基于在ci / cd中使用Envoy的laravel项目部署,我使用sshkey管理服务器和gitlab存储库,甚至可以在服务器上克隆我的存储库而没有任何权限错误
但是在部署管道期间出现连接错误
rewrite "^/[0-9]{4}$" /page.php last;
就像您看到的ssh-agent一样,但是像Running before_script and script
Authenticating with credentials from job payload (GitLab Registry)
$ which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )
/usr/bin/ssh-agent
$ eval $(ssh-agent -s)
Agent pid 13
$ ssh-add <(echo "$SSH_PRIVATE_KEY")
Identity added: /dev/fd/63 (server_user@server)
$ mkdir -p ~/.ssh
$ [[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
$ ~/.composer/vendor/bin/envoy run deploy --commit="$CI_COMMIT_SHA"
**[appusr@192.168.1.250]: ssh: connect to host 192.168.1.250 port 22: Connection timed out**
[✗] This task did not complete successfully on one of your servers.
我得到envoy run deploy
我做了Connection timed out,并得到了回答:
ssh -v appusr@192.168.1.250 -p 22我的OpenSSH_7.9p1 Debian-10+deb10u2, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /home/appusr/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 192.168.1.250 [192.168.1.250] port 22.
debug1: Connection established.
debug1: identity file /home/appusr/.ssh/id_rsa type 0
debug1: identity file /home/appusr/.ssh/id_rsa-cert type -1
debug1: identity file /home/appusr/.ssh/id_dsa type -1
debug1: identity file /home/appusr/.ssh/id_dsa-cert type -1
debug1: identity file /home/appusr/.ssh/id_ecdsa type -1
debug1: identity file /home/appusr/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/appusr/.ssh/id_ed25519 type -1
debug1: identity file /home/appusr/.ssh/id_ed25519-cert type -1
debug1: identity file /home/appusr/.ssh/id_xmss type -1
debug1: identity file /home/appusr/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 Debian-10+deb10u2
debug1: match: OpenSSH_7.9p1 Debian-10+deb10u2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.1.250:22 as 'app'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:o6l6L+Qakp/+nJBxTJ1eiBQ7zqEOneVsjOff6nnoo
debug1: Host '192.168.1.250' is known and matches the ECDSA host key.
debug1: Found key in /home/appusr/.ssh/known_hosts:5
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: Will attempt key: /home/appusr/.ssh/id_rsa RSA SHA256:/1Q62j8N9SXN6Yi9yYePp+i9QyfuagQolSF+hTq8s
debug1: Will attempt key: /home/appusr/.ssh/id_dsa
debug1: Will attempt key: /home/appusr/.ssh/id_ecdsa
debug1: Will attempt key: /home/appusr/.ssh/id_ed25519
debug1: Will attempt key: /home/appusr/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/appusr/.ssh/id_rsa RSA SHA256:/1Q62j8N9XN6Yi9yYePp+i9yfDMuagQolSF+hTq8s
debug1: Server accepts key: /home/appusr/.ssh/id_rsa RSA SHA256:/1Q62j8N9XN6Yi9yYePp+i9yfDMuagQolSF+hTq8s
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.1.250 ([192.168.1.250]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Remote: /home/appusr/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/appusr/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending environment.
debug1: Sending env LANG = en_SG.UTF-8
Linux server 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1+deb10u1 (2020-04-27) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun May 17 20:34:12 2020 from 192.168.1.250
文件:
Envoy.blade.php即使在服务器中,我也会得到@servers(['web' => 'appusr@192.168.1.250'])
@setup
$repository = 'git@gitlab.com:<user>/testprj.git';
$release_dir = '/var/www/testprj/release';
$app_dir = '/var/www/testprj';
$release = date('YmdHis');
$new_release_dir = $releases_dir .'/'. $release;
@endsetup
@story('deploy')
clone_repository
run_composer
update_symlinks
@endstory
@task('clone_repository')
echo 'Cloning repository'
[ -d {{ $releases_dir }} ] || mkdir {{ $releases_dir }}
git clone --depth 1 {{ $repository }} {{ $new_release_dir }}
cd {{ $new_release_dir }}
git reset --hard {{ $commit }}
@endtask
@task('run_composer')
echo "Starting deployment ({{ $release }})"
cd {{ $new_release_dir }}
composer install --prefer-dist --no-scripts -q -o
@endtask
@task('update_symlinks')
echo "Linking storage directory"
rm -rf {{ $new_release_dir }}/storage
ln -nfs {{ $app_dir }}/storage {{ $new_release_dir }}/storage
echo 'Linking .env file'
ln -nfs {{ $app_dir }}/.env {{ $new_release_dir }}/.env
echo 'Linking current release'
ln -nfs {{ $new_release_dir }} {{ $app_dir }}/current
@endtask
的回答Welcome to Gitlab. <user>!
我尝试按照以下步骤更新ssh -T git@gitlab.com:
./ssh/config