WSL2 and Linux on "spin provision" are getting: "Failed to connect to the host via ssh: Bad owner or permissions on /root/.ssh/config"

jaydrogers commented 2 months ago

Current Behavior

When users are provisioning from a Linux-based host, they experience permissions errors with SSH:

BECOME password:

PLAY [Setup and provision Docker Swarm servers with Spin.] *******************************************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************************************************************************************
fatal: [myapp.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Bad owner or permissions on /root/.ssh/config", "unreachable": true}
fatal: [staging.myapp.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Bad owner or permissions on /root/.ssh/config", "unreachable": true}

PLAY RECAP *******************************************************************************************************************************************************************************************************************************************
myapp.com               : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0
staging.myapp.com       : ok=0    changed=0    unreachable=1    failed=0

Expected Behavior

The SSH connection should work without users needing to adjust permissions on their SSH keys.

Steps To Reproduce

Use WSL2 or a Linux host
Prepare .spin.yml and .spin-inventory.ini for deployment
Attempt to run spin provision --user root

Environment

Any Linux host with Docker

Anything else?

Proposed solution

[ ] See if we can get Ansible to run with --user to run Ansible as the SPIN_USER_ID
[ ] Ensure password protected keys with the SSH agent work too

PedroGabriel commented 1 month ago

I'm having the same issue

See if we can get Ansible to run with --user to run Ansible as the SPIN_USER_ID (idk if this exists but I read about it somewhere I suppose?)

this option didnt work

{"changed": false, "msg": "Failed to connect to the host via ssh: Bad owner or permissions on /root/.ssh/config", "unreachable": true}

Ubuntu 20.04.6 LTS

jaydrogers commented 1 month ago

My gut feeling is I may need to explore mounting the SSH_AUTH_SOCK how Kamal does it: https://kamal-deploy.org/docs/installation/

I would have to automatically detect this based on the OS running Spin.

jaydrogers commented 1 month ago

Could you guys try again with v2.2.0? https://github.com/serversideup/spin/releases/tag/v2.2.0

I have a ton of improvements with SSH and it should be fixed now. I was able to provision a server with my WSL2 instance with and without password protected SSH keys.

I am closing this now, but will re-open if people have a lot of issues with v2.2.0

serversideup / spin