I trying to build a web app to manage my severs using ansible
now I using Centos 7, PHP 7.4,Laravel 8 and apache to build this app and I'm already install https://packagist.org/packages/asm/php-ansible composer package for using ansible inside of my project.
here is my code:
$ansible = new Asm\Ansible\Ansible(
'/var/www/xxx/storage/ansible',
'',
''
);
$ansible->playbook()->play($myplaybookPath)->inventoryFile($myInventoryPath)->execute(function ($type, $buffer) {
if (Process::ERR === $type) {
echo 'ERR > '.$buffer ."<br/>";
} else {
echo 'OUT > '.$buffer."<br/>";
}
});
Here is the output :
OUT > PLAY [install nano] ************************************************************
OUT > TASK [Gathering Facts] *********************************************************
OUT > fatal: [xx.xx.14.139]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
OUT > PLAY RECAP *********************************************************************
OUT > xx.xx.14.139 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
OUT >
the username and password in the inventory file is correct and I test it many times also I try with new server with a very simple password.
I google this error host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)." and I found out its about the authorized_keys for the user that run the ssh
I change the permission and mod of the .ssh folder for my apache user in /var/user/share/httpd/.ssh
buy this error still remain and I don't know how to fix this.
thanks for help
update
it's not about my web server Configuration and everything about apache and PHP is ok.
I run my the playbook directly from terminal using ansible-playbook:
ansible-playbook /var/www/xxx/storage/ansible/playbooks/install_nano -i /var/www/xxx/storage/ansible/inventories/testInventory -vvv
I got the same error and I guess it's about the Auth information in InventoryFile
ansible-playbook 2.9.25
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /var/www/xxx/storage/ansible/inventories/testInventory as it did not pass its verify_file() method
auto declined parsing /var/www/xxx/storage/ansible/inventories/testInventory as it did not pass its verify_file() method
Parsed /var/www/xxx/storage/ansible/inventories/testInventory inventory source with ini plugin
Skipping callback 'actionable', as we already have a stdout callback.
Skipping callback 'counter_enabled', as we already have a stdout callback.
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'full_skip', as we already have a stdout callback.
Skipping callback 'json', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'null', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
Skipping callback 'selective', as we already have a stdout callback.
Skipping callback 'skippy', as we already have a stdout callback.
Skipping callback 'stderr', as we already have a stdout callback.
Skipping callback 'unixy', as we already have a stdout callback.
Skipping callback 'yaml', as we already have a stdout callback.
PLAYBOOK: install nano ******************************************************************************************************************************************************************************
1 plays in /var/www/xxx/storage/ansible/playbooks/install nano
PLAY [install nano] *********************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************
task path: /var/www/xxx/storage/ansible/playbooks/install nano:2
<xx.xx.14.139> ESTABLISH SSH CONNECTION FOR USER: root
<xx.xx.14.139> SSH: EXEC sshpass -d8 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/a7f10d151a xx.xx.14.139 '/bin/sh -c '"'"'echo ~root && sleep 0'"'"''
<xx.xx.14.139> (255, '', 'Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [xx.xx.14.139]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).",
"unreachable": true
}
PLAY RECAP ******************************************************************************************************************************************************************************************
xx.xx.14.139 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
Here is the inventory file content
[linux]
xx.xx.14.139
[linux:vars]
ansible_user=root
ansible_password=testPassword
also, I try ansible_ssh_user / password but it's not working!
CodePudding user response:
Here is the solution
I enabled verbose mode in ssh connection and I notice that the outcoming SSH request didn't support Password Authentication.
There are 2 SSH config files /etc/ssh/sshd.conf for the incoming requests and /etc/ssh/ssh.cong for outcoming so I fix the issue from out coming request config file and enable the password authentication.
after that, I set permissions for my apache ssh files like keys and known hosts files.
after that, I create a command in laravel so I can run my ansible playbooks using the root user and Crond.