@dani_z It is possible to see the error sudo: a password is required if you
- set
sshd_permit_root_login: false - run
server.yml - run
server.ymlagain
The first run of server.yml will disable root from connecting in the future. The second run will need to connect as admin_user and will need this user’s sudo password passed in. From the docs:
With root login disabled, the admin_user will need to run commands using sudo with a password, so you will need to add the option
--ask-become-passwhen running server.yml.
ansible-playbook server.yml -e env=production --ask-become-pass
This prompts you to enter the sudoer password described in the “Admin User Sudoer Password” section below.
The default sudoer password to enter is example_password.
I haven’t tried http staging and https production on same server. Your approach appears to mirror the first option discussed here. I believe the second option discussed at that link could be modified for the updated Trellis file setup, if you want. What you’ve described looks good to me, assuming the group_vars/staging/ in the Production paths you listed is really 'group_vars/production/.
As for the Nginx conf files, I can’t think of any needed alterations off the top of my head. Trellis will automatically create separate conf files in …
/etc/nginx/sites-enabled/
leathergadgets.com.conf
staging.leathergadgets.com.conf