我通过Ansible为Ubuntu Server 14.04 LTS(HVM)创建了用户deploy
,并希望通过capistrano部署我的应用程序。如果我以用户ubuntu
连接,则会收到此错误:
mkdir stderr: mkdir: cannot create directory '/home/deploy/applications/app/releases': Permission denied
playbook.yml
---
- hosts: 'all'
remote_user: 'ubuntu'
sudo: 'yes'
vars:
ruby_version: '2.2.4'
user: 'deploy'
home: '/home/{{ user }}'
rbenv_root: '{{ home }}/.rbenv'
name: 'app'
application: '{{ home }}/applications/{{ name }}'
tasks:
- name: 'apt | update'
action: 'apt update_cache=yes'
- name: 'apt | install dependencies'
action: 'apt pkg={{ item }}'
with_items:
- 'build-essential'
- 'libssl-dev'
- 'libyaml-dev'
- 'libreadline6-dev'
- 'zlib1g-dev'
- 'libcurl4-openssl-dev'
- 'git'
- 'nginx'
- 'postgresql'
- 'postgresql-contrib'
- 'libpq-dev'
- 'imagemagick'
- 'libmagickwand-dev'
- 'htop'
- name: 'account | create'
user: 'name={{ user }} shell=/bin/bash'
- name: '1'
shell: 'mkdir -p /home/deploy/applications'
- name: '2'
shell: 'sudo mkdir -p /home/deploy/applications/app/'
- name: '3'
shell: 'chown deploy:deploy /home/deploy/applications/app/'
- name: '4'
shell: 'umask 0002'
- name: '5'
shell: 'mkdir /home/deploy/applications/app/releases'
- name: '6'
shell: 'mkdir /home/deploy/applications/app/shared'
- name: '7'
shell: 'chown deploy:deploy /home/deploy/applications/app/releases'
- name: '8'
shell: 'chown deploy:deploy /home/deploy/applications/app/shared'
- name: 'account | copy authorized keys'
shell: 'mkdir -p {{ home }}/.ssh -m 700 && cp /root/.ssh/authorized_keys {{ home }}/.ssh && chown -R {{ user }}:{{ user }} {{ home }}/.ssh'
- name: 'account | copy ssh private key'
copy: 'src=keys/id_rsa dest={{ home }}/.ssh/id_rsa owner={{ user }} group={{ user }} mode=0600'
- name: 'account | copy pem key'
copy: 'src=keys/aws-app.pem dest={{ home }}/.ssh/aws-app.pem owner={{ user }} group={{ user }} mode=0600'
- name: 'account | copy ssh public key'
copy: 'src=keys/id_rsa.pub dest={{ home }}/.ssh/id_rsa.pub owner={{ user }} group={{ user }} mode=0644'
- name: 'rbenv | clone repo'
git: 'repo=git://github.com/sstephenson/rbenv.git dest={{ rbenv_root }} accept_hostkey=yes'
- name: 'rbenv | check ruby-build installed'
command: 'test -x {{ rbenv_root }}/plugins/ruby-build'
register: 'plugin_installed'
ignore_errors: yes
- name: 'rbenv | add bin to path'
shell: echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> {{ home }}/.bashrc
when: 'plugin_installed|failed'
- name: 'rbenv | init'
shell: echo 'eval "$(rbenv init -)"' >> {{ home }}/.bashrc
when: 'plugin_installed|failed'
- name: 'rbenv | clone ruby-build repo'
git: 'repo=git://github.com/sstephenson/ruby-build.git dest={{ rbenv_root }}/plugins/ruby-build accept_hostkey=yes'
when: 'plugin_installed|failed'
- name: 'rbenv | check ruby {{ ruby_version }} installed'
shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv versions | grep {{ ruby_version }}'
register: 'ruby_installed'
ignore_errors: yes
- name: 'rbenv | install ruby {{ ruby_version }}'
shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv install {{ ruby_version }}'
when: 'ruby_installed|failed'
- name: 'rbenv | set global ruby {{ ruby_version }}'
shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv global {{ ruby_version }}'
when: 'ruby_installed|failed'
- name: 'rbenv | rehash'
shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv rehash'
when: 'ruby_installed|failed'
- name: 'rbenv | create .gemrc'
lineinfile: 'dest={{ home }}/.gemrc owner={{ user }} group={{ user }} mode=0644 line="gem: --no-ri --no-rdoc" create=yes'
when: 'ruby_installed|failed'
