In order to automate build on a server, I had to do the following:
Make a user with root access on the destination server
Add rsa-gen public key to authorised_keys of destination server, for passwordless login.
Created script with 1st command being ssh user#dest.
The problem we are facing is that command execution still asks for sudo... How do we achieve this in a script or otherwise?
There is a plugin to make this simple.
SSH plugin can take server details along with credentials and can handle all of it for us.
To use it, follow these steps:
install SSH plugin on your jenkins from Manage plugins.
go to configure system, add under SSH remote hosts.
add all the details required to connect to server
In your job, add build step - Execute shell script in remote host using ssh.
Related
I'm still new to AWS and this is my first attempt at working with MariaDB; I'm used to dealing with hosting providers that already have something like cPanel installed so please be nice. :)
I'm using Bitnami's WordPress Multi-Tier with Amazon RDS for MariaDB
Bitnami's documentation is usually quite good, but in this particular case I'm not finding anything. I've reached out to their support and the only reply I've received until now was something akin to: "use a WordPress plugin to make database exports" which is obviously isn't going to cut the mustard when it comes to importing.
What I want to accomplish:
Connect to my database
Export my database
Import (overwrite) a database
Essentially, I want to deploy my local WordPress to AWS...files are all good, but I'm lost when it comes to databases.
(NOTE: I want to get out of the habit of relying on phpMyAdmin and, ideally, don't want to have to go through installing it, etc)
I started here: [Connecting to a DB Instance Running the MariaDB Database Engine][2]
After SSH'ing in I've tried:
Command: mysql
Outputs: ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/opt/bitnami/mariadb/tmp/mysql.sock' (2)
Command: mysql -h MY-DB-INSTANCE.us-east-1.rds.amazonaws.com -P 3306 -u bitnami
Outputs: Access denied for user 'bitnami'#'10.0.4.110' (using password: NO)
EDIT: I've split this thread into a separate one for other issues that I ran into.
Presumably your MySQL user bitnami actually has a password, so you may try this:
mysql -h MY-DB-INSTNACE.us-east-1.rds.amazonaws.com -P 3306 -u bitnami -p
^^^ add this
Your shell should prompt you for the password.
Beyond this, you need to make sure that you have opened your RDS instance to the IP from which you are trying to connect. You could open it to all IPs, but it is better practice to just open it to your dev machine, as well as the production machines which would be hitting the database. If you don't do this step, you also would not be able to connect.
Edit: If your user bitnami does not yet exist, then you may have to login as root and configure. Or perhaps you would have to reset the password if forgotten. You should always write down the admin credentials, as a last resort means of accessing your RDS instance.
I am building a multi-tenant application where requests to multiple domains have to be serviced by the same nginx server.
In order to achieve this, a script creates nginx configs for each domain after a registration process and adds them into a folder. The base nginx configuration has been setup to read configs from this folder.
If I manually restart nginx using sudo service nginx restart the application works fine. However, I am looking for this to happen without a manual intervention. i.e. I want my script to refresh nginx config and I want to do it without entering a sudo password again.
Can someone help me achieve this?
I would strongly discourage using service ngnix restartto reload configs, especially in a multi-tenant environment. You risk interrupting ongoing requests, sessions, etc. That's potentially fine, but each tenant had to make that determination and has to do so at appropriate times. Nginx supports the command service ngnix reload to address this concern. Reload allows for configs to be reloaded without any downtime.
You could trigger the command at least 3 ways:
Periodic cron job (easiest to setup, least efficient)
Manually triggering the command
Trigger through filesystem monitoring
Option 2 would be good if, for example, you had some web interface that allows a tenant to modify a config and you know to manually trigger the command or to send a message to some other service that triggers it. You could avoid using sudo securely by granting the web application the ability to run a single command as root e.g. vi sudo and add the line www-data ALL=(ALL) NOPASSWD: /usr/sbin/service nginx reload where www-data should be whatever user your application runs under. Then you can just execute the shell command according to whatever api is appropriate for the language you are using.
Option 3 would be the most robust. There all several options for monitoring the filesystem but I would recommend incron. Here's a guide to install and configure incron. You could monitor changes to whichever directory you store configs in and use service nginx reload in place of the example command in the tutorial.
I am some issue with connecting the pipes between MySQL Workbench and my Bitnami Wordpress instance on AWS (using ssh). I have read and attempted the docs several times, I don't know what is going on.
I have successfully ssh-ed via the command line using ssh -i my_key_file bitnami#IP-Address.
However, I cannot get it to work for MySQL Workbench.
Field Value
SSH Hostname IP-Address
SSH Username bitnami
SSH Key File <path-to-key-file>
MySQL Hostname 127.0.0.1
MySQL Server Port 3306
MySQL username root
The path to key-file is correct as it works for other AWS instances. And the SSH hostname and SSH username get my access via the terminal - so I would assume these are fine?
When I test the connection, I am prompted for a password. Everywhere online suggests that this password is the admin password used the Wordpress account (accessible via the system logs). I have this password. However, this doesn't get me in.
The attempted connection returns the error: Failed to Connect to MySQL at 127.0.0.1:3306 through SSH tunnel at bitnami#IP-Address with user root
Any help would be appreciated
I have read and attempted the docs several times, I don't know what is going on.
I guess you are referring to this documentation
Could you try to reset the password for the root user as described in the guide below?
https://docs.bitnami.com/aws/components/mysql/#how-to-reset-the-mysql-root-password
Once you have restarted it and you have chosen a new one, use this new password on the Workbench.
woocommerce webhooks aren't firing at all for me, even on a fresh install. I did the following:
Create a new MySQL database
Install WP from the zip file.
