search

gocd-contrib / ansible-gocd

Ansible playbook to install ThoughtWorks open-source continuous delivery tool, Go. Also available on Ansible Galaxy https://galaxy.ansible.com/list#/roles/1690
http://www.go.cd/
MIT License
70 stars 57 forks source link

Access denied creating setting up SSH keys #40

Open aloysius-lim opened 8 years ago

aloysius-lim commented 8 years ago

The common role does not have the right permissions to create the .ssh folder, nor copy the SSH keys. The fix is the add sudo: yes to these four places in roles/common/tasks/main.yml:

- name: Go's .ssh folder
  sudo: yes
  file: path=/var/go/.ssh state=directory group={{ GOCD_GROUP }} owner={{ GOCD_USER }}
  when: GOCD_CONFIGURE_SSH

- name: SSH public key
  sudo: yes
  copy: "dest=/var/go/.ssh/{{ GOCD_SSH_PUBLIC_KEY | basename}} src='{{ GOCD_SSH_PUBLIC_KEY }}' group={{ GOCD_GROUP }} mode=0644 owner={{ GOCD_USER }}"
  when: GOCD_CONFIGURE_SSH

- name: SSH private key
  sudo: yes
  copy: "dest=/var/go/.ssh/{{ GOCD_SSH_PRIVATE_KEY | basename}} src='{{ GOCD_SSH_PRIVATE_KEY }}' group={{ GOCD_GROUP }} mode=0600 owner={{ GOCD_USER }}"
  when: GOCD_CONFIGURE_SSH

- name: ensure git server is a known host
  sudo: yes
  lineinfile:
    dest: /var/go/.ssh/known_hosts
    create: yes
    state: present
    line: "{{ lookup('pipe', 'ssh-keyscan -t rsa ' + GOCD_SSH_KNOWN_DOMAIN) }}"
    regexp: "^{{ GOCD_SSH_KNOWN_DOMAIN|replace('.', '\\.') }}"
    group: "{{ GOCD_GROUP }}"
    mode: 0644
    owner: "{{ GOCD_USER }}"
  when: GOCD_CONFIGURE_SSH