I'm deploying a rails app on digital ocean, following this link. When I followed the exact steps, it worked perfectly. But then I realized the github repository is public. I should have it as private. I create a private repository and changed the remote origin in my local. I put the ssh keys in the new private repository. Removed the old apps folder in the server. And then tried to clone from the remote repository but it asks for password. (It should have taken the ssh key??).
Also I changed the deploy.rb and nginx.conf to reflect the changes of the remote repository and then gave this command, cap production deploy:initial, but it fails, due to authentication failure in git.
Why does it fail? Why is the ssh key not taking effect?
Maybe it is because you have not enabled ssh forwarding for digital ocean? To verify, first edit the $HOME/.ssh/config on your local pc:
host *
ForwardAgent yes
Now try to run cap production deploy:initial. If it works without a password now, then you should change the host * to actually match the hostname of your ssh host, so ForwardAgent is only set for digital ocean:
host digitalocean.com
ForwardAgent yes
For your use case: ForwardAgent enables the server to use your local ssh keys, so your deploy user has the same "ssh rights" like your local user.
This looks like capistrano is still using the old git remote address. When you change the remote url, it is not enough to do this inside deploy.rb etc, but you have to manually change the file repo/config inside the deployment dir of capistrono on the server when you already deployed it with an old remote url before.
So, if you have the following inside your deploy.rb (or deploy/production.rb)
set :deploy_to, '/var/www/path/to/deploy'
You have to manually edit the file on the server
/var/www/path/to/deploy/repo/config
and amend the url = XXX entry of your remote to match the new one.
Related
I have set up a vps everything according to the https://github.com/intercity/chef-repo instructions. I have set up Capistrano but when i try cap production deploy:check
it keeps asking for deploy password. But i don't have one because it is generated through the intercity node. I have the public key of my server in the node file.
Check that you can log in via normal SSH manually. Guessing you didn't get the SSH keys installed correctly.
I am using capistrano for deployment of my rails application. In my config/deploy.rb file how should I give the repo url.
I am following this tutorial:
https://gorails.com/deploy/ubuntu/14.04
Instead of
set :repo_url, 'git#github.com:excid3/myapp.git'
what should be given there if I am using bitbucket
For bitbucket, you would use:
git#bitbucket.org:accountname/reponame.git
or
ssh://git#bitbucket.org/accountname/reponame.git
See "Use the SSH protocol with Bitbucket"
Note: the comments of the tutorial mentioned in the question add:
Your local key in ~/.ssh/id_rsa will be tried against the server's /home/deploy/authorized_keys file.
Capistrano won't allow password authentication, so you must make sure you ran the ssh-copy-id to add your pub key to the server deploy user's authorized_keys file.
This is my first time using linode and uploading a Rails app to a VPS, so I might of skipped something obvious.
I followed two tutorials
Ryan Bates video to deploying to a vps
and
David's answer on Stackoverflow
I am at the point where I want to deploy my rails app on Linode (Ubuntu 13.10)
When I execute the command bundle exec cap deploy:update
I get the errors that Linode cannot connect to github due to a public key
user:my-app User$ bundle exec cap deploy:update
* 2014-02-12 17:19:46 executing `deploy:update'
** transaction: start
* 2014-02-12 17:19:46 executing `deploy:update_code'
updating the cached checkout on all servers
executing locally: "git ls-remote git#github.com:user/my-app.git master"
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
*** [deploy:update_code] rolling back
* executing "rm -rf /home/user/apps/my-app/releases/20140212091953; true"
servers: ["XXX.XXX.XX.XX"]
[XXX.XXX.XX.XX] executing command
command finished in 4607ms
Command git ls-remote git#github.com:user/my-app.git master returned status code pid 1529 exit 128
On my local machine I have no problem to commit and push my app on Github and I have RSA Keys on my local computer. It just asks me to login with my username and password each time I push my app.
On linode from the shell, I can connect to github by using ssh -vT git#github.com. I do have the RSA keys on the linode server and I added the ssh-agent using ssh-add
my deploy.rb
set :application, "my-app"
set :user, "user"
set :deploy_to, "/home/#{user}/apps/#{application}"
set :deploy_via, :remote_cache
set :use_sudo, false
set :keep_releases, 3
default_run_options[:pty] = true
set :scm, :git
set :repository, "git#github.com:user/#{application}.git"
set :ssh_options, { :forward_agent => true }
# ssh_options[:forward_agent] = true
set :branch, "master"
I am a bit at a loss.
