本地操作系统:Windows 10 Pro(使用Git Bash作为我的终端)
Staging Server OS:Ubuntu 16.04 LTS
我一直在努力让我的登台服务器上运行基本的Capistrano部署。我跟着this guide设置了Capistrano。
部署过程始终在git:check阶段失败,因为据称无权访问我在GitLab上的回购。我确信我的SSH代理转发工作正常,因为我能够SSH到我的服务器并使用我的SSH密钥访问GitLab。 SSH密钥不存储在我的服务器上的任何位置:
$ ssh deploy@myserver.com
deploy@MyServer:~$ ssh -T git@gitlab.com
debug1: client_input_channel_open: ctype auth-agent@openssh.com rchan 2 win 65536 max 16384
debug1: channel 1: new [authentication agent connection]
debug1: confirm auth-agent@openssh.com
Welcome to GitLab, Alexander!debug1: channel 1: FORCE input drain
到目前为止,关于这个问题的所有问题都没有对我有用。
以下是我的部署文件:
deploy.rb
set :application, "myapp"
set :branch, "master"
set :repo_url, "git@gitlab.com:MyApp/myapp.git"
# Defaults to false
# Skip migration if files in db/migrate were not modified
set :conditionally_migrate, true
set :ssh_options, { forward_agent: true }
set :rvm_ruby_version, '2.2.6'
# Default deploy_to directory is /var/www/my_app_name
set :deploy_to, "/var/www/#{fetch(:application)}/"
set :deploy_user, "deploy"
# Tells Capistrano to store config/database.yml file inside a directory called /shared, which is meant for any files
# we want to persist between deploys
set :linked_files, fetch(:linked_files, []).push('config/database.yml', 'config/secrets.yml')
# Directories that are meant to persist between deploys, and they will also be stored inside /shared
set :linked_dirs, fetch(:linked_dirs, []).push('bin', 'log', 'tmp/pids', 'tmp/cache', 'tmp/sockets', 'vendor/bundle', 'public/system', 'public/uploads')
# The specs that should be run before deployment is allowed to continue
set :tests, []
# Delayed Job Config: https://github.com/AgileConsultingLLC/capistrano3-delayed-job
set :delayed_job_workers, 3
# Keep the last 5 deploys for rollback purposes
set :keep_releases, 5
namespace :deploy do
after :restart, :clear_cache do
on roles(:web), in: :groups, limit: 3, wait: 10 do
# Here we can do anything such as:
# within release_path do
# execute :rake, 'cache:clear'
# end
end
end
end
staging.rb
set :stage, :staging
set :rails_env, :staging
role :app, %w{deploy@myserver.com}
role :web, %w{deploy@myserver.com}
role :db, %w{deploy@myserver.com}
以下是部署时的Capistrano调试日志:
$ bundle exec cap staging deploy --trace
** Invoke staging (first_time)
** Execute staging
** Invoke load:defaults (first_time)
** Execute load:defaults
** Invoke rvm:hook (first_time)
** Invoke passenger:rvm:hook (first_time)
** Invoke passenger:test_which_passenger (first_time)
** Execute passenger:test_which_passenger
** Execute passenger:rvm:hook
** Execute rvm:hook
** Invoke rvm:check (first_time)
** Execute rvm:check
rvm 1.29.3 (latest) by Michal Papis, Piotr Kuczynski, Wayne E. Seguin [https://rvm.io]
ruby-2.2.6
ruby 2.2.6p396 (2016-11-15 revision 56800) [x86_64-linux]
** Invoke bundler:map_bins (first_time)
** Invoke passenger:bundler:hook (first_time)
** Execute passenger:bundler:hook
** Execute bundler:map_bins
** Invoke deploy:set_rails_env (first_time)
** Execute deploy:set_rails_env
** Invoke deploy:set_linked_dirs (first_time)
** Execute deploy:set_linked_dirs
** Invoke deploy:set_rails_env
** Invoke deploy (first_time)
** Execute deploy
** Invoke deploy:starting (first_time)
** Execute deploy:starting
** Invoke deploy:check (first_time)
** Invoke git:check (first_time)
** Invoke git:wrapper (first_time)
** Execute git:wrapper
00:00 git:wrapper
01 mkdir -p /tmp
✔ 01 deploy@myserver.com 0.286s
Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
02 chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
✔ 02 deploy@myserver.com 0.277s
** Execute git:check
00:01 git:check
01 git ls-remote git@gitlab.com:MyApp/myapp.git HEAD
01 Permission denied (publickey).
01 fatal: Could not read from remote repository.
