Take a look at this blog by Jamis when he introduced the feature: http://weblog.jamisbuck.org/2006/9/26/inside-capistrano-the-gateway-implementation
My guess is you may need to set the user for the deploy one way but pass the options hash to the gateway command with a different user specified. I'll take a look at the capistrano source tomorrow to verify. On Jul 5, 2011, at 9:50 PM, d2kagw <[email protected]> wrote: > Thanks Donovan, Unfortunately changing the user like you suggested > didn't fix the problem. > > Re: your comment on my gateway syntax, should it be done another way? > > On Jul 6, 1:05 pm, Donovan Bray <[email protected]> wrote: >> set :user should be your deploy_user >> >> I've never used the syntax you have for the gateway; so I can't vouch for >> that. >> >> On Jul 5, 2011, at 2:58 AM, d2kagw <[email protected]> wrote: >> >> >> >> >> >> >> >>> I have a very simple Capistrano recipe that needs to be deployed on a >>> very complicated hardware stack and I was hoping someone could point >>> out where I'm going wrong. >> >>> The security of our infrastructure requires that I: >> >>> * use a gateway >>> * deploy as a user other than myself >> >>> So, Capistrano needs to: >> >>> 1. connect through a gateway as `authuser` >>> 2. through the gateway connect to the app server as `authuser` >>> 3. deploy files on the app server as `deployuser` >> >>> I've got it doing step 1 and 2 without issue, but re: step 3, it runs >>> the deploy as `authuser` instead of `deployuser` even though I've set >>> the runner as `deployuser`. >> >>> Here's the config portion of the deploy.rb file: >> >>> app = "new-app" >>> auth_user = "authuser" >>> deploy_user = "deployuser" >> >>> set :user, "#{auth_user}" >>> set :gateway, "#{auth_user}@<gateway ip address>" >>> ssh_options[:forward_agent] = true >>> default_run_options[:pty] = true >> >>> # Repository setup >>> set :application, "#{app}" >>> set :repository, "[email protected]:#{auth_user}/#{app}.git" >> >>> set :scm, :git >>> set :branch, "master" >>> set :deploy_via, :remote_cache >>> set :git_enable_submodules, 1 >> >>> # Roles >>> set :admin_runner, "#{deploy_user}" >>> set :runner, "#{deploy_user}" >>> role :web, "#{auth_user}@<gateway ip address>" >>> role :app, "#{auth_user}@<gateway ip address>" >>> role :db, "#{auth_user}@<gateway ip address>" >> >>> # Location >>> set :deploy_to, "/var/apps/#{app}" >> >>> # TASKS ------------------------------------------------- >>> ... >> >>> Any ideas what could be going wrong? >> >>> Notes: when I run deploy:setup, the commands are run as `authuser`, >>> it's just when I do a normal deploy that things go wrong. >> >>> -- >>> * You received this message because you are subscribed to the Google Groups >>> "Capistrano" group. >>> * To post to this group, send email to [email protected] >>> * To unsubscribe from this group, send email to >>> [email protected] For more options, visit this group >>> athttp://groups.google.com/group/capistrano?hl=en > > -- > * You received this message because you are subscribed to the Google Groups > "Capistrano" group. > * To post to this group, send email to [email protected] > * To unsubscribe from this group, send email to > [email protected] For more options, visit this group at > http://groups.google.com/group/capistrano?hl=en -- * You received this message because you are subscribed to the Google Groups "Capistrano" group. * To post to this group, send email to [email protected] * To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/capistrano?hl=en
