Can not ssh to remote server with ansible

Koli14 · August 10, 2015, 5:47pm

I’m totally new to Roots, but I would love to learn how it works. Although I feel myself a bit beginner for it.

I followed the https://github.com/roots/roots-example-project.com, and i managed to install it locally, vagrant up worked like magic! Now I’m trying to deploy it to dreamhost.com. And there I’m a little confused. I never did something similar, until now, i always copied the files through FTP, and created the DB through a web-interface.
So, i can SSH through Terminal to DreamHost like: ssh koli@test.mydomain.ch
But I don’t really understand where should I set my ssh user-name (koli), and my password? In /group_vars/all ?
I never used SSH-key and publickey.

So, when i try ansible-playbook -i hosts/production server.yml I get this:

< PLAY [Determine Remote User] >
 ------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


 _____________________________________________________________
/ TASK: remote-user | Determine whether to connect as root or \
\ admin_user                                                  /
 -------------------------------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


ok: [test.mydomain.com -> 127.0.0.1]
 ___________________________________________________
< TASK: remote-user | Set remote user for each host >
 ---------------------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


ok: [test.mydomain.com]
 __________________________________________________________
/ PLAY [WordPress Server - Install LEMP Stack with PHP 5.6 \
\ and MariaDB MySQL]                                       /
 ----------------------------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


 _________________
< GATHERING FACTS >
 -----------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


fatal: [test.mydomain.com] => SSH Error: Permission denied (publickey,password).
    while connecting to 208.113.137.182:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
 _________________________________________
< TASK: common | Validate Ansible version >
 -----------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


FATAL: no hosts matched or all hosts have already failed -- aborting

 ____________
< PLAY RECAP >
 ------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


           to retry, use: --limit @/home/koli/server.retry

test.mydomain.com        : ok=2    changed=0    unreachable=1    failed=0

If I do it with --ask-pass I got this:

SSH password: 
 ______________________________
< PLAY [Determine Remote User] >
 ------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


 _____________________________________________________________
/ TASK: remote-user | Determine whether to connect as root or \
\ admin_user                                                  /
 -------------------------------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


ok: [test.mydomain.com -> 127.0.0.1]
 ___________________________________________________
< TASK: remote-user | Set remote user for each host >
 ---------------------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


ok: [test.mydomain.com]
 __________________________________________________________
/ PLAY [WordPress Server - Install LEMP Stack with PHP 5.6 \
\ and MariaDB MySQL]                                       /
 ----------------------------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


 _________________
< GATHERING FACTS >
 -----------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


fatal: [test.mydomain.com] => Authentication failure.
 _________________________________________
< TASK: common | Validate Ansible version >
 -----------------------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


FATAL: no hosts matched or all hosts have already failed -- aborting

 ____________
< PLAY RECAP >
 ------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


           to retry, use: --limit @/home/koli/server.retry

test.mydomain.com        : ok=2    changed=0    unreachable=1    failed=0

And if i try ./deploy.sh production test.mydomain.com, then i get this:

< PLAY [Deploy WP site] >
 -----------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


 _________________
< GATHERING FACTS >
 -----------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


fatal: [test.mydomain.com] => SSH Error: Permission denied (publickey,password).
    while connecting to 208.113.137.182:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
 ___________________________
< TASK: deploy | Initialize >
 ---------------------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


FATAL: no hosts matched or all hosts have already failed -- aborting

 ____________
< PLAY RECAP >
 ------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||


           to retry, use: --limit @/home/koli/deploy.retry

test.mydomain.com         : ok=0    changed=0    unreachable=1    failed=0

I’m sure i just missed to set my ssh user and pwd, but I have no idea where.

fullyint · August 10, 2015, 6:32pm

@Koli14 See if this thread is applicable to your situation (shared hosting vs. VPS hosting). In your case, if your only available SSH user is koli, in your group_vars/all set web_user: koli and admin_user: koli. Note this quote:

Trellis is designed to be used on a stock/bare Ubuntu server.

Regarding your SSH password, maybe the --ask-pass approach would work – I haven’t tried – but I’d recommend setting up passwordless SSH for your server. Here is a DreamHost wiki on the topic.

For a little more info on SSH connections with Trellis, see the SSH keys wiki, if you haven’t already.

I you wouldn’t mind, work through those links above then post back with any questions that remain.

Congrats for diving in! I admire that. Trellis is designed to work out of the box with DigitalOcean. Even if DigitalOcean is unfamiliar, you may still find it easier to implement Trellis with DigitalOcean.

swalkinshaw · August 10, 2015, 6:44pm

Yeah you definitely don’t want to use the server.yml playbook on a shared server. server.yml provisions/installs all the software which your host already has. Even if you got it to run it would cause a lot of problems.

