bard 1.0.0 → 1.0.2

data/lib/bard/cli.rb

@@ -1,17 +1,9 @@
 # this file gets loaded in the CLI context, not the Rails boot context
 
 require "thor"
-require "bard/git"
-require "bard/ci"
-require "bard/copy"
-require "bard/github"
-require "bard/ping"
 require "bard/config"
 require "bard/command"
-require "bard/provision"
 require "term/ansicolor"
-require "open3"
-require "uri"
 
 module Bard
   class CLI < Thor
@@ -19,244 +11,24 @@ module Bard
 
     class_option :verbose, type: :boolean, aliases: :v
 
-    desc "data --from=production --to=local", "copy database and assets from from to to"
-    option :from, default: "production"
-    option :to, default: "local"
-    def data
-      from = config[options[:from]]
-      to = config[options[:to]]
-
-      if to.key == :production
-        url = to.ping.first
-        puts yellow "WARNING: You are about to push data to production, overwriting everything that is there!"
-        answer = ask("If you really want to do this, please type in the full HTTPS url of the production server:")
-        if answer != url
-          puts red("!!! ") + "Failed! We expected #{url}. Is this really where you want to overwrite all the data?"
-          exit 1
-        end
-      end
-
-      puts "Dumping #{from.key} database to file..."
-      from.run! "bin/rake db:dump"
-
-      puts "Transfering file from #{from.key} to #{to.key}..."
-      from.copy_file "db/data.sql.gz", to: to, verbose: true
-
-      puts "Loading file into #{to.key} database..."
-      to.run! "bin/rake db:load"
-
-      config.data.each do |path|
-        puts "Synchronizing files in #{path}..."
-        from.copy_dir path, to: to, verbose: true
-      end
-    end
-
-    desc "master_key --from=production --to=local", "copy master key from from to to"
-    option :from, default: "production"
-    option :to, default: "local"
-    def master_key
-      from = config[options[:from]]
-      to = config[options[:to]]
-      from.copy_file "config/master.key", to:
-    end
-
-    desc "stage [branch=HEAD]", "pushes current branch, and stages it"
-    def stage branch=Git.current_branch
-      unless config.servers.key?(:production)
-        raise Thor::Error.new("`bard stage` is disabled until a production server is defined. Until then, please use `bard deploy` to deploy to the staging server.")
-      end
-
-      run! "git push -u origin #{branch}", verbose: true
-      config[:staging].run! "git fetch && git checkout -f origin/#{branch} && bin/setup"
-      puts green("Stage Succeeded")
-
-      ping :staging
-    end
-
-    option :"skip-ci", type: :boolean
-    option :"local-ci", type: :boolean
-    desc "deploy [TO=production]", "checks that current branch is a ff with master, checks with ci, merges into master, deploys to target, and then deletes branch."
-    def deploy to=:production
-      branch = Git.current_branch
-
-      if branch == "master"
-        if !Git.up_to_date_with_remote?(branch)
-          run! "git push origin #{branch}:#{branch}"
-        end
-        invoke :ci, [branch], options.slice("local-ci") unless options["skip-ci"]
-
-      else
-        run! "git fetch origin master:master"
-
-        unless Git.fast_forward_merge?("origin/master", branch)
-          puts "The master branch has advanced. Attempting rebase..."
-          run! "git rebase origin/master"
-        end
-
-        run! "git push -f origin #{branch}:#{branch}"
-
-        invoke :ci, [branch], options.slice("local-ci") unless options["skip-ci"]
-
-        run! "git push origin #{branch}:master"
-        run! "git fetch origin master:master"
-      end
-
-      if `git remote` =~ /\bgithub\b/
-        run! "git push github"
-      end
-
-      config[to].run! "git pull origin master && bin/setup"
-
-      puts green("Deploy Succeeded")
-
-      if branch != "master"
-        puts "Deleting branch: #{branch}"
-        run! "git push --delete origin #{branch}"
-
-        if branch == Git.current_branch
-          run! "git checkout master"
-        end
-
-        run! "git branch -D #{branch}"
-      end
-
-      ping to
-    end
-
-    option :"local-ci", type: :boolean
-    option :status, type: :boolean
-    desc "ci [branch=HEAD]", "runs ci against BRANCH"
-    def ci branch=Git.current_branch
-      ci = CI.new(project_name, branch, local: options["local-ci"])
-      if ci.exists?
-        return puts ci.status if options["status"]
-
-        puts "Continuous integration: starting build on #{branch}..."
-
-        success = ci.run do |elapsed_time, last_time|
