Wow, thanks a lot.
Here is my fabfile.py
---
set(
fab_user = 'wishes',
fab_password = None,
fab_mode = 'rolling',
project = 'wishes',
deploy_to = '/home/wishes',
manage_py = '$(deploy_to)/wishes/src/wl/manage',
fab_debug = True,
)
import logging
logging.basicConfig()
def production():
"Configures Fabric for production environment."
set(env='production')
set(fab_hosts=['production host'])
def staging():
"Configures Fabric for Staging environment."
set(env='staging')
set(fab_hosts=['192.168.1.60'])
#
set(fab_key_filename='/home/serg/projects/wishlist/staging_key.pri')
def build():
local('hg archive -t tgz /tmp/$(project).tgz')
def upload():
require('env', provided_by=['production','staging'])
put('/tmp/$(project).tgz', '/tmp/$(project).tgz')
def cleanup():
require('env', provided_by=['production','staging'])
run('rm /tmp/$(project).tgz', fail='warn')
local('rm /tmp/$(project).tgz', fail='warn')
def patch_database():
require('env', provided_by=['production','staging'])
run('$(manage_py) migrate', fail='abort')
def restart():
require('env', provided_by=['production','staging'])
run('sudo /etc/init.d/wishes-fcgi restart', fail='abort')
# sudo('invoke-rc.d wishes-fcgi restart', fail='abort')
def deploy():
"Build the project and deploy it to a specified environment."
require('env', provided_by=['production','staging'])
build()
upload()
run('tar -C $(deploy_to) -xzf /tmp/$(project).tgz', fail='abort')
#run('sudo -u $(sudo_user) cp
$(deploy_to)/wishes/conf/settings.py
$(deploy_to)/wishes/src/wl/', fail='abort')
patch_database()
restart()
cleanup()
---
Christian Vest Hansen wrote:
I edited the _connect code so you shouldn't have to
set(fab_password=None) in order to please _connect(). Also, sudo() now
only uses a password if one is defined.
It's in both git repos. Hopefully this will make it look a little less
sketchy whenever someone want to do key-based authentication.
On 6/12/08, Christian Vest Hansen <address@hidden> wrote:
Can you post a working fabfile configured to use SSH keys?
I'de like to document this in the tutorial.
On 6/12/08, Christian Vest Hansen <address@hidden> wrote:
> Alright, I'm glad you figured it out - this is good stuff to know as
> there's a high likelyhood that others will run into the same
problems.
>
>
>
> On 6/12/08, Sergey Kirillov <address@hidden> wrote:
> > Hi Christian,
> >
> > Yes, I saw that.
> >
> > It works now. I had to set 'fab_password': None in order to
bypass 'if
> > 'fab_password' not in ENV:' check in _connect(). But now sudo()
does not
> > work because it tries to do
> > 'stdin.write(env['fab_password'])' and fails
there with
> > exception.
> >
> > To solve this I've updated /etc/sudoers and have listed all
commands that
> > need to be executed as passwordless. So instead of sudo() I'm
using
> > run('sudo dosomething'), and it works like a charm.
> >
> > Deployment user does not have password at all, and I can give
people access
> > to deployment just by adding their SSH public keys into
> > ~/.ssh/authorized_keys of deployment user.
> >
> >
> >
> >
> > Christian Vest Hansen wrote:
> >
> > > I haven't tried key-based authentication myself, but Fabric will
relay
> > > any fab_pkey and fab_key_filename to the SSHClient.connect
method in
> > > paramiko:
> > >
> > >
> >
http://www.lag.net/paramiko/docs/paramiko.SSHClient-class.html#connect
> > >
> > > Hope that helps.
> > >
> > >
> >
> >
>
>
>
> --
> Venlig hilsen / Kind regards,
> Christian Vest Hansen.
>
--
Venlig hilsen / Kind regards,
Christian Vest Hansen.