Sometimes, through some firewall or proxy misconfiguration, you might have to deploy to a server that cannot access the git repository.
SSH can be tunneled over an HTTP Proxy. For example, when the repo is on github
, use this:
Install socat
Add a ~/.ssh/config
on the target server(s) with permission 0600 and this content:
Host github.com ssh.github.com
User git
Hostname ssh.github.com
Port 443
ProxyCommand socat - PROXY:<your proxyhost>:%h:%p,proxyport=<your proxyport>
Set the repo url in your deploy.rb
to ssh://git@github.com/...
. You cannot skip the ssh://
.
Deploy.
Follow these steps:
Log in to the remote server and delete the cached repo (in project_root/repo
).
Open a separate SSH connection for each target server and forward an SSH port like this:
ssh deploy-user@server -R 1222:git.host:22
Set the repo url in your deploy.rb
to ssh://git@localhost:1222/...
(for our Gitlab, this would be ssh://git@localhost:1222/makandra/repo
)
Be sure to really use the ssh://
, otherwise git will silently ignore the port and you'll end up with a confusing password prompt.
Deploy.