Set up WP.
Install Woocommerce.
Enable REST API and create a key.
Added "Coupon created" webhook, made sure it's set to active, and set it to a publicly accessible site.
When I create a coupon, the webhook does not fire, and no entry is created in the log. I tried this with orders as well and also doesn't work.
I think it's a machine configuration problem, but not sure what to change. The machine is an EC2 instance and has all ports opened in its security group policy.
Weirdest of all is that on a different EC2 instance does work, but it's a production machine and I want to have a dev server work so I can test out things. The only config differences between the production and dev machines that I can think of are the subnets and the firewall, but I don't understand why the subnet should matter and I opened all the firewall ports on the dev machine.
what Linux distributions are you running for prod and dev?
CentOS with SELinux enabled with not allow HTTPD scripts and modules to connect to network by default.
setsebool -P httpd_can_network_connect on
If above is not valid, please identify network problems by trying connecting to AWS RDS via SSH CLI. If you can open a connection via SSH CLI, the problem will be with your application. If you can't, it will be network problem. First thing to check in that case is AWS RDS security group. For testing you can open 3306 to public.
Let me know how it goes.
I created an instance to host my wordpress blog. I made a keypair, converted it using PuTTY Gen so that it would work with winscp.
My security group that is associated with my instance has:
ICMP Allow All
TCP 0-65535
TCP 22 (SSH)
TCP 80 (HTTP)
TCP 443 (HTTPS)
UDP 0-65535
I am running a Bitnami-Wordpress 3.2.1-0 Ubuntu AMI
My Question is: How do I host a simple file on my instance?
UPDATE: so I was able to login using SFTP by simply filling in my instance Public DNS as my host, and the PuTTY Gen key as the private key, the username I had to use was Bitnami. So now I have access to the server, how or where do I put a file so that it will come out www.mywebsite.com/myfile.file???
I am assuming that I need to SSH into the server using putty, and add it into the WWW directoroy?
What I have tried:
I tried logging in using WinSCP with host name being my instance's Public DNS, and my private key file the converted PuTTY Gen file that was originally the key pair for the instance.
Using SFTP, pressing login it asks me for a user name, entering "user" or "ec2-user" I get an error saying:
"disconnected, no supported authentication methods available (server sent: public key), Server >refused our key. Authentication failed.
Using root for the username, it asks for a passphrase that I created for my keypair using PuTTY Gen, It accepts it, but then I get this error:
"Received too large (1349281121 B) SFTP packet. Max supported packet size is 1024000 B. The error >is typically caused by message printed from startup script (like .profile). The message may start >with ""Plea"". Cannot initialize SFTP protocol. Is the host running a SFTP server?
If in WinSCP I put the username as "user" and the password as "bitnami" (before I press login) (default wordpress password for bitnami AMI) it gives me this error:
Disconnected: No supported authentication methods available (server sent: publickey). Authentication log (see session log for details):Using username: "user". Server refused ourkey. Authentication failed.
I get the same errors using SCP instead of SFTP in WinSCP except when I use SCP and I press login, and I use username "root" it asks me for my passphrase, after entering that I get this error:
Connection has been unexpectedly closed. Server sent command exit status 0. Error skipping startup message. Your shell is probably incompatible with the application (BASH is recommended).
Also, if you want to remove wordpress from the URL, you can use the following instructions I posted on my blog (travisnelson.net):
$ sudo chmod 777 /opt/bitnami/apache2/conf/httpd.conf
$ vi /opt/bitnami/apache2/conf/httpd.conf
changed DocumentRoot to be: DocumentRoot “/opt/bitnami/apps/wordpress/htdocs”
$ sudo chmod 544 /opt/bitnami/apache2/conf/httpd.conf
$ sudo apachectl -k restart
Then in WordPress, change the Site address (URL) in General Settings to not have /wordpress.
Hope this helps
If you are already able to connect using SFTP. Now you just need to copy the file. Where you need to copy it depend on what you are trying to do.
BitNami Wordpress AMI has the following directory structure (I only include the relevant directories for this question):
/opt/bitnami
|
|-- apache2/htdocs
|-- apps/wordpress/htdocs
You mentioned that you want to www.mywebsite.com/myfile.file. If you didn't modify the default apache configuration you will need to copy file in /opt/bitnami/apache2/htdocs (this is the DocumentRoot for the BitNami WordPress AMI.
If you want that file to be accessed from www.mywebsite.com/wordpress/myfile.file, then you need to copy it in /opt/bitnami/apps/wordpress/htdocs.
If what you are trying to do is to manually install a theme or plugin you can follow the WordPress documentation taking into account that the wordpress installation directory is /opt/bitnami/apps/wordpress/htdocs.
Also, you can find below some links to the BitNami Wiki explaining how to connect to the AMIs. I just include them as a reference for other users that find the same connection issues.
Further reading:
How to connect to your amazon instance
How to upload files from Windows
I had a similar problem recently. Having setup Bitnami Wordpress on AmazonAWS I was unable to modify, add, or remove themes from within the Wordpress admin interface even though all of my permissions were setup appropriately according to Wordpress recommended settings. However, I did not want to have to resort to turning FTP access on.
I was able to resolve the issue by:
Setting the file access method for Bitnami Wordpress to 'direct'.
Changing all users to Apache Bitnami.
Adding Bitnami to Apache group and Apache to Bitnami group.