使用Ansible和Capistrano进行部署

时间:2015-12-22 18:04:47

标签: ruby-on-rails amazon-web-services amazon-ec2 capistrano ansible

我通过Ansible为Ubuntu Server 14.04 LTS(HVM)创建了用户deploy,并希望通过capistrano部署我的应用程序。如果我以用户ubuntu连接,则会收到此错误:

mkdir stderr: mkdir: cannot create directory '/home/deploy/applications/app/releases': Permission denied

playbook.yml

---
- hosts: 'all'
  remote_user: 'ubuntu'
  sudo: 'yes'
  vars:
    ruby_version: '2.2.4'
    user: 'deploy'
    home: '/home/{{ user }}'
    rbenv_root: '{{ home }}/.rbenv'
    name: 'app'
    application: '{{ home }}/applications/{{ name }}'
  tasks:
    - name: 'apt | update'
      action: 'apt update_cache=yes'

    - name: 'apt | install dependencies'
      action: 'apt pkg={{ item }}'

      with_items:
        - 'build-essential'
        - 'libssl-dev'
        - 'libyaml-dev'
        - 'libreadline6-dev'
        - 'zlib1g-dev'
        - 'libcurl4-openssl-dev'
        - 'git'
        - 'nginx'
        - 'postgresql'
        - 'postgresql-contrib'
        - 'libpq-dev'
        - 'imagemagick'
        - 'libmagickwand-dev'
        - 'htop'

    - name: 'account | create'
      user: 'name={{ user }} shell=/bin/bash'

    - name: '1'
      shell: 'mkdir -p /home/deploy/applications'

    - name: '2'
      shell: 'sudo mkdir -p /home/deploy/applications/app/'

    - name: '3'
      shell: 'chown deploy:deploy /home/deploy/applications/app/'

    - name: '4'
      shell: 'umask 0002'

    - name: '5'
      shell: 'mkdir /home/deploy/applications/app/releases'

    - name: '6'
      shell: 'mkdir /home/deploy/applications/app/shared'

    - name: '7'
      shell: 'chown deploy:deploy /home/deploy/applications/app/releases'

    - name: '8'
      shell: 'chown deploy:deploy /home/deploy/applications/app/shared'

    - name: 'account | copy authorized keys'

      shell: 'mkdir -p {{ home }}/.ssh -m 700 && cp /root/.ssh/authorized_keys {{ home }}/.ssh && chown -R {{ user }}:{{ user }} {{ home }}/.ssh'

    - name: 'account | copy ssh private key'

      copy: 'src=keys/id_rsa dest={{ home }}/.ssh/id_rsa owner={{ user }} group={{ user }} mode=0600'

    - name: 'account | copy pem key'

      copy: 'src=keys/aws-app.pem dest={{ home }}/.ssh/aws-app.pem owner={{ user }} group={{ user }} mode=0600'

    - name: 'account | copy ssh public key'
      copy: 'src=keys/id_rsa.pub dest={{ home }}/.ssh/id_rsa.pub owner={{ user }} group={{ user }} mode=0644'

    - name: 'rbenv | clone repo'
      git: 'repo=git://github.com/sstephenson/rbenv.git dest={{ rbenv_root }} accept_hostkey=yes'

    - name: 'rbenv | check ruby-build installed'
      command: 'test -x {{ rbenv_root }}/plugins/ruby-build'


      register: 'plugin_installed'
      ignore_errors: yes

    - name: 'rbenv | add bin to path'
      shell: echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> {{ home }}/.bashrc
      when: 'plugin_installed|failed'

    - name: 'rbenv | init'
      shell: echo 'eval "$(rbenv init -)"' >> {{ home }}/.bashrc
      when: 'plugin_installed|failed'

    - name: 'rbenv | clone ruby-build repo'
      git: 'repo=git://github.com/sstephenson/ruby-build.git dest={{ rbenv_root }}/plugins/ruby-build accept_hostkey=yes'
      when: 'plugin_installed|failed'

    - name: 'rbenv | check ruby {{ ruby_version }} installed'
      shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv versions | grep {{ ruby_version }}'
      register: 'ruby_installed'
      ignore_errors: yes

    - name: 'rbenv | install ruby {{ ruby_version }}'
      shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv install {{ ruby_version }}'
      when: 'ruby_installed|failed'

    - name: 'rbenv | set global ruby {{ ruby_version }}'
      shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv global {{ ruby_version }}'
      when: 'ruby_installed|failed'

    - name: 'rbenv | rehash'
      shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv rehash'
      when: 'ruby_installed|failed'

