Open Unitech opened 5 years ago
Well, I worked out the task using a key with passphrase.
Basically the passphrase is only used to login into target server. The same ssh key, used to clone the repo on target server, is not protected with a passphrase.
I try to explain my setup.
To login on target server:
~/.ssh/my-pm2-ssh-key_rsa
, ~/.ssh/my-pm2-ssh-key_rsa.pub
).ssh/authorized_keys
filessh 10.10.10.10
and after asking the passphrase, you shoud loginTo clone the repo on target server:
.ssh/id_rsa
and id_.ssh/rsa.pub
ssh-keygen -p
(empty when asking to enter new passphrase)ssh -T git@gitlab.com
and the reply is Welcome to...
Yes, we have the same pub key in the authorized_keys
and in the file id_rsa.pub
.
Yes, I tried to configure .ssh/config
or ~/.gitconfig
to use another key, but I failed.
In ecosystem.json
:
"key" : "~/.ssh/my-pm2-ssh-key_rsa"
And now the magic:
$ pm2 deploy ecosystem.json production setup
--> Deploying to production environment
--> on host 10.10.10.10
○ hook pre-setup
Enter passphrase for key '/c/Users/alberto.santini/.ssh/my-pm2-ssh-key_rsa':
○ running setup
○ cloning git@gitlab.com:myuser/foo.git
○ full fetch
Enter passphrase for key '/c/Users/alberto.santini/.ssh/my-pm2-ssh-key_rsa':
Cloning into '/home/santini/pm2/foo/source'...
Enter passphrase for key '/c/Users/alberto.santini/.ssh/my-pm2-ssh-key_rsa':
○ hook post-setup
○ setup complete
--> Success
I'm also struggling with this.
I had to remove the ssh passphrase to be able to use pm2 deploy
https://github.com/Unitech/pm2/issues/4072