You can use our deploy functionality through the deploy.yml playbook but that’s about it. There’s a little more about only using deploys here: Going from Cap to Ansible

Koli14 · August 11, 2015, 10:40am

Thanks for the positive reply @fullyint and @swalkinshaw!
I understand Trellis much better now. Yes, I missed that it’s designed for stock/bare Ubuntu. I will try out DigitalOcean, but for my small projects is just too expensive.

I will try to Deploying to remote server instead to setup one than. I managed to SSH with the passwordless method. Thanks!
I also managed to deploy it! I’m really surprised! Although it did not deployed the theme ‘sage’. But i will try to solve that tomorrow…

fullyint · August 11, 2015, 5:53pm

Great work!

In working on deploying the theme, notice the extra variables added example project’s group_vars/production file. The repo cloned during deploy is assumed to include your theme. The deploy can compile local source files then sync the resulting dist folder to your server.

Koli14 · August 11, 2015, 9:54pm

Yes, i set all of them. I set this repo: repo: git@github.com:koli14/example.com.git, which include my theme (https://github.com/Koli14/example.com/tree/master/web/app/themes/sage). I also set these:

project_pre_build_commands_local:
   - path: "{{ project.local_path }}/web/app/themes/sage"
     cmd: npm install
   - path: "{{ project.local_path }}/web/app/themes/sage"
     cmd: bower install
   - path: "{{ project.local_path }}/web/app/themes/sage"
     cmd: gulp --production

project_local_files:
  - name: compiled theme assets
    src: "{{ project.local_path }}/web/app/themes/sage/dist"
    dest: web/app/themes/sage

When i do ./deploy.sh staging example.com i got these messeges (and others):

< TASK: deploy | Run pre_build_commands_local on Ansible host >
 -------------------------------------------------------------
changed: [46.101.145.92 -> 127.0.0.1] => (item={'path': u'../site/web/app/themes/sage', 'cmd': 'npm install'})
changed: [46.101.145.92 -> 127.0.0.1] => (item={'path': u'../site/web/app/themes/sage', 'cmd': 'bower install'})
changed: [46.101.145.92 -> 127.0.0.1] => (item={'path': u'../site/web/app/themes/sage', 'cmd': 'gulp --production'})
 _________________________________________
< TASK: deploy | Copy project local files >
 -----------------------------------------
changed: [46.101.145.92 -> 127.0.0.1] => (item={'dest': 'web/app/themes/sage', 'src': u'../site/web/app/themes/sage/dist', 'name': 'compiled theme assets'})

If i ssh to my droplet i found in /srv/www/example.com/current/web/app/themes/sage just one folder, the dist with complied styles, scripts and fonts, and assets.json. But nothing else. No style.css or functions.php. Nothing.

fullyint · August 12, 2015, 2:52am

@Koli14 Could you try changing this in roles/deploy/defaults/main.yml, then re-run deploy.yml a couple times and tell us if it works correctly each time?

- project_source_path: "{{ project_root }}/shared/source"
+ project_source_path: "{{ project_root }}/shared/source/{{ project.repo }}"

(Edit: I originally had a regex_replace filter on project.repo, but @swalkinshaw pointed out that it is unnecessary, so I removed it.)

No need to read on, but here’s my guess at what was happening – none of it your fault.

I’m guessing you first ran deploy.yml with the default repo: git@github.com:roots/bedrock.git.

Now there is a copy of the roots bedrock repo at project_source_path.

I’m guessing you later ran deploy.yml with repo: git@github.com:koli14/example.com.git.

The git module ran git ls-remote origin in the project_source_path and saw that there were no updates (checking against roots/bedrock cloned earlier), so…
No new clone was made, and…
The roots/bedrock repo was copied to your release directory.
Your sync task still put your dist directory on the server, in the roots/bedrock empty theme directory. It looked like some empty version of your theme had been cloned/copied, but really it was never cloned.

So, I think the problem was that we didn’t realize the git module wouldn’t pick up on changes to the repo variable. We assumed the module would check the remote repo specified, but I think it just compares the local clone with the latest updates to that local clone’s remote.

This phenomenon may be responsible for other threads reporting the git module not updating: here and here.

The above edit to project_source_path should make it so that the git ls-remote origin always checks the remote repo we specify in the repo variable.

Koli14 · August 12, 2015, 10:20am

Worked like magic! Yes it was working well each time!
Thanks for the explanation! I learned again something,

fullyint · August 16, 2015, 5:20am

@Koli14 re: that git module problem above, Trellis just added a fix at roots/trellis#299