Capistrano bitbucket - Permission denied (publicke

2019-03-26 04:55发布

站内问答 / 后端开发
414 2 4

I'm trying to deploy my application using Capistrano towards my DigitalOcean server.

This isn't the first time I've configured a RoR server on DigitalOcean with Capistrano deploys that's why I'm confused; I haven't changed anything in my workflow.

Here is my Capistrano configuration file:

require 'bundler/capistrano'
require 'rvm/capistrano'

set :application, "foobar"
set :repository,  "git@bitbucket.org:sergiotapia/foobar.git"
set :ping_url, "http://192.168.1.1/"
set :scm, :git
set :scm_verbose, true
default_run_options[:pty] = true

set :user, "sergiotapia" # The user on the VPS server.
set :password, "hunter2"
set :use_sudo, false
set :deploy_to, "/home/sergiotapia/www/#{application}"
set :deploy_via, :remote_cache
set :keep_releases, 1
set :rails_env, "production"
set :migrate_target, :latest

role :web, "192.168.1.1"
role :app, "192.168.1.1"

namespace :deploy do
  task :start do ; end
  task :stop do ; end
  task :restart, roles: :app, except: { no_release: true } do
    run "sudo touch #{File.join(current_path,'tmp','restart.txt')}"
  end
end

# Add this to add the `deploy:ping` task:
namespace :deploy do
  task :ping do
    system "curl --silent #{fetch(:ping_url)}"
  end
end

namespace :gems do
  task :bundle, :roles => :app do
    run "cd #{release_path} && bundle install --without development && rake db:migrate RAILS_ENV=production"
  end
end

after "deploy:update_code", "gems:bundle"

# Add this to automatically ping the server after a restart:
after "deploy:restart", "deploy:ping"

When running a cap deploy:setup and cap deploy:check everything comes back green-lighted (working fine).

It fails on the actual cap deploy command.

** [192.168.1.1 :: out] Enter passphrase for key '/home/sergiotapia/.ssh/id_rsa':
Password: 
** [192.168.1.1 :: out]
** [192.168.1.1 :: out] Permission denied (publickey).
** [192.168.1.1 :: out]
** [192.168.1.1 :: out] fatal: Could not read from remote repository.
** [192.168.1.1 :: out]
** [192.168.1.1 :: out]
** [192.168.1.1 :: out] Please make sure you have the correct access rights
** [192.168.1.1 :: out]
** [192.168.1.1 :: out] and the repository exists.
** [192.168.1.1 :: out]

I've already added my id_rsa.pub file to BitBucket and also made sure it's added to my SSH agent using the ssh-add -l command.

Even testing out SSH from the remote server works fine:

sergiotapia@tappia:~/www$ ssh -T git@bitbucket.org
logged in as sergiotapia.

You can use git or hg to connect to Bitbucket. Shell access is disabled.

So what gives, why is denying me access to the repository on BitBucket?

Is Capistrano running as a user other than sergiotapia? Would that be the cause of it?

2条回答
爱情/是我丢掉的垃圾
2楼-- · 2019-03-26 04:57

Make sure to add your ssh key to the authentication agent:

ssh-add ~/.ssh/id_rsa

and ensure in deploy.rb

ssh_options[:forward_agent] = true

Edit: If you are losing the ssh-add configuration on reboots, you should do the following:

As of macOS Sierra 10.12.2 Apple added an ssh_config option called UseKeychain which allows a 'proper' resolution to the problem. Add the following to your ~/.ssh/config file:

Host *
   AddKeysToAgent yes
   UseKeychain yes
查看更多
0人赞 添加讨论(0) 举报
SAY GOODBYE
3楼-- · 2019-03-26 05:24
  1. You can setup the SSH agent on the :app server,
  2. Setup keys that do not require a passphrase between the :app server and bitbucket.
  3. Change deploy_via to: :deploy_via, :copy (No need for the deployed server to checkout files, potentially slower though.)
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)