Input for SSH config

[benoitchantre]

I think it would be great to have an SSH config input to follow the best practices as described in deployer documentation.

[antonmedv]

What do you mean?

[benoitchantre]

It’s advised to keep sensible informations outside of version control. To be able to deploy, we need to defined some of these informations in ./ssh/config

With an optional ssh-config input, we could add the ssh configuration from a secret, directly with this action.

[antonmedv]

Nice idea. Can you create pr with it?

[benoitchantre]

Nice idea. Can you create pr with it?

I can try

[tomasnorre]

Hi.

I don't know if I understand this suggestion correct. Does this include this part too?

host('prod')
    ->set('remote_user', '<username>')
    ->set('hostname', '<ip/hostname>')
    ->set('deploy_path', '<path/to/application/>');

I would like if this wasn't public visible.

[benoitchantre]

@tomasnorre Yes, this is the goal. With this input, you will be able to use a secret to store your SSH connection settings. The deploy path will remain in the host definition from what I know.

[tomasnorre]

@benoitchantre Thanks for the answer. I think the PR should contain a documentation update as well then. :)

[benoitchantre]

@tomasnorre The readme contains a short description of the new parameter, but I think there is already enough good documentation elsewhere about the ~/.ssh/config file itself.

[tomasnorre]

I know how a .ssh/config looks like, Just thought showing how it's used in a GH secret, could be helpful to some, but if I'm alone seeing it like that, it's ok. Just tried to give feedback.

But like the change you are providing here. Thanks.

[benoitchantre]

The secret follows the same format as you have in your ~/.ssh/config

You can do a copy & paste.

[hashimaziz1]

For clarification, do the SSH config values come from the config on my local machine that connects to my server, or the config on the server itself?

[tlerbao]

@benoitchantre Humbly ask

If ssh-config: is specified, is private-key: useless; then how to define the correct private-key in ssh-config? Here is the detailed question I posted： https://github.com/deployphp/deployer/discussions/3309

[benoitchantre]

@tlerbao private-key is required to install the private key. In ssh-config, you can set the path to the key using IdentityFile, but it is not necessary.