In my current setup I have multiple ssh keys on my local machine. I have added one of the keys and verified that I can ssh into my server when I specify it. The issue that I am running into is that I cannot re provision the server. I get the following error message:
An unhandled exception occurred while templating '[{u'keys': [u"{{
lookup('file', '~/.ssh/id_rsa.pub') }}",
u'https://github.com/redacted.keys', u'https://github.com/redacted.keys'],
u'name': u'{{ web_user }}', u'groups': [u'{{ web_group }}']}, {u'keys': [u"{{
lookup('file', '~/.ssh/id_rsa.pub') }}",
u'https://github.com/redacted.keys', u'https://github.com/redacted.keys'],
u'name': u'{{ admin_user }}', u'groups': [u'sudo']}]'. Error was a <class
'ansible.errors.AnsibleError'>, original message: An unhandled exception
occurred while running the lookup plugin 'file'. Error was a <class
'ansible.errors.AnsibleError'>, original message: could not locate file in
lookup: ~/.ssh/id_rsa.pub
fatal: [redacted]: FAILED! => {}
The issue seems to be that it is looking for a key by the name of id_rsa while my key is named id_professional_rsa. I have tried adding the following line to my users.yml
I found a work around but would still appreciate if someone is able to explain it to me. I have separate keys setup for personal and work. id_professional_rsa & id_personal_rsa. As a shot in the dark I decided to create a new key with the default name id_rsa. Now this key has not been added to my keys on github and I have not added it on the server. I just created the key so there was a file with the name id_rsa in my ssh folder. I reran the provision and it worked successfully.
So you added a new entry to keys and it worked on the first provision, then failed after that? That’s really weird. All Trellis/Ansible is doing here is trying to read that local file.
Allow me to clarify. I initially provisioned and deployed the project with a different machine/keys. I was trying to add/replace the keys with my new development machine. I understand that the ssh keys are pulled from the users.yml file. It looks for a local key or pulls the keys from github:
{{ lookup('file', '~/.ssh/id_rsa.pub') }}
https://github.com/username.keys
I had updated my github keys with my new SSH and believed it would be pulled/updated from there. It seems that it was failing because the local lookup was not finding a key with the title of id_rsa.pub.
I assumed that it looks in the order that the keys are presented, so it will look locally for id_rsa.pub and then if it doesn’t find it, go on to look at the github keys. I still believe that it does this but it fails if there is no id_rsa.pub, regardless if it is the actual key being used or not.