Capistrano allows you to deploy through a gateway server using a :gateway attribute. When migrating from capistrano to mina you might wonder how mina does this.
Mina relies on a properly setup ssh config file, in particular the use of ProxyCommand.
For example lets assume you want to deploy to intranet.example.com using a gateway at gateway.example.com.
Your mina config will look something like this:
require 'mina/bundler'
require 'mina/git'
set :domain, 'intranet.example.com'
set :deploy_to, '/var/very/secret'
set :repository, 'git://git.example.com/very/secret'
set :branch, 'master'
set :user, 'secret'
desc "Deploys the current version to the server."
task :deploy => :environment do
deploy do
invoke :'git:clone'
invoke :'bundle:install'
to :launch do
queue "touch #{deploy_to}/tmp/restart.txt"
end
end
end
Note the use of intranet.example.com as host even though it’s only accessible through gateway.example.com!
To make this work you need to setup your $HOME/.ssh/config using a ProxyCommand effectivly telling SSH to connect to gateway.example.com first when connecting to intranet.example.com:
Host gateway.example.com
IdentityFile ~/.ssh/id_rsa
User administrator
ProxyCommand none
Host intranet.example.com
ForwardAgent yes
ProxyCommand ssh gateway.example.com nc %h %p
That’s all. Now you can deploy with mina using a gateway.
You might ask why this fact is so obfuscated.
If you’ve ever taken a look at the simulated output of mina it’s actually very obvious:
$ bundle exec mina deploy -S
#!/usr/bin/env bash
# Executing the following via 'ssh [email protected] -A -t':
…
There you go: a simple bash script executed over SSH.
If you ever run into problems when deploying with mina, check the deployment script step by step to find the culprite.
To sum up the important points:
- your
:domainfrom your deploy.rb and theHostfrom ssh config need to be the same (NOTHostnameand:domain). gateway.example.comneeds to be able to resolveintranet.example.com. If this is not the case, add aHostnameproperty with a correct ip.
Happy deploying :)