-          if last_time
-            percentage = (elapsed_time.to_f / last_time.to_f * 100).to_i
-            output = "  Estimated completion: #{percentage}%"
-          else
-            output = "  No estimated completion time. Elapsed time: #{elapsed_time} sec"
-          end
-          print "\x08" * output.length
-          print output
-          $stdout.flush
-        end
-
-        if success
-          puts
-          puts "Continuous integration: success!"
-          puts "Deploying..."
-        else
-          puts
-          puts ci.last_response
-          puts ci.console
-          puts red("Automated tests failed!")
-          exit 1
-        end
-
-      else
-        puts red("No CI found for #{project_name}!")
-        puts "Re-run with --skip-ci to bypass CI, if you absolutely must, and know what you're doing."
-        exit 1
-      end
-    end
-
-    desc "open [server=production]", "opens the url in the web browser."
-    def open server=:production
-      exec "xdg-open #{config[server].ping.first}"
-    end
-
-    option :home, type: :boolean
-    desc "ssh [to=production]", "logs into the specified server via SSH"
-    def ssh to=:production
-      config[to].exec! "exec $SHELL -l", home: options[:home]
-    end
-
-    desc "install", "copies bin/setup and bin/ci scripts into current project."
-    def install
-      install_files_path = File.expand_path(File.join(__dir__, "../../install_files/*"))
-      system "cp -R #{install_files_path} bin/"
-      github_files_path = File.expand_path(File.join(__dir__, "../../install_files/.github"))
-      system "cp -R #{github_files_path} ./"
-    end
-
-    desc "provision [ssh_url]", "takes an ssh url to a raw ubuntu 22.04 install, and readies it in the shape of :production"
-    def provision ssh_url
-      Provision.call(config, ssh_url.dup) # dup unfreezes the string for later mutation
-    end
-
-    desc "setup", "installs app in nginx"
-    def setup
-      path = "/etc/nginx/sites-available/#{project_name}"
-      dest_path = path.sub("sites-available", "sites-enabled")
-      server_name = case ENV["RAILS_ENV"]
-      when "production"
-        (config[:production].ping.map do |str|
-          "*.#{URI.parse(str).host}"
-        end + ["_"]).join(" ")
-      when "staging" then "#{project_name}.botandrose.com"
-      else "#{project_name}.localhost"
-      end
-
-      system "sudo tee #{path} >/dev/null <<-EOF
-server {
-  listen 80;
-  server_name #{server_name};
-
-  root #{Dir.pwd}/public;
-  passenger_enabled on;
-
-  location ~* \\.(ico|css|js|gif|jp?g|png|webp) {
-    access_log off;
-    if (\\$request_filename ~ \"-[0-9a-f]{32}\\.\") {
-      expires max;
-      add_header Cache-Control public;
-    }
-  }
-  gzip_static on;
-}
-EOF"
-      system "sudo ln -sf #{path} #{dest_path}" if !File.exist?(dest_path)
-      system "sudo service nginx restart"
-    end
-
-    desc "ping [server=production]", "hits the server over http to verify that its up."
-    def ping server=:production
-      server = config[server]
-      down_urls = Bard::Ping.call(config[server])
-      down_urls.each { |url| puts "#{url} is down!" }
-      exit 1 if down_urls.any?
-    end
-
-    # HACK: we don't use Thor::Base#run, so its okay to stomp on it here
-    original_verbose, $VERBOSE = $VERBOSE, nil
-    Thor::THOR_RESERVED_WORDS -= ["run"]
-    $VERBOSE = original_verbose
-
-    desc "run <command>", "run the given command on production"
-    def run *args
-      server = config[:production]
-      server.run! *args, verbose: true
-    end
-
-    desc "hurt <command>", "reruns a command until it fails"
-    def hurt *args
-      1.upto(Float::INFINITY) do |count|
-        puts "Running attempt #{count}"
-        system *args
-        unless $?.success?
-          puts "Ran #{count-1} times before failing"
-          break
-        end
-      end
-    end
-
-    desc "vim [branch=master]", "open all files that have changed since master"
-    def vim branch="master"
-      exec "vim -p `git diff #{branch} --name-only | grep -v sass$ | tac`"
+    {
+      data: "Data",
+      stage: "Stage",
+      deploy: "Deploy",
+      ci: "CI",
+      master_key: "MasterKey",
+      setup: "Setup",
+      run: "Run",
+      open: "Open",
+      ssh: "SSH",
+      install: "Install",
+      provision: "Provision",
+      ping: "Ping",
+      hurt: "Hurt",
+      vim: "Vim",
+    }.each do |command, klass|
+      require "bard/cli/#{command}"
+      include const_get(klass)
     end
 
