Trellis: AWS and provision

first i provisioned my server using

ansible-playbook -i hosts/staging server.yml

and it worked fine, the initial server was okay

then the deploy using

./deploy.sh staging wp.mydomain.com

and it gave me

failed: [52.32.191.6] => {"failed": true, "parsed": false}
Traceback (most recent call last):
  File "/home/ubuntu/.ansible/tmp/ansible-tmp-1450021821.44-23334990179534/deploy_helper", line 2033, in <module>
    main()
  File "/home/ubuntu/.ansible/tmp/ansible-tmp-1450021821.44-23334990179534/deploy_helper", line 383, in main
    changes += deploy_helper.create_path(facts['releases_path'])
  File "/home/ubuntu/.ansible/tmp/ansible-tmp-1450021821.44-23334990179534/deploy_helper", line 276, in create_path
    os.makedirs(path)
  File "/usr/lib/python2.7/os.py", line 157, in makedirs
    mkdir(name, mode)
OSError: [Errno 13] Permission denied: '/srv/www/mydomain.com/releases'
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: auto-mux: Trying existing master
debug1: mux_client_request_session: master session id: 2
Shared connection to 52.32.191.6 closed.

apparently the problem is with this

admin_user: ubuntu

users:
  - name: "{{ web_user }}"
    groups:
      - "{{ web_group }}"
    keys:
      - "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
      # - https://github.com/username.keys
  - name: "{{ admin_user }}"
    groups:
      - sudo
    keys:
      - "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
      # - https://github.com/username.keys

web_user: www-user
web_group: www-data
web_sudoers:
  - "/usr/sbin/service hhvm *"
  - "/usr/sbin/service php5-fpm *"

where the directory permissions of srv/www is set to www-user:www-data.

how can i deploy it?

//ysf

Do not, I repeat, do not mess with web_user setting in wordpress_sites.yml

i changed it to

web_user: www-user

whereas originally it was

web_user: web
1 Like

In theory changing that should work fine but there could be a bug. Did you change it between provisioning and deploying? Obviously any change to those configs requires another provision for them to apply.

no i changed it before provisioning to www-user but since www-user is already a nologin user, or is made by nginx during installation, the deploy is made by admin_user login which messes with permissions.

Ah that makes sense. Thanks for following up.

I just tested web_user: www-user on vanilla Trellis. Provision and deploy worked fine on a fresh AWS EC2 and a Digital Ocean droplet.

@debuggerpk Let us know if there is a specific context where changing web_user is a problem. We could put a note in the docs. I didn’t understand your statement "www-user is already a nologin user, or is made by nginx during installation." As far as I know, root is the only ssh user blocked on the Ubuntu AMI with AWS.

I encountered the same problem. And I checked my /srv/www it was set to root:root and not www-data:www-data not sure why because I just used Trellis to provision and just used the vanilla settings for the wordpres staging. So I switched it to www-data and still could see the same error and little did I know the permission was 755 and not 775. So it worked after that.