如何在 ansible git 模块中使用远程机器的 SSH 密钥 [英] How do I use remote machine's SSH keys in ansible git module

问题描述

我一直在尝试让 Ansible 配置远程机器，我希望远程机器使用自己的密钥进行设置，并且能够从 Bitbucket 克隆 git 存储库.

I've been trying to get Ansible to provision a remote machine, and I want the remote machine to be set up with its own keys, and have the ability to clone git repositories from Bitbucket.

用户设置好，有自己的id_rsa.pub，key已经注册到bitbucket了.

The user is set up, has its own id_rsa.pub, and the key has been registered with bitbucket.

但是，当我使用 Ansible Git 模块时，该模块似乎总是尝试使用运行剧本的机器上的密钥.

But, when I use the Ansible Git module, it looks like the module always tries to use the keys from the machine running the playbook.

如何让 git 模块使用远程机器上的 id_rsa.pub?

How do I get the git module to use the id_rsa.pub from the remote machine?

相关任务是这样的:

- name: be sure prom-king has an up-to-date clone of its own repository
  git:
    repo: "ssh://ddcrnd@bitbucket.org/prom-king.git"
    dest: /home/promking/prom-king
    accept_hostkey: yes
    clone: yes
    key_file: /home/promking/.ssh/id_rsa.pub
    update: yes

相关库存是这个

# inventory file for use with the vagrant box in the testing directory.
[prom-king]
192.168.168.192 ansible_ssh_host=127.0.0.1 ansible_sudo=true ansible_connection=ssh  ansible_ssh_port=2222 ansible_ssh_user=vagrant ansible_ssh_private_key_file=testing/.vagrant/machines/default/virtualbox/private_key

推荐答案

这是我使用远程服务器上设置的密钥文件从 Github 进行部署的方式.如果 git 的 keyfile 参数不起作用，那么你的剧本有问题:

This is how I deploy from Github using a key file set on the remote server. If the keyfile parameter for git doesn't work then something is wrong with your playbook:

- name: Creates .ssh directory for root
  sudo: yes
  file: path=/root/.ssh state=directory

# This public key is set on Github repo Settings under "Deploy keys"
- name: Upload the private key used for Github cloning
  sudo: yes
  copy: src=keys/github dest=/root/.ssh/github

- name: Correct SSH deploy key permissions
  sudo: yes
  file: dest=/root/.ssh/github mode=0600

- name: Deploy site files from Github repository
  sudo: yes
  git:
    repo: git@github.com:miohtama/foobar.git
    dest: /srv/django/foobar
    key_file: /root/.ssh/github
    accept_hostkey: yes
    force: yes

这篇关于如何在 ansible git 模块中使用远程机器的 SSH 密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！