Deploying to generic server with SSH, et al

codedeploy

#1

I’m trying to set up deployment of a currently empty repo (https://circleci.com/gh/HouseShafer/circle-pushing/1) to a SimpleHelix server, located at https://random_letters_symbols_numbers.simplehelix.host. Since it isn’t one of the standard servers like Heroku, there isn’t a guide in the documentation so I was writing to ask if you could shed some light on how I can configure the project to push to a generic server like that, whether via SSH, FTP, or other means. There’s a possibility that I’m thinking about it entirely wrong but I think this is the right direction. Thanks in advance for your help!


#2

Hi,

This post is almost a month old so I’m not sure if you figured this out already or not. Without knowing specifics of your project, I would suggest using SCP in the circle.yml file to copy your files from the CircleCI build container to your servers - be it a production or staging environment.

-Ricardo


#3

Hi Ricardo, thanks! Appreciate that. What would the actual sequence of commands be to push using SCP? Thanks again.


#4

In the dependencies section of circle.yml you can have a line such as this:

deployment:
  production:
    branch: master
    commands:
      - scp -r circle-pushing/* username@my-server:/path-to-put-files-on-server/

“circle-pushing” is your repo name, which is whatever it’s called in GitHub or Bitbucket, and the rest is the hostname and filepath of the server you want to upload files to.


#5

Thanks so much! I appreciate that. :smiley:


#6

It asks for a password but having it on the next line after the scp one like:

- passw0rd!23

doesn’t enter it. How would I authenticate? I also tried setting up an SSH key but it says that CircleCI doesn’t support an encrypted key. So perhaps I’m on the right track but doing something wrong? Or I could be way off. haha :stuck_out_tongue: Thanks!


#7

You would use SSH keys. You’d need to create a new SSH key specifically for CircleCI, then add the private ket to CircleCI and the public key to your server. This is touched upon here: https://circleci.com/docs/permissions-and-access-during-deployment/


Scp using public key
#8

I tried to add an SSH key like I said in the last message but Circle rejected it with this error message:

The key is valid and authorized (though I’ll take it down now since I’m posting it online) but it still says that the key is invalid. Sorry if I’m missing something blindingly obvious. I’m trying to follow the instructions as much as I can. Thanks!


#9

Hi,

I don’t know what the rest of your input on that page looks like but from what I can see in the screenshot, the first 4 lines in the “Private Key” text area shouldn’t be there as those lines aren’t a part of the SSH key.


#10

I tried without those lines and it gives the same error. If I add some headers that get generated along with it:

Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,678623D6A0CC2E2236A45C9C0FF00557

Then the error is slightly different:

Error: it looks like this key is encrypted: we don't support password-protected keys If we can help, contact us.

Can you post a legitimately formatted SSH key that I can model mine after?


#11

Are you setting a passphrase for the key? If so, you don’t want to do that. Here is an example/typical RSA format private SSH key:

