docker4drupal icon indicating copy to clipboard operation
docker4drupal copied to clipboard

Published 20 hours ago verified publisher icon wodby

How to handle ssh keys?

Open kevinquillen opened this issue 6 years ago • 3 comments

Codebase Mounted codebase

Describe your issue I want to find a way to allow developers on the project to mount their SSH key into the container so Drush commands work to remote servers, like Acquia, for sql-sync or other tasks.

So far, I came up with this:

Makefile:

-include .env.local .env

.PHONY: up down gulp stop prune ps shell drush logs

default: up

ACQUIA_SSH_KEY ?= ~/.ssh/id_rsa
PROJECT_ROOT ?= /var/www/html
DRUPAL_ROOT ?= /var/www/html/docroot

up:
	@echo "Starting up containers for $(PROJECT_NAME)..."
	docker-compose --log-level ERROR pull
	ACQUIA_SSH_KEY=$(ACQUIA_SSH_KEY) docker-compose --log-level ERROR up -d --remove-orphans

.env.local is gitignored, within that I have:

ACQUIA_SSH_KEY=~/.ssh/acquia

Then I modified the up command to inject this argument to docker-compose, and in the yml file:

    volumes:
      - ./:/var/www/html:cached # User-guided caching
      - ./drush/${PROJECT_NAME}.aliases.drushrc.php:/home/wodby/.drush/${PROJECT_NAME}.aliases.drushrc.php
      - ${ACQUIA_SSH_KEY}:/home/wodby/.ssh/id_rsa

The reason for this is that not all developers have the same key path on their machine or have the same name for the file, so I need the flexibility to allow them to override the env variable in such a case.

Is there a better way to support this? Did I miss something obvious?

kevinquillen avatar Jan 24 '19 19:01 kevinquillen

How is docker-compose.override.yml used? Would that work here? The docs state:

Delete docker-compose.override.yml as it's used to deploy vanilla Drupal

kevinquillen avatar Jan 24 '19 19:01 kevinquillen

According to this, you should use docker-compose.override.yml as this will achieve it:

https://runnable.com/docker/advanced-docker-compose-configuration

Now I can remove the Makefile modifications and local env file, and remove things like xdebug and ssh path from the main compose file and store that in a gitignored docker-compose.override.yml

The docs should be updated to note this instead of "delete this file" because its not clear. I am not sure if this is the intended result for the file, but does allow someone to enable xdebug and change the ssh key mount for example... without forcing it on other devs.

kevinquillen avatar Jan 24 '19 21:01 kevinquillen

Any more info on this?

0xCardiE avatar Mar 17 '20 13:03 0xCardiE