01
01 Please make sure you have the correct access rights
01 and the repository exists.
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as deploy@myserver.com: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
Caused by:
SSHKit::Command::Failed: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/command.rb:99:in `exit_status='
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/netssh.rb:169:in `execute_command'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `block in create_command_and_execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `tap'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:141:in `create_command_and_execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:74:in `execute'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/git.rb:77:in `git'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/git.rb:38:in `check_repo_is_reachable'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/tasks/git.rake:19:in `block (4 levels) in eval_rakefile'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:93:in `with'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/capistrano-3.10.1/lib/capistrano/scm/tasks/git.rake:18:in `block (3 levels) in eval_rakefile'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:29:in `instance_exec'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/backends/abstract.rb:29:in `run'
C:/Ruby22/lib/ruby/gems/2.2.0/gems/sshkit-1.15.1/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
Tasks: TOP => deploy:check => git:check
The deploy has failed with an error: Exception while executing as deploy@myserver.com: git exit status: 128
git stdout: Nothing written
git stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
** Invoke deploy:failed (first_time)
** Execute deploy:failed
** DEPLOY FAILED
** Refer to log/capistrano.log for details. Here are the last 20 lines:
DEBUG [6b6ba2d0] Finished in 0.471 seconds with exit status 0 (successful).
DEBUG [c6e2d7dc] Running ~/.rvm/bin/rvm 2.2.6 do ruby --version as deploy@myserver.com
DEBUG [c6e2d7dc] Command: ~/.rvm/bin/rvm 2.2.6 do ruby --version
DEBUG [c6e2d7dc] ruby 2.2.6p396 (2016-11-15 revision 56800) [x86_64-linux]
DEBUG [c6e2d7dc] Finished in 0.608 seconds with exit status 0 (successful).
INFO [fd5500a8] Running /usr/bin/env mkdir -p /tmp as deploy@myserver.com
DEBUG [fd5500a8] Command: /usr/bin/env mkdir -p /tmp
INFO [fd5500a8] Finished in 0.286 seconds with exit status 0 (successful).
DEBUG Uploading /tmp/git-ssh-myapp-staging-localuser.sh 0.0%
INFO Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
INFO [f33d4873] Running /usr/bin/env chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh as deploy@myserver.com
DEBUG [f33d4873] Command: /usr/bin/env chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
INFO [f33d4873] Finished in 0.277 seconds with exit status 0 (successful).
INFO [86d3cd5a] Running /usr/bin/env git ls-remote git@gitlab.com:MyApp/myapp.git HEAD as deploy@myserver.com
DEBUG [86d3cd5a] Command: ( export GIT_ASKPASS="/bin/echo" GIT_SSH="/tmp/git-ssh-myapp-staging-localuser.sh" ; /usr/bin/env git ls-remote git@gitlab.com:MyApp/myapp.git HEAD )
DEBUG [86d3cd5a] Permission denied (publickey).
DEBUG [86d3cd5a] fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
我尝试手动运行Capistrano在本地和远程服务器上尝试的命令,并且它们都成功了。我真的被困了,任何帮助都会非常感激!