EDIT: I have a private repository
I just moved from Linux to Mac OSx. Thus, I have imported whole .ssh folder from linux to mac. While moving from linux to linux it worked, but to make it work on Mac, I had also to run:
ssh-add
That's the whole fix ;) See http://peteoliveira.com/deploying-with-capistrano-3-failing-permission-denied-publickey/ for more info.
So I found the solution to this github connection. I actually have another problem with the deployment where the bundle install fails. Anyways here is what I learned and I hope it will help others.
What you need to know:
With Capistrano when you wish to push your public or private Github
repository onto your VPS server, you need to make sure that BOTH your
server and your computer has an SSH access with Github.
Even if you can git push origin master it doesn't mean you have SSH
access with Github. Here is how you troubleshoot:
A) Make sure you can SSH access from your computer
Make sure you have Git installed on your machine Set up Git
tutorial
Make sure that you have an SSH Key on your local machine (with Linux
or Mac)
cd ~/.ssh then
ls -a
and look for the files id_rsa and id_rsa.pub
If you don't have these rsa files, follow this tutorial
Generating SSH keys
Copy your SSH key
pbcopy < ~/.ssh/id_rsa.pub
# Copies the contents of the id_rsa.pub file to your clipboard
Login with your browser on http://www.github.com and go to
your_username -> edit profile -> settings -> ssh keys
https://github.com/settings/ssh. Click the button Add keys, add the name that identifies your comptuter and paste the key code that you previously copied.
Make sure you have SSH Agent on. In Terminal type
ssh-add #enter a passphrase if you want to (recommended)
Test if you can SSH with Github
ssh git#github.com
The first time it may ask you to accept the connection.
You should get the following response
PTY allocation request failed on channel 0
Hi username! You've successfully authenticated, but GitHub does not provide shell access.
Connection to github.com closed.
You can also make sure that your id_rsa is properly found by running
ssh -vT git#github.com
# make sure that this line is not -1 (it means it couldn't find the file)
=> debug1: identity file /Users/YOUR_USERNAME/.ssh/id_rsa type 1
Now you shouldn't have permission denied (Public Key)
B) Make sure you can SSH access from your server
Run ssh root#your_server_ip_address if you didn't setup a user on your server or ssh username#your_server_ip_address. You will then be within the server shell and you want to repeat the same process for your computer.
NOTE: The server SSH Keys will be different than your computer. That means that on Github you need to add 2 SSH Keys, one for your computer and one for your server. That is why you need to repeat the process on both machines. Also to keep it simple, do not try to have more than one SSH Key on each machine.
NOTE 2: In your server after you generated your SSH key, to copy it run the command cat ~/.ssh/id_rsa.pub
Once both your computer and the server are accepted on Github, then you can update your rails app using capistrano and your Github repository. Yay!
When I deploy a Rails app to Amazon EC2 server with using Capistrano, I get
** [IP.compute-1.amazonaws.com :: out] Permission denied (publickey).
** [IP.compute-1.amazonaws.com :: out] fatal: The remote end hung up unexpectedly
while executing the
git clone
command.
I think it has something to do with Github keys, but I don't know how to set it up.
I would be grateful for every advise!
Thanks!
EDIT:
I generated the new key on Github, put it into id_rsa.pub and on my EC2 server I created the file .ssh/authorized_keys with this key, but it still doesn't work.
What's wrong with that?
To use ssh agent:
ssh_options[:forward_agent] = true
To use your pem file:
ssh_options[:auth_methods] = ["publickey"]
ssh_options[:keys] = ["/path/to/file.pem"]
To enable agent in your local
$ ssh-add
You will have to execute this command each time, I don't know the scope of 'each time', I added ssh-add to run each time I open a new tab in terminal with echo ssh-add >> ~/.bashrc, depending in your OS and configuration.
The process, as far as I understand is this:
You have an ssh-agent in your local
You connect to server you are deploying with pem file, as you do with ssh, but this time through Capistrano
Remote server uses your agent to use your key to checkout git repo inside deploy machine.
