How does everyone handle security so they can do one step deploys? For instance, right now the user we use for our deployments doesn't have password-less sudo rights, so I still have to enter a password for the mongrel restart. When I'm deploying many times a day (for example - to our staging server), I'd like to just be able to do 'cap deploy' and walk away, or even script it to cap deploy on any checkins that don't break the build.
Is there a good 'secure' way to do this? I was thinking of setting a user who could only login via ssh key auth, who would have password-less sudo rights, and maybe locking down that user to only be able to do svn tasks and mongrel tasks...I'm not sure how to do the last part of that, though. Maybe I'm worrying about this too much and I should just setup a strong key and give the user wide open sudo rights? any ideas? thanks, Rob --~--~---------~--~----~------------~-------~--~----~ To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/capistrano -~----------~----~----~----~------~----~------~--~---