- name: 'ruby | install bundler'
shell: 'RBENV_ROOT={{ rbenv_root }} PATH="$RBENV_ROOT/bin:$PATH" rbenv exec gem install bundler'
when: 'ruby_installed|failed'
- name: 'rbenv | change owner'
shell: 'chown -R {{ user }}:{{ user }} {{ rbenv_root }}'
when: 'ruby_installed|failed'
- name: 'postgresql | check user'
shell: 'psql -U postgres -c "\copyright"'
register: 'postgres_login'
ignore_errors: yes
- name: 'postgresql | set auth type'
copy: 'src=configs/pg_hba.conf dest=/etc/postgresql/9.3/main/pg_hba.conf owner=postgres group=postgres mode=0644'
when: 'postgres_login|failed'
- name: 'postgresql | restart service'
service: name=postgresql state=restarted
when: 'postgres_login|failed'
- name: 'postgresql | create shared directory'
shell: 'mkdir -p {{ application }}/shared/config -m 775 && chown -R {{ user }}:{{ user }} {{ home }}/applications'
when: 'postgres_login|failed'
- name: 'postgresql | copy database.yml'
template: 'src=configs/database.yml dest={{ application }}/shared/config/database.yml owner={{ user }} group={{ user }} mode=0644'
when: 'postgres_login|failed'
- name: 'postgresql | create database'
shell: 'createdb -U postgres -O postgres -E UTF8 -l en_US.UTF-8 {{ name }}_production'
when: 'postgres_login|failed'
- name: 'rails | copy settings.yml'
copy: 'src=configs/settings.yml dest={{ application }}/shared/config/settings.yml owner={{ user }} group={{ user }} mode=0644'
- name: 'nginx | check config'
command: 'test -f /etc/nginx/sites-enabled/{{ name }}.conf'
register: 'nginx_config_copied'
ignore_errors: yes
- name: 'nginx | createdir'
shell: 'rm /etc/nginx/sites-enabled/default; mkdir -p etc/nginx/sites-enabled/'
when: 'nginx_config_copied|failed'
- name: 'nginx | copy config'
template: 'src=configs/nginx.conf dest=/etc/nginx/sites-enabled/{{ name }}.conf owner=root group=root mode=0644'
when: 'nginx_config_copied|failed'
- name: 'nginx | restart service'
service: name=nginx state=restarted
when: 'nginx_config_copied|failed'
deploy.rb
lock '3.4.0'
set :repo_url, 'https://'
set :branch, 'master'
set :deploy_to, '/home/deploy/applications/app'
set :log_level, :info
set :linked_files, %w{config/database.yml config/settings.yml}
set :linked_dirs, %w{bin log tmp/pids tmp/cache tmp/sockets vendor/bundle public/uploads}
set :rbenv_type, :user
set :rbenv_ruby, '2.2.4'
set :rbenv_prefix, "RBENV_ROOT=#{fetch(:rbenv_path)} RBENV_VERSION=#{fetch(:rbenv_ruby)} #{fetch(:rbenv_path)}/bin/rbenv exec"
set :rbenv_roles, :all
set :puma_init_active_record, true
production.rb
server '11.111.1.111', user: 'deploy', roles: %w{app db web}
set :ssh_options, {
keys: %w(/home/deploy/.ssh/aws-app.pem),
forward_agent: true,
auth_methods: %w(publickey)
}
但是当我尝试运行cap production deploy
时,请不断收到此错误:
INFO [da36e5d8] Running /usr/bin/env mkdir -p /tmp// as deploy@11.111.1.111
INFO [da36e5d8] Finished in 11.986 seconds with exit status 0 (successful).
(Backtrace restricted to imported tasks)
cap aborted!
Please login as the user "ubuntu" rather than the user "root".
UPD:我在DO(digitalocean.com)上启动了相同的代码,但它确实有效。但是在EC2上,它不起作用。
答案 0 :(得分:0)
sudo mkdir -p /home/deploy/applications
sudo mkdir -p /home/deploy/applications/app/
sudo chown deploy:deploy /home/deploy/applications/app/ # `chown` will change the owner ship so that `User` user can `**Read/Write**`
umask 0002
mkdir /home/deploy/applications/app/releases ## these are convention
mkdir /home/deploy/applications/app/shared ## these are convention
sudo chown deploy:deploy /home/deploy/applications/app/releases
sudo chown deploy:deploy /home/deploy/applications/app/shared
希望对你有所帮助!!!