-----BEGIN RSA PRIVATE KEY-----                                                                                                                                                                                     
MIIJKQIBAAKCAgEAtty4+n92V2n7rklNRjjaPcl9lvnN9MrGUbbdfrqVzJkTZOgy                                                                                                                                                    
ABUOCnlys37L5wgG+at6piOs759B/p3/n25/+6mpLrzvQSDOsQeK1Ml3/WjdvzpF                                                                                                                                                    
on6Enocje6eDBj0kulNviLiqJScYNBAAxdLKQ/ls7Bhdd22rSBw6DsFN2XiUcPqi                                                                                                                                                    
E8V9Sd7+/3Tg4E++yarG44s/NUWyT7AC/VIVkPcKwzUgUEWtML+IooxJzgnvLHnf                                                                                                                                                    
co9VfG6y2vbIdByakHU8Wjy18X+AfkbNPsUlXCy8AvqYueEWBFaaM7OAT552z9zq                                                                                                                                                    
fUrVqU1O2aogUoIDiQerqcfIjiCXoP7fEhakNZJGQLAMarxeqh87z0TrIjEvpGUv                                                                                                                                                    
la9VnIymZrfNeJgRW/rIjAXoPGPboaYO3LP7bJLFjq1XoqslPIzH6EHxB8NIdNMF                                                                                                                                                    
yYM8SzZqgo7FeYaH2/vQBeWFNSxNs4YN1w5yPBjVVfi1VU7kTVsoY20OXP7HIDHK                                                                                                                                                    
pFjxhsktPXCnm6lGBTVu9bz69aebPuf36zW1PmArUAgzjF+Li0MbhmE/KyBMG7Ks                                                                                                                                                    
WXnELuTzt+7nL8y9jPuSAgDFZdLoE1eqHtH5Iap3KWigWL9ATPICMkTMwEbA1N2o                                                                                                                                                    
cbV2RN4Ai/Jo97HMCmfi/fZh6nuAQS0LpzMUu230WrWwi5YEImTBc+93YekCAwEA                                                                                                                                                    
AQKCAgEAopA6ykcCV9fabSixT9o++mrkAZH2bMbP49kjtAQAJDF5sl1SBgyxvNIX                                                                                                                                                    
DEeO0carHM47bPOOTEBSlR61H3FGyd4cj3ZbZJTb6zl/TIgG6fuOFvCg80Jyd9Q/                                                                                                                                                    
0TAsJSG6QwLlxrAUYo8Mz0viw/sO4bseAA3xGbkfai3d1zw2Dz1JCd9msxkAtulN                                                                                                                                                    
3KB1QjTisbnmsmcaPCvHx1v8bGPK1GMq6DuUjIhE3W+I8qiw/ECMpgd6hAe0wbhP                                                                                                                                                    
vKVjswWyyvXOP5J1VUo6WwhqcoElI3qJckSB/c2Cmzy6PXg4e4+upEALHnOm2qnl                                                                                                                                                    
jU/XCEKZDfsJuxfmzaNf6Tpr6VLDi3JghmT2eicRIe5T20IwwZApP16ZjWqan62D                                                                                                                                                    
KTTHS8FwXOd0jQsi7c5HO1U9ibzDdYiQ7TjPpXPEipl5DHtjRq63CFmhvdpcjSAJ                                                                                                                                                    
uvqzvy8eTyNR7DtVllv2WIohhXtFU0ARrAExIygO7nL16o/WhfR2wW8H+hcK/oOB                                                                                                                                                    
qLibQF6jkx6Ofvr1x9uCrlSncYMw+Oroh0mokqMQdaVhMfuAY2CzZRg4w8Ci4VnM                                                                                                                                                    
4o5wIX93PoWbGWR5zmBlWywsLGQhw/ICJtbAy4QDXfLnOpWts1PTDgECp3MV+HzY                                                                                                                                                    
9qV8Um2snyeuz8lQO98iI+ul/sMAq1vvVCmgpXKO9cu3ooVMg1kCggEBAOwqYV21                                                                                                                                                    
PnL9HKtanBCo8gvQ/0WY/E4cAT45qfjlqZe3EPWmWFFEE/uioeP0uWR1HcILILhl                                                                                                                                                    
BRciEESHgxup5UAR/fgaaLFgdBGUK+10+gJyJ4vZmDe5J6wRYRRnzfZu2giWtVSb                                                                                                                                                    
du/mKE33HsqKtVsfNchZmGTBaSGwVRCrKooq2aWDv+Q8EeeRG7JkjkJAcLjN6NsP                                                                                                                                                    
xqisqxsAXKwNTCvYxDBxNbOwkPbt/QoL2GG18jwEIgH4TfkVHhMa8zoA3Xpd7DWD                                                                                                                                                    
uiQwcABjes5bLQcYbOBGnTbCBpVjwisgP3JQxiYY9FQoGimFoS3KLo+CMyVvMRH7                                                                                                                                                    
v8sl38FCMr4VV9sCggEBAMY4TnteCkwOQ+1ACm2ZdjCxmJDwcAp2Rupn9lnBM3hX                                                                                                                                                    
jvpD773Q4BGWSwG/u4z7XHr7l7fQunCvYzubeRZa84GUVzLBBdjaJYd+wPqxYFUt                                                                                                                                                    
YNb8trfi6VB6qT+lLQ8kh1gm4d6mVS2WPAhHRmt60KykjyRNEqwPnIOWsLzWzI9a                                                                                                                                                    
pWobL3pTQsJW9AMv1upS0fFaP1BKukzrQ28kydiv/aetGMPOjoOaLVha1JV9h/JT                                                                                                                                                    
JS4dxbQti5hj/svDiOtvvMR7TuT9M6CPLqKGGGFcOZjBrlGntZbNkmXRKE7MP5lc                                                                                                                                                    
A2Rp5ERcv8sBeZPOfRuMEljfFHTavMlGmyx1dsKAaosCggEAW7mCI5E3dhXUwsDo                                                                                                                                                    
iJf1mp1L6E4pAHVkDjT7TU519hUGI0K+XqHgWQWrdwwfzWKnciw8QyIJPhje1J8F                                                                                                                                                    
TwNHpQDX8TrgmrPpoMI55Xpfd/+6WFjlBA+H1w7Q88n1dtdLG7bdKsVPBpIP6Wgn                                                                                                                                                    
r2b8VS3kB7K0u71bBdik0VqJpSxLaDuplg22rofvh/QCRL0eish+vkZ8VBrsQgp7                                                                                                                                                    
898eTJFecaomv2m+hAmfE/3RxvGR6bl5M+aq8ik/ixAWk9quKs675XUKIPAnMB9z                                                                                                                                                    
HR7QeEcGUn1apl/pirA6Q+G8grvYmgdrLhx9PM9H8K7sMpTRJKLxHhj3PwGwzDDX                                                                                                                                                    
4HgNrQKCAQAbA+mOXs7AduFDIItLTLMTB+FnP53Fj0EzCWBF81L0f9p4uXGfSSyA                                                                                                                                                    
uR8X6e3B1TBRgqC26LfAS+cWZKYoKdUuP+1yeWQ2neSnhtr+T9Z1RW4BXwf4H/D0                                                                                                                                                    
iwMuLXDqs2vO093M3paVU/hymGQ8mcx++x6XL/nvgWEvfgYwdoYCs7P/thzOazKa                                                                                                                                                    
EgfHt2lvHkKGxmoCo2yotxfFuhnYcoP7qlfJuAksXoL3m8mFZkp0+GgE1QHxAJQZ                                                                                                                                                    
/ObpFok+rUfo73VdODUlGN6eP/BqtIsVCrCbaGQTXYkqX0tDEgtI94Vu1g/KUWnC                                                                                                                                                    
XT0Yq/fZHUoS2rSLCJTaSck0Uf4RnDbpAoIBAQCWhh8bHTKGTqNqHAk2IXZicKrf                                                                                                                                                    
k3QlsUNjA63W9KfPFgVdN+r2h5jdUuP719cmfgAW+ZFO8WvjXRBWNsYm5f6xenvk                                                                                                                                                    
jApUm1Hc9obIqKcAX8G9BIVOs1NmUhyYug2++0sE7CtMeBc2wXEpvKrP/qiDTh1F                                                                                                                                                    
cMgXQsimCvKeIcaVx6lFlfzH7hQE9ndRgFqHGIYdm7RuEP/Uymfd+ld4LtbB4//d                                                                                                                                                    
ya5uB5hvNIxRojoBPUZ/OgIke4s3rjK5AkyGMygRf9EXLqZDp6atBmk123+cLpd2                                                                                                                                                    
C5pVauzhPSdOequavQR0nzoxrZ53P4qxntLGOiT97KRnW+yzwqayUX1g/DUU                                                                                                                                                        
-----END RSA PRIVATE KEY-----