Can you first SSH to your EC2 instance and then second, clone your github repo from the EC2 instance using the ssh keys that are installed on your EC2 instance?
With all of these distributed workflows things can get a little confusing, so let me try and puzzle out what you're doing wrong.
The id_rsa.pub that you installed on Github corresponds with private key. Usually, this is in ~/.ssh/id_rsa This keypair enables a holder of the private key to SSH to github.
.ssh/authorized_keys is an SSH server configuration. authorized_keys contains the public keys (i.e., id_rsa.pub) to enables an SSH server to accept incoming connections from machines with the corresponding private key. The authorized_keys file is not relevant to your cloning issue.
The EC2 instance is trying to contact the Github repository in order to clone the repository from Github, and failing. The EC2 instance needs a private key configured to match up with the corresponding public (Github) key for the account.
Generate a new keypair on the EC2 instance, and add the public key from the new keypair to your Github account.
ruby on my development machine:ruby 1.8.7 (2010-01-10 patchlevel 249) [i486-linux]
capistrano on my development machine: Capistrano v2.5.5
OS on development machine: ubuntu 10.04 desktop edition
server is Amazon web service instance running on ubuntu server 64 bit 10.04
ruby on server: ruby 1.8.7 (2010-01-10 patchlevel 249) [x86_64-linux]
Capistrano v2.5.5
deploy.rb: http://gist.github.com/643504
what i want to do:
i want to be able to deploy on 2 different folders in /var/www in my server.
1 folder is for example.com
1 folder is for example.biz
the .biz is staging and .com is production.
i will also have 2 different databases. 1 for staging 1 for production
i want to use capistrano to deploy code on my production folder AND staging folder.
for deploying staging folder, i want to be able to
1) do a git pull at the server for the staging folder ONLY.
2) run a bash script that will restore the staging database. script is written and placed inside the staging folder.
for production folder, i just want to be able to do a git pull at the server for production folder ONLY.
IMMEDIATE issues:
1) right now as i test my code i am unable to do a git pull at the server for staging folder ONLY.
i ran this command in my devt machine.
cap staging deploy
i get prompted for a password i am not sure of.
screenshot of what i saw
http://picasaweb.google.com/kimcity/Screenshots#5531588545516293762
Please help
I have tried this capistrano password prompt
and i did the following in my ~/.ssh
vi config
inserted the following text
Host production
Hostname example.com
User username_of_server
ForwardAgent yes
Host staging
Hostname example.biz
User username_of_server
ForwardAgent yes
Host *
ForwardAgent no
Still does not work for me.
Potential issues:
1) if i make any mistakes in my deploy.rb that may cause other issues further down the road towards what i want to achieve, please let me know.
assuming installation is not an issue etc,
assuming that you want to have the following setup,
and that you want to do it this way:
run "cap production deploy" from your laptop and have your server git pull the latest code from a public repository like github.com or projectlocker.com
the key thing is that you need to create a user account ON YOUR SERVER that is meant for deployment.
let us call this user account 'deploy' without the quotes.
1) make sure that 'deploy' has the public key of your laptop. (assuming you already have created a key pair for your laptop)
the public key of your laptop is a long sequence of text that should be in /home/deploy/.ssh/authorized_keys
create the folders or file if they do not exist.
2) check that you can ssh into the server using deploy#server from your laptop. if this works, it means that you have done 1) correctly.
3) generate keypair for 'deploy' at your server machine.
4) go to github.com or projectlocker and place the public key of the keypair in 3) over at the website.
5) go to your working folder at server. Do a git init if you did not already have a .git inside that folder. run git pull git-abc#github.com:abc.git or whatever your git repo url is.
6) if you succeed to pull your latest code from the public repo at github or projectlocker, steps 3 and 4 were correctly done.
7) now ensure that you have the following in your deploy.rb
# set server user account responsible
set :user, "deploy"
# Deploy via a remote repository cache. In git's case, it
# does a "git fetch" on the remote cache before moving it into place
# can change this to :copy but apparently :remote_cache is faster
set :deploy_via, :remote_cache
8) run "cap production deploy:setup" because you are going to deploy for the very first time.
9) run "cap production deploy" subsequently.