    - name: 'rbenv | create .gemrc'
      lineinfile: 'dest={{ home }}/.gemrc owner={{ user }} group={{ user }} mode=0644 line="gem: --no-ri --no-rdoc" create=yes'
      when: 'ruby_installed|failed'

    - name: 'ruby | install bundler'
      shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv exec gem install bundler'
      when: 'ruby_installed|failed'

    - name: 'rbenv | change owner'
      shell: 'chown -R {{ user }}:{{ user }} {{ rbenv_root }}'
      when: 'ruby_installed|failed'

    - name: 'postgresql | check user'
      shell: 'psql -U postgres -c "\copyright"'
      register: 'postgres_login'
      ignore_errors: yes

    - name: 'postgresql | set auth type'
      copy: 'src=configs/pg_hba.conf dest=/etc/postgresql/9.3/main/pg_hba.conf owner=postgres group=postgres mode=0644'
      when: 'postgres_login|failed'

    - name: 'postgresql | restart service'
      service: name=postgresql state=restarted
      when: 'postgres_login|failed'

    - name: 'postgresql | create shared directory'
      shell: 'mkdir -p {{ application }}/shared/config -m 775 && chown -R {{ user }}:{{ user }} {{ home }}/applications'
      when: 'postgres_login|failed'

    - name: 'postgresql | copy database.yml'
      template: 'src=configs/database.yml dest={{ application }}/shared/config/database.yml owner={{ user }} group={{ user }} mode=0644'
      when: 'postgres_login|failed'

    - name: 'postgresql | create database'
      shell: 'createdb -U postgres -O postgres -E UTF8 -l en_US.UTF-8 {{ name }}_production'
      when: 'postgres_login|failed'

    - name: 'rails | copy settings.yml'
      copy: 'src=configs/settings.yml dest={{ application }}/shared/config/settings.yml owner={{ user }} group={{ user }} mode=0644'

    - name: 'nginx | check config'
      command: 'test -f /etc/nginx/sites-enabled/{{ name }}.conf'
      register: 'nginx_config_copied'
      ignore_errors: yes

    - name: 'nginx | createdir'
      shell: 'rm /etc/nginx/sites-enabled/default; mkdir -p etc/nginx/sites-enabled/'
      when: 'nginx_config_copied|failed'

    - name: 'nginx | copy config'
      template: 'src=configs/nginx.conf dest=/etc/nginx/sites-enabled/{{ name }}.conf owner=root group=root mode=0644'
      when: 'nginx_config_copied|failed'

    - name: 'nginx | restart service'

      service: name=nginx state=restarted
      when: 'nginx_config_copied|failed'

deploy.rb

    lock '3.4.0'
    set :repo_url, 'https://'
    set :branch, 'master'
    set :deploy_to, '/home/deploy/applications/app'

    set :log_level, :info
    set :linked_files, %w{config/database.yml config/settings.yml}
    set :linked_dirs, %w{bin log tmp/pids tmp/cache tmp/sockets vendor/bundle public/uploads}

    set :rbenv_type, :user
    set :rbenv_ruby, '2.2.4'
    set :rbenv_prefix, "RBENV_ROOT=#{fetch(:rbenv_path)} RBENV_VERSION=#{fetch(:rbenv_ruby)} #{fetch(:rbenv_path)}/bin/rbenv exec"
    set :rbenv_roles, :all

    set :puma_init_active_record, true

production.rb

server '11.111.1.111', user: 'deploy', roles: %w{app db web}

set :ssh_options, {
  keys: %w(/home/deploy/.ssh/aws-app.pem),
  forward_agent: true,
  auth_methods: %w(publickey)
}

但是当我尝试运行cap production deploy时,请不断收到此错误:

INFO [da36e5d8] Running /usr/bin/env mkdir -p /tmp// as deploy@11.111.1.111
INFO [da36e5d8] Finished in 11.986 seconds with exit status 0 (successful).
(Backtrace restricted to imported tasks)
cap aborted!
Please login as the user "ubuntu" rather than the user "root".

UPD:我在DO(digitalocean.com)上启动了相同的代码,但它确实有效。但是在EC2上,它不起作用。

1 个答案:

答案 0 :(得分:0)

sudo mkdir -p /home/deploy/applications
sudo mkdir -p /home/deploy/applications/app/
sudo chown deploy:deploy /home/deploy/applications/app/ # `chown` will change the owner ship so that `User` user can `**Read/Write**` 
umask 0002
mkdir /home/deploy/applications/app/releases ## these are convention 
mkdir /home/deploy/applications/app/shared ## these are convention 
sudo chown deploy:deploy /home/deploy/applications/app/releases
sudo chown deploy:deploy /home/deploy/applications/app/shared

希望对你有所帮助!!!