A private key like this is what should be uploaded to CircleCI. Then, the corresponding public key (created at the same time as the private key) would be uploaded to your server:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC23Lj6f3ZXafuuSU1GONo9yX2W+c30ysZRtt1+upXMmRNk6DIAFQ4KeXKzfsvnCAb5q3qmI6zvn0H+nf+fbn/7qakuvO9BIM6xB4rUyXf9aN2/OkWifoSehyN7p4MGPSS6U2+IuKolJxg0EADF0spD+WzsGF13batIHDoOwU3ZeJRw+qITxX1J3v7/dODgT77Jqsbjiz81RbJPsAL9UhWQ9wrDNSBQRa0wv4iijEnOCe8sed9yj1V8brLa9sh0HJqQdTxaPLXxf4B+Rs0+xSVcLLwC+pi54RYEVpozs4BPnnbP3Op9StWpTU7ZqiBSggOJB6upx8iOIJeg/t8SFqQ1kkZAsAxqvF6qHzvPROsiMS+kZS+Vr1WcjKZmt814mBFb+siMBeg8Y9uhpg7cs/tsksWOrVeiqyU8jMfoQfEHw0h00wXJgzxLNmqCjsV5hofb+9AF5YU1LE2zhg3XDnI8GNVV+LVVTuRNWyhjbQ5c/scgMcqkWPGGyS09cKebqUYFNW71vPr1p5s+5/frNbU+YCtQCDOMX4uLQxuGYT8rIEwbsqxZecQu5PO37ucvzL2M+5ICAMVl0ugTV6oe0fkhqncpaKBYv0BM8gIyRMzARsDU3ahxtXZE3gCL8mj3scwKZ+L99mHqe4BBLQunMxS7bfRatbCLlgQiZMFz73dh6Q== Test Key

