I've been working on this for ~2 hours now, and I'm completely at a loss. I know this question has been asked and answered before, but I'm totally stumped.
I'm trying to clone a github repo onto a virtual machine via ansible.
When I do I get the following error:
Warning: Identity file /home/REMOTE_USER/.ssh/id_ed25519 not accessible: No such file or directory
[email protected]: Permission denied (publickey)
fatal: Could not read from remote repository
Please make sure you have the correct access rights and the repository exists.
Here is the ansible playbook handling the github cloning:
- name: Create SSH Key
hosts: vm
remote_user: REMOTE_USER
vars:
local_keyfile: /home/LOCAL_USER/.ssh/id_ed25519
public_key: "{{ lookup('file', '/home/LOCAL_USER/.ssh/id_ed25519.pub') }}"
remote_keyfile: /home/REMOTE_USER/.ssh/id_ed25519
repository: "[email protected]:GITHUB_USERNAME/GITHUB_REPO.git"
tasks:
- name: Add public key to authorized keys
lineinfile:
path: /home/REMOTE_USER/.ssh/authorized_keys
line: "{{ public_key }}"
- name: Copy SSH Key
copy:
src: "{{ local_keyfile }}"
dest: "{{ remote_keyfile }}"
owner: REMOTE_USER
group: REMOTE_USER
mode: 0600
- name: Configure SSH to use ansible key for github.com
template:
src: templates/ssh_config.j2
dest: /home/REMOTE_USER/.ssh/config
owner: REMOTE_USER
group: REMOTE_USER
mode: 0644
- name: Clone repo
git:
dest: /home/REMOTE_USER/PATH_TO_REPO
repo: "{{ repository }}"
key_file: " {{ remote_keyfile }}"
clone: yes
update: yes
Steps I've taken to try to fix the issue:
- Added the public key to authorized_keys on the remote host
- Added
Host github.com
IdentityFile PATH_TO_PRIVATE_KEY
IdentitiesOnly yes
to the .ssh/config file on the remote host.
- Created an ansible.cfg file that has:
[defaults]
transport = ssh
sudo_flags = -HE
[ssh_connection]
ssh_args = -o ForwardAgent=yes
- Ran the playbook as
root
&REMOTE_USER
- Removed the
Copy SSH Key
task
I've messed around with all these settings, and no mix of them works. If I manually SSH into the VM I can run git clone [email protected]:GITHUB_USER/REPO
and it works fine (but prompts me for the passphrase for my SSH key)
REMOTE_USER
has permissions for the private key, the directory the repo is being cloned into, authorized_keys, the public key, & the config file.
Everything I've tried that I've read from stackoverflow, other stackexchange sites, and the general internet hasn't worked so far.
I would appreciate any guidance as to how I can fix this issue that doesn't involve using HTTPS for the git clone.
CodePudding user response:
I was able to reproduce your issue locally, and I found the problem is the leading whitespace in the string
key_file: " {{ remote_keyfile }}"
If you remove the space after the first quote, it should work.
I should note I tested locally without a passphrase on the key. I'd imagine the passphrase might be an issue for the git
module.