     def self.exit_on_failure? = true
@@ -273,6 +45,9 @@ EOF"
 
     def run!(...)
       Bard::Command.run!(...)
+    rescue Bard::Command::Error => e
+      puts red("!!! ") + "Running command failed: #{yellow(e.message)}"
+      exit 1
     end
   end
 end

data/lib/bard/command.rb

@@ -1,5 +1,9 @@
+require "open3"
+
 module Bard
   class Command < Struct.new(:command, :on, :home)
+    class Error < RuntimeError; end
+
     def self.run! command, on: :local, home: false, verbose: false, quiet: false
       new(command, on, home).run! verbose:, quiet:
     end
@@ -14,9 +18,7 @@ module Bard
 
     def run! verbose: false, quiet: false
       if !run(verbose:, quiet:)
-        raise "Running command failed: #{full_command}"
-        # puts red("!!! ") + "Running command failed: #{yellow(command)}"
-        # exit 1
+        raise Error.new(full_command)
       end
     end
 
@@ -49,7 +51,6 @@ module Bard
     end
 
     def remote_command quiet: false
-      uri = on.ssh_uri
       ssh_key = on.ssh_key ? "-i #{on.ssh_key} " : ""
       cmd = command
       if on.env
@@ -58,10 +59,11 @@ module Bard
       unless home
         cmd = "cd #{on.path} && #{cmd}"
       end
-      cmd = "ssh -tt #{ssh_key}#{"-p#{uri.port} " if uri.port}#{uri.user}@#{uri.host} '#{cmd}'"
+      uri = on.ssh_uri
+      cmd = "ssh -tt #{ssh_key} -p#{uri.port} #{uri.user}@#{uri.host} '#{cmd}'"
       if on.gateway
         uri = on.ssh_uri(:gateway)
-        cmd = "ssh -tt #{" -p#{uri.port} " if uri.port}#{uri.user}@#{uri.host} \"#{cmd}\""
+        cmd = "ssh -tt -p#{uri.port} #{uri.user}@#{uri.host} \"#{cmd}\""
       end
       cmd += " 2>&1" if quiet
       cmd

data/lib/bard/config.rb

@@ -12,13 +12,6 @@ module Bard
           "./",
           false,
         ),
-        theia: Server.new(
-          project_name,
-          :theia,
-          "gubito@gubs.pagekite.me",
-          "Sites/#{project_name}",
-          false,
-        ),
         gubs: Server.new(
           project_name,
           :gubs,
@@ -40,7 +33,7 @@ module Bard
         ),
       }
       if path && File.exist?(path)
-        source = File.read(File.expand_path(path))
+        source = File.read(path)
       end
       if source
         instance_eval source
@@ -51,9 +44,7 @@ module Bard
 
     def server key, &block
       key = key.to_sym
-      @servers[key] ||= Server.new(project_name, key)
-      @servers[key].instance_eval &block if block_given?
-      @servers[key]
+      @servers[key] = Server.define(project_name, key, &block)
     end
 
     def [] key

data/lib/bard/copy.rb

@@ -1,3 +1,6 @@
+require "uri"
+require "bard/command"
+
 module Bard
   class Copy < Struct.new(:path, :from, :to, :verbose)
     def self.file path, from:, to:, verbose: false
@@ -19,33 +22,20 @@ module Bard
     end
 
     def scp_using_local direction, server
-      uri = URI.parse("ssh://#{server.gateway}")
-      port = uri.port ? "-p#{uri.port}" : ""
-      gateway = server.gateway ? "-oProxyCommand='ssh #{port} #{uri.user}@#{uri.host} -W %h:%p'" : ""
+      gateway = server.gateway ? "-oProxyCommand='ssh #{server.ssh_uri(:gateway)} -W %h:%p'" : ""
 
       ssh_key = server.ssh_key ? "-i #{server.ssh_key}" : ""
 
