Roots Discourse

Issues with provison using ansible on Kinsta/Trellis/Bedrock site

I’m having a bit of trouble getting my Trellis site to provision my kinsta server. I’ve created public ssh keys on my Mac and added the path in /all/users.yml. Let’s use my staging environment as an example.

In /staging/vault.yml do I need match the user_password with the ssh/sftp password on my kinsta dashboard? The guide i followed (https://roots.io/guides/deploying-to-kinsta-with-trellis/) only mentioned adding db_password, db_name, db_user but nothing about the user_password. There was also no mention of the admin_user in /all/users.yml. It comes default as “admin” but do I need to change that to the user name for ssh/sftp in my Kinsta dashboard?

I tried to run ansible-playbook server.yml -e env=staging with admin as the username and that return with a “permission denied” error, which makes sense since it tried to connect to the kinsta server as admin@xx.xx.xx.xxx. So I changed the admin_user to what is in my kinsta dashboard and ran ansible-playbook server.yml -e env=staging again and it returned with this error

I’m also able to ssh into my kinsta server with no issue using ssh example@xx.xx.xx.xxx -p XXXXX

Has anyone had similar issues?

Trellis cannot provision Kinsta servers, it can only deploy to them. This is stated in the article you linked:

Trellis can deploy to Kinsta with just a few updates. Since Kinsta provides everything from the web server standpoint, provisioning your staging and production environments do not apply.

That clearly went right over my head…thanks! Would you mind explaining a bit about the users between Kinsta and Trellis though? I’m still having a hard time wrapping my head around it. Does admin_user need to match the user name in Kinsta or does just the web_user in /staging/main.yml need to match the kinsta user name for that environment?

Because Trellis isn’t provisioning, I don’t believe it needs the admin_user–it won’t be doing any tasks that require administrative permissions. I don’t believe Kinsta will even allow you to take administrative actions when logged in via SSH.

The web_user is required because that’s how Trellis will log in via SSH. It’s the user name Kinsta gives you for that environment. (Unless you change them, the only thing that actually varies between Kinsta environments is generally the SSH/SFTP port.)

1 Like

This topic was automatically closed after 42 days. New replies are no longer allowed.