答案 0 :(得分:4)
感谢所有回答的人,我设法找到了解决方案!主要的罪魁祸首是Git Bash,无论出于什么原因,当我运行~/.ssh时,我没有将chmod 700 ~/.ssh目录的权限更改为0700。当Capistrano部署时,这阻止了SSH代理转发工作,但是当我手动SSH到我的服务器时却没有。我决定尝试在Windows上使用Ubuntu上的Bash(BUW)而不是Git Bash,果然,我的部署工作了!我将相同的配置和密钥从Git Bash复制到BUW。唯一的区别是我能够将BUW的~/.ssh目录的权限更改为0700.话虽如此,这是我的问题的解决方案:
<强> 1。创建部署密钥并将其添加到GitLab
正如@Onur和@grizzthedj以及@Gokul M所说,我需要为GitLab创建一个部署密钥并在我的服务器上进行授权。这是我如何做到的:
ssh-keygen -t rsa -b 4096 cat ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys <强> 2。使用BUW而不是Git Bash
~/.ssh上的权限:chmod 700 ~/.ssh 启动SSH代理并将部署密钥添加到其中:
eval $(ssh-agent -s)
ssh-add ~/.ssh/id_rsa
我已从 deploy.rb 文件中删除了set :ssh_options行,因为没有它就可以正常工作。
那就是它!从现在开始看起来我将使用BUW进行部署。
答案 1 :(得分:2)
按照以下步骤将您的公钥添加到存储库设置中的部署密钥列表中:
本地机器设置:
检查您的本地系统是否有~/.ssh/id_rsa.pub密钥文件。如果没有,请创建一个新的:
$ ssh-keygen -t rsa
将新创建的公钥~/.ssh/id_rsa.pub添加到设置中的存储库部署(访问)键中:
将密钥加载到ssh-agent:
检查ssh-agent是否正在运行,如果没有,请启动ssh代理
$ ssh-agent /bin/bash
将id_rsa密钥添加到代理:
$ ssh-add ~/.ssh/id_rsa
注意:有时,如果您收到&#34; 拒绝访问存储库&#34,则需要在每次部署之前完成此步骤(步骤3) ;部署期间出错。
将本地SSH密钥添加到部署服务器授权密钥文件(请记住将端口号替换为您的自定义端口号):
$ cat ~/.ssh/id_rsa.pub | ssh -p port_num user@server_ip 'cat >> ~/.ssh/authorized_keys'
<强> deploy.rb
尝试更改 deploy.rb 文件中的ssh_options,如下所示:
set :ssh_options, { forward_agent: true, user: "deploy", auth_methods: ['publickey'], keys: %w(~/.ssh/privatekey.pem) }
将~/.ssh/privatekey.pem替换为SSH私钥文件路径的路径。
<强>部署:
只需运行 cap staging deploy 即可部署到服务器。
根据需要将 staging deploy命令中的 cap 替换为环境。
答案 2 :(得分:1)
根据您的cap deploy输出,看起来从笔记本电脑到服务器的SSH连接不是问题。
00:00 git:wrapper
01 mkdir -p /tmp
✔ 01 deploy@myserver.com 0.286s
Uploading /tmp/git-ssh-myapp-staging-localuser.sh 100.0%
02 chmod 700 /tmp/git-ssh-myapp-staging-localuser.sh
✔ 02 deploy@myserver.com 0.277s
此问题是当capistrano尝试通过SSH运行git ls-remote git@gitlab.com:MyApp/myapp.git HEAD时。
您需要将公钥添加到GitLab中的SSH密钥,因为SSH代理转发需要在所有目标系统上安装公钥。在您的情况下,Gitlab是一个目标系统。
cat ~/.ssh/id_rsa.pub # Copy the contents of your public key(filename may be different)
登录GitLab,并将公钥粘贴到您的repo的SSH密钥(在repo设置中找到),您应该很好。
您还需要在ssh_options。
set :ssh_options, {
forward_agent: true,
user: 'deploy',
}
答案 3 :(得分:1)
您还需要将远程服务器的公钥定义到存储库。显然,您的计算机可以访问存储库,但服务器不能。
要获取默认公钥,您可以查看~/.ssh/id_rsa.pub,也可以使用ssh-keygen -t rsa -b 4096 -C "your_email@example.com"生成一个公钥。
不要忘记在服务器中使用ssh-add初始化公钥。
希望有所帮助
答案 4 :(得分:0)
对于那些将来遇到此问题的人,寻找替代方案:
有关此问题的大多数搜索建议添加SSH密钥。如果您确定已添加它们,并且ssh -T git@bitbucket.org(或您正在使用的任何git服务)显示您已登录,并且已设置代理转发,那么在Windows上对我有效的另一种方法是同样的问题是要安装PuTTY。安装后:
cap deploy 我在关于r esponse length errors when using Capistrano on Windows的另一篇SO文章中找到了这种方法,因此表面上看,它也适用于这些情况。这可能是因为net-ssh on Windows requires Pageant to work。
答案 5 :(得分:0)
我遇到了类似的问题,对我来说,我所要做的就是将我的 SSH 密钥添加到 GitHub。此过程的文档可在此处找到:https://docs.github.com/en/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account