On 02/02/2010, at 1:07 AM, Derek Broughton wrote:
Dylan Jay wrote:
Hi,
I spent yesterday improving the explanation of how hostout can be
used
since I'm finding it more and more useful.
I'd love some feedback on how to make it clearer still or ideas to
make it better.
Very cool. I hadn't seen it before but I can really, really, use
this...
... [host1]
... recipe = collective.hostout
... host = 127.0.0.1:10022
... user = root
... password = root
... path = /usr/local/plone/host1
... """ % globals())
If you don't include your password you will be prompted for it later.
This is just the SSH password? Any possibility of having it run ssh-
copy-id
for passwordless logins?
there is some code in there that just needs to be tweaked to work.
Also a note that many hosts ban SSH logins as root
is worthwhile, though I imagine that won't come as a surprise to
many people
who are using this tool.
Even more annoying is that all the distros other than ubuntu do not
let you ssh exec a command to root. They require a tty. This can be
unset but obviously via a tty. Hostout uses Fabric and fabric doesn't
support tty :( I haven't figured a way around this yet.
The plan is to do something like
1. bootstrap the host to create a deployment user that has permissions
to the remote path. ssh copy the key. Also create the effective-user
to run processes as.
2. login as the deployment user and deploy
This all gets a bit messy when deployment requires sudo access. Again
haven't figured a way around all this yet.
password
The password for the login user. If not given then hostout will ask
each time.
identity-file
A public key for the login user.
I hope that the password prompt is given by SSH and not "hostout" -
ssh
knows whether it needs a password, hostout can't know.
Actually it's fabric. Fabric uses paramiko rather than openssh. Fabric
also retains the sudo password for the duration as it will replay it
if it's asked again for a password during a sudo operation.
Todo list
*********
...
- Automatically setup host with password-less ssh login.
Ah-hah. I guess that answers my first question!
I can see I'll be playing with this a lot today. Thanks Dylan.
any suggestions/code for the above challenges is welcome :)
--
derek
_______________________________________________
Product-Developers mailing list
[email protected]
http://lists.plone.org/mailman/listinfo/product-developers
_______________________________________________
Product-Developers mailing list
[email protected]
http://lists.plone.org/mailman/listinfo/product-developers
