Capistrano, Firewalls and Tunnel
Here's are 2 ways to accomplish it.
1st way
not sure if you've seen this thread?
- https://groups.google.com/forum/?fromgroups=#!topic/capistrano/RVwMim-qnMg
net-ssh-gateway
library, but creates copies of the local forwarding methods but they're geared for remote access.class Net::SSH::Gateway
# Opens a SSH tunnel from a port on a remote host to a given host and port
# on the local side
# (equivalent to openssh -R parameter)
def open_remote(port, host, remote_port, remote_host = "127.0.0.1")
ensure_open!
@session_mutex.synchronize do
@session.forward.remote(port, host, remote_port, remote_host)
end
if block_given?
begin
yield [remote_port, remote_host]
ensure
close_remote(remote_port, remote_host)
end
else
return [remote_port, remote_host]
end
rescue Errno::EADDRINUSE
retry
end
# Cancels port-forwarding over an open port that was previously opened via
# open_remote.
def close_remote(port, host = "127.0.0.1")
ensure_open!
@session_mutex.synchronize do
@session.forward.cancel_remote(port, host)
end
end
end
2nd way
Outlined in an answer to this SO question:
- Is it possible to do have Capistrano do a checkout over a reverse SSH tunnel?
# deploy.rb
set :local_repository, "ssh://git@serverbehindfirewall/path/to/project.git"
set :repository, "ssh://git@localhost:9000/path/to/project.git"
Then before you deploy you'll need to setup the remote forward:% ssh -R 9000:serverbehindfirewall:22 deploybot@deployserver.com
# CTRL + C + A (Screen) or ⌘ + T (Terminal.app) to open new tab
Followed by your deploy:% cap HOSTFILTER=deployserver.com deploy # HOSTFILTER reduces set to specified host. Only useful if you have multiple servers.
See this answer to that SO question for more details: - https://stackoverflow.com/a/3953351/33204
Is it possible to do have Capistrano do a checkout over a reverse SSH tunnel?
Net::SSH implements remote forwarding. I have looked over all Capistrano's source code and couldn't see any references to it in the current release. None the less, that doesn't stop you from establishing remote forwarding before you deploy with Capistrano.
What you'll want to do is set the :local_repository
and :repository
paths individually. :local_repository
is referenced locally to determine which commit will be used for the deployment before the connection is initiated. That leaves :repository
for the remote server to pull from after the connection has been initiated. This is where you can specify the path to the repository behind the firewall.
# deploy.rb
set :local_repository, "ssh://git@serverbehindfirewall/path/to/project.git"
set :repository, "ssh://git@localhost:9000/path/to/project.git"
Before you deploy, be sure to establish the remote forward. You'll need to repeat this for each server you deploy to.$ ssh -R 9000:serverbehindfirewall:22 deploybot@deployserver.com
# CTRL + C + A (Screen) or ⌘ + T (Terminal.app) to open new tab
$ cap HOSTFILTER=deployserver.com deploy # HOSTFILTER reduces set to specified host. Only useful if you have multiple servers.
Using Net::SSH this could easily be turned into a task which is executed before anything else providing greater flexibility when deploying to multiple servers.Lastly, given you've been using scp, you might want to set deploy_via, :remote_cache
which keeps a copy of the repository on the remote server. This greatly decreases your deployment time reduces the chance of corruption.
Is it possible to specify a different ssh port when using rsync?
Another option, in the host you run rsync from, set the port in the ssh config file, ie:
cat ~/.ssh/config
Host host
Port 2222
Then rsync over ssh will talk to port 2222:rsync -rvz --progress --remove-sent-files ./dir user@host:/path
Related Topics
Can Sunspot Search Inside Array
Error Installing Gems: Cannot Load Such File - Zlib
Ruby/Rails Audio Conversion Plugins
How to Get Nokogiri to Parse and Return an Xml Document
Strong Parameters with Nested Hash
Adding Two Activerecord::Relation Objects
Automatically Logging Exceptions in Ruby
How to Add Usr/Local/Bin to Path Environment Variable on Ubuntu 12.0.4
Mongodb Server Doesn't Start at Gitlab Runner Using Gitlab-Ci
Without Converting to a String, How Many Digits Does a Fixnum Have
How to Programmatically Remove "Singleton Information" on an Instance to Make It Marshal
I Am Getting This Gem Install Error for Kgio Gem When I Do a Bundle Install
Devise with Ruby on Rails - Force User to Change Password on First Login
How to Catch an "Undefined Method '[]' for Nil:Nilclass" Error