GitHub has a guide on creating SSH keys for Linux, OS X, and Windows. You’d want to skip the part where it says to use a secure passphrase though.


#12

I used the scp commad in my deployment section, but it is saying

stdin: is not a tty
sugarfield-snippets/*: No such file or directory

scp -r sugarfield-snippets/* kdari@kdari.com:/public_html/wp-content/plugins/sugarfield-snippets/ returned exit code 1

The repo in github is sugarfield-snippets. https://github.com/lgedeon/sugarfield-snippets/blob/master/circle.yml

Any ideas?


#13

Could you send us a link to a build which reproduces this error?


#14

Figured it out. I was basing my circle.yml on the - scp -r circle-pushing/* username@my-server:/path-to-put-files-on-server/ example above, but I thought that the circle-pushing part of the command was referring to the repository name, so I put my repo name there. But, that was apparently pointing to a folder inside the repo. I needed to deploy the full repo. When I used a * instead, it worked.


#15

A post was split to a new topic: How to deploy with SCP and custom port


#16

Actually I don’t know if it’s supposed to work like following. But this is the only way I got it running in the end after trying all possible combinations of public/private SSH key placements.

  1. On server git clone GitHub repo into new folder. Ceckout develop branch.

  2. On server create a new user, add him to www-data group, chown the folder.

  3. On server generate an SSH key pair for the new user.

  4. On server add the new user’s public key to the new user’s authorized_keys file.

  5. Add the public key as deploy key to the repo on GitHub.

  6. Add the private key to the project on Circle (Project Settings > Permissions > SSH Permissions) and ensure to have a hostname set.

  7. Add the following at the end of your circle.yml:

     # These commands are triggered only after a successful (green) build.
     deployment:
       dev:
         branch: develop
         commands:
           - ssh myuser@myhostname 'cd /path/to/my/repo && git pull origin develop'
    
  8. Commit and push this into the develop branch.

  9. On the server log in as the new user, checkout develop branch and pull at least once.

  10. On your local machine, on the develop branch, create a new commit and push it. Go watch build running on Circle CI.


#17

This is still an issue on version 2.0, I had to use chrome dev tools to inspect the network response to find out what was going on, the response from the server said that the key was encrypted therefore it was not supported, while on the UI there was no feedback about this, might be helpful to add a message on the UI informing the user what happened.


#18

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.