine it works

Host github.com 
    Hostname github.com 
    IdentityFile ~/.ssh/git 
    User git
查看更多
0人赞 添加讨论(0) 举报
Melony?
5楼-- · 2020-06-03 07:29

If you're still stuck I answered a similar question as yours here: SSH Agent Forwarding not working

Check if your key is added to the list of agent identities with ssh-add -L.

查看更多
0人赞 添加讨论(0) 举报
对你真心纯属浪费
6楼-- · 2020-06-03 07:35

Try adding the following line to your Capistrano script, this will explicitly tell Capistrano what key it should be using.

set :ssh_options, { 
  forward_agent: true, 
  paranoid: true, 
  keys: "~/.ssh/id_rsa" 
}
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)