-      uri = URI.parse("ssh://#{server.ssh}")
-      port = uri.port ? "-P#{uri.port}" : ""
-      from_and_to = [path, "#{uri.user}@#{uri.host}:#{server.path}/#{path}"]
-
+      from_and_to = [path, server.scp_uri(path)]
       from_and_to.reverse! if direction == :from
-      command = "scp #{gateway} #{ssh_key} #{port} #{from_and_to.join(" ")}"
 
+      command = ["scp", gateway, ssh_key, *from_and_to].join(" ")
       Bard::Command.run! command, verbose: verbose
     end
 
     def scp_as_mediator
       raise NotImplementedError if from.gateway || to.gateway || from.ssh_key || to.ssh_key
-
-      from_uri = URI.parse("ssh://#{from.ssh}")
-      from_str = "scp://#{from_uri.user}@#{from_uri.host}:#{from_uri.port || 22}/#{from.path}/#{path}"
-
-      to_uri = URI.parse("ssh://#{to.ssh}")
-      to_str = "scp://#{to_uri.user}@#{to_uri.host}:#{to_uri.port || 22}/#{to.path}/#{path}"
-
-      command = "scp -o ForwardAgent=yes #{from_str} #{to_str}"
-
+      command = "scp -o ForwardAgent=yes #{from.scp_uri(path)} #{to.scp_uri(path)}"
       Bard::Command.run! command, verbose: verbose
     end
 
@@ -55,46 +45,31 @@ module Bard
       elsif to.key == :local
         rsync_using_local :from, from
       else
-        rsync_as_mediator from, to
+        rsync_as_mediator
       end
     end
 
     def rsync_using_local direction, server
-      uri = URI.parse("ssh://#{server.gateway}")
-      port = uri.port ? "-p#{uri.port}" : ""
-      gateway = server.gateway ? "-oProxyCommand=\"ssh #{port} #{uri.user}@#{uri.host} -W %h:%p\"" : ""
+      gateway = server.gateway ? "-oProxyCommand=\"ssh #{server.ssh_uri(:gateway)} -W %h:%p\"" : ""
 
       ssh_key = server.ssh_key ? "-i #{server.ssh_key}" : ""
-      uri = URI.parse("ssh://#{server.ssh}")
-      port = uri.port ? "-p#{uri.port}" : ""
-      ssh = "-e'ssh #{ssh_key} #{port} #{gateway}'"
+      ssh = "-e'ssh #{gateway} -p#{server.ssh_uri.port || 22}'"
 
-      dest_path = path.dup
-      dest_path = "./#{dest_path}"
-      from_and_to = [dest_path, "#{uri.user}@#{uri.host}:#{server.path}/#{path}"]
+      from_and_to = ["./#{path}", server.rsync_uri(path)]
       from_and_to.reverse! if direction == :from
       from_and_to[-1].sub! %r(/[^/]+$), '/'
 
       command = "rsync #{ssh} --delete --info=progress2 -az #{from_and_to.join(" ")}"
-
       Bard::Command.run! command, verbose: verbose
     end
 
-    def rsync_as_mediator from, to
+    def rsync_as_mediator
       raise NotImplementedError if from.gateway || to.gateway || from.ssh_key || to.ssh_key
 
