I'm trying to deploy my app from a remote git repo with capistrano. Everything was working fine till I installed ssl certificate on my server. Now the problem is when capistrano restarts the apache server the server asks for the passphrase. My question is how can I enter that passphrase from my local machine. I have enabled forward_agent by using this line but its not working.
set :ssh_options, { :forward_agent => true }
I was wondering if there is any other way to enter value on server from your local system.
Agent forwarding is for ssh keys, on apache restart most probably it's the sudo asking for password.
Add the deploy user to sudoers to allow apache restart, for example
deployer ALL=(ALL) NOPASSWD:/etc/init.d/apache2 restart
Related
I have a rails app that I could so far successfully deploy to my Ubuntu server using capistrano 3.
Last night I did a successful server update using do-release-upgrade:
Linux my-server 5.15.0-47-generic #51-Ubuntu SMP Thu Aug 11 07:51:15 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
I can still ssh into the server using my id_rsa key from my Mac Terminal:
ssh user#my-server.example.com
Welcome to Ubuntu 22.04.1 LTS (GNU/Linux 5.15.0-47-generic x86_64)
However Capistrano now asks for the password instead of asking me for the passkey of my id_rsa certificate:
cap production deploy
user#my-server.example.com's password:
I tried to run ssh-copy-id too to make sure the certificate is re-uploaded:
ssh-copy-id user#my-server.example.com
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: WARNING: All keys were skipped because they already exist on the remote system.
(if you think this is a mistake, you may want to use -f option)
It's all quite weird since just yesterday I did do several deployments:
ls -lia rails/releases/ | grep 20220913 | wc -l
9
I did not enable passwords for the SSH access at all so I am wondering how to re-enable the SSH communication with my sever.
Update
The issue might be related to "SSH agent forwarding". I did use capistrano-ssh-doctor and it told me that:
SSH agent forwarding report
[success] repo_url setting ok
[success] ssh private key file exists
[success] ssh-agent process seems to be running locally
[success] ssh-agent process recognized by ssh-add command
[success] ssh private keys added to ssh-agent
[success] application repository accessible from local machine
[success] all hosts using passwordless login
[success] forward_agent ok for all hosts
[success] ssh agent successfully forwarded to remote hosts
[error] It seems Capistrano cannot access application git repository from these hosts: my-server.example.com
Actions:
make sure all the previous checks pass. That should make this one work too.
It seems SSH agent forwarding is not set up correctly. Follow the
suggested steps described in error messages. Errors (if more than one)
are ordered by importance, so always start with the first one.
So I logged in on the server and I was able to successfully clone the repository.
There is some information in this post:
I'd still like to find out why I can't use the git#github.com:{github-organization}/{private-repo}.git format for :repo_url, with keys, when all of the SSH forwarding report's requirements seem to be met. If you need further info from me just let me know - and thanks again for any help!
So it seems that the :repo_url needs to be changed. I'll give that a shot.
I did figure out that now for some reason the following command does no longer work:
cap staging deploy
Instead I need to use bundler
bundle exec cap staging deploy
Had the same issue. This fixed it for me: https://askubuntu.com/questions/1409105/ubuntu-22-04-ssh-the-rsa-key-isnt-working-since-upgrading-from-20-04
Add this to the end of /etc/ssh/sshd_config:
PubkeyAcceptedKeyTypes +ssh-rsa
HostKeyAlgorithms +ssh-rsa
As first steps I have configured AWS EC2 instance with Ubuntu 16.04 and configured Capistrano for deploy from local to this AWS EC2 instance.
Now I am trying to make autodeploy rails app from GitHub to this Ubuntu Server (AWS EC2) via Jenkins and Capistrano. Note: I am creating autodeploy for the first time.
My rails app (production) and Jenkins are on the same Amazon EC2 instance.
When Jenkins task starts, it clones repo to the jenkins workspace, install gems and then execute: cap production deploy
But now I can“t check that the Capistrano was configured correctly for deploy to another folder of the same server, because when cap production deploy executes I get this error:
Net::SSH::AuthenticationFailed: Authentication failed for user jenkins#
I tried to create ssh-key for user jenkins and add it to ubuntu user (default non-root sudo user) by:
ssh-keygen
ssh-copy-id ubuntu#127.0.0.1
and always get permission denied error.
Does anybody have any suggestions?
Thank you in advance
capistrano version 3.11
You can add jenkin user's public-key in the authorized_keys file of ubuntu user. You can find it at /home/ubuntu/.ssh/authorized_keys.
However, In my opinion, you should migrate the jenkins runner to a separate server.
You can create a VPC group, and put both the servers, production and jenkins runner in that single VPC, and expose ssh port in the same VPC, so that no one outside can access it.
Then add the public key of thejenkins server to the production server as I have explained above.
Im deploying a rails app to a digitalocean server with these steps.
http://dokku.viewdocs.io/dokku/application-deployment/
problem is when i get to the Deploy App section it says
Now you can deploy the ruby-rails-sample app to your Dokku server. All you have to do is add a remote to name the app. Applications are created on-the-fly on the Dokku server.
git remote add dokku dokku#dokku.me:ruby-rails-sample
git push dokku master
When i enter that its asking to enter dokku:dokku.me password.
Does anyone know why or what is the default password for this? No mention of dokku.me before this step.
We don't set a password on the user, so this is likely your ssh key's password.
dokku.me is a placeholder for the documentation. Replace it with your digital ocean droplet hostname
I solved the mine by typing this command in my terminal
cat ~/.ssh/id_rsa.pub | ssh root#serverIp "sudo sshcommand acl-add
dokku laptop"
after type your password and you can try again to deploy
I bought a godaddy server, I want to deploy my rails app on it using Apache + Passenger + Capistrano.
However, it seems I can't install passenger in my server.
After I connect to my server using ssh and type 'sudo gem install passenger', it says sudo is an unknown command..
So can anyone tell me how to deploy rails app on a godaddy server?...
It depends on the Linux distribution you have installed on your machine, in order to log in as superuser you can try "sudo su" or simply "su".
Obviously you need to have the superuser password.
By default Go Daddy servers have a user you set with a password. To gain root access you will type:
su -
You will then enter the same password you logged in with originally. By default the user and root passwords are the same.
We are trying to deploy a rails 3.1 app on a aws ec2 instance running ubuntu 12.04. With cap deploy, However, we are stuck with the password hint. There is only private key in aws ecs login and there is no password. How can we pass the ssh login for ec2 deployment?
Thanks so much.
This is what I did to solve this scenario:
On the local machine, generate a key using e.g. ssh-keygen. Keep the standard location to not overcomplicate things, i.e. keyfiles should be ~/.ssh/id_rsa and id_rsa.pub; SKIP THIS STEP IF YOU ALREADY HAVE KEYS IN .ssh
Copy the content of the id_rsa.pub file
SSH into the EC2 instance using your .pem keyfile
Paste the content of your local id_rsa.pub into /home/[YOUR_EC2_USER]/.ssh/authorized_keys
You should now be able to use capistrano for your deployment.