-      dest_path = path.dup
-      dest_path = "./#{dest_path}"
-
-      from_uri = URI.parse("ssh://#{from.ssh}")
-      from_str = "-p#{from_uri.port || 22} #{from_uri.user}@#{from_uri.host}"
-
-      to_uri = URI.parse("ssh://#{to.ssh}")
-      to_str = "#{to_uri.user}@#{to_uri.host}:#{to.path}/#{path}"
-      to_str.sub! %r(/[^/]+$), '/'
-
-      command = %(ssh -A #{from_str} 'rsync -e \"ssh -A -p#{to_uri.port || 22} -o StrictHostKeyChecking=no\" --delete --info=progress2 -az #{from.path}/#{path} #{to_str}')
+      from_str = "-p#{from.ssh_uri.port || 22} #{from.ssh_uri.user}@#{from.ssh_uri.host}"
+      to_str = to.rsync_uri(path).sub(%r(/[^/]+$), '/')
 
+      command = %(ssh -A #{from_str} 'rsync -e \"ssh -A -p#{to.ssh_uri.port || 22} -o StrictHostKeyChecking=no\" --delete --info=progress2 -az #{from.path}/#{path} #{to_str}')
       Bard::Command.run! command, verbose: verbose
     end
   end

data/lib/bard/git.rb

@@ -8,10 +8,6 @@ module Bard
       ref.sub(/refs\/heads\//, '') # refs/heads/master ... we want "master"
     end
 
-    def current_sha
-      sha_of("HEAD")
-    end
-
     def fast_forward_merge?(root, branch)
       root_head = sha_of(root)
       branch_head = sha_of(branch)
@@ -23,6 +19,8 @@ module Bard
       sha_of(branch) == sha_of("origin/#{branch}")
     end
 
+    private
+
     def sha_of ref
       `git rev-parse #{ref}`.chomp
     end

data/lib/bard/ping.rb

@@ -9,7 +9,6 @@ module Bard
 
     def call
       server.ping.reject do |url|
-        next true if url == false
         response = get_response_with_redirect(url) rescue nil
         response.is_a?(Net::HTTPSuccess)
       end

data/lib/bard/provision/apt.rb

@@ -0,0 +1,16 @@
+# apt sanity
+
+class Bard::Provision::Apt < Bard::Provision
+  def call
+    print "Apt:"
+    provision_server.run! [
+      %(echo "\\$nrconf{restart} = \\"a\\";" | sudo tee /etc/needrestart/conf.d/90-autorestart.conf),
+      "sudo apt-get update -y",
+      "sudo apt-get upgrade -y",
+      "sudo apt-get install -y curl",
+    ].join("; "), home: true
+
+    puts " ✓"
+  end
+end
+

data/lib/bard/provision/http.rb

@@ -4,25 +4,11 @@ class Bard::Provision::HTTP < Bard::Provision
   def call
     print "HTTP:"
     target_host = URI.parse(server.ping.first).host
-    if system "curl -s --resolve #{target_host}:80:#{provision_server.ssh_uri.host} http://#{target_host} -I | grep -i \"x-powered-by: phusion passenger\""
+    if system "curl -s --resolve #{target_host}:80:#{provision_server.ssh_uri.host} http://#{target_host} -I | grep -i \"x-powered-by: phusion passenger\" >/dev/null 2>&1"
       puts " ✓"
     else
       puts " !!! not serving a rails app from #{provision_server.ssh_uri.host}"
     end
   end
-  
-  private
-
-  def ssh_available? ssh_uri, port: ssh_uri.port
-    system "nc -zv #{ssh_uri.host} #{port} 2>/dev/null"
-  end
-
-  def ssh_known_host? ssh_uri
-    system "grep -q \"$(ssh-keyscan -t ed25519 -p#{ssh_uri.port || 22} #{ssh_uri.host} 2>/dev/null | cut -d ' ' -f 2-3)\" ~/.ssh/known_hosts"
-  end
-
-  def add_ssh_known_host! ssh_uri
-    system "ssh-keyscan -p#{ssh_uri.port || 22} -H #{ssh_uri.host} >> ~/.ssh/known_hosts"
-  end
 end
 

data/lib/bard/provision/mysql.rb

@@ -19,5 +19,3 @@ class Bard::Provision::MySQL < Bard::Provision
   end
 end
 
-
-

data/lib/bard/provision/passenger.rb

@@ -6,16 +6,14 @@ class Bard::Provision::Passenger < Bard::Provision
     if !http_responding?
       print " Installing nginx & Passenger,"
       provision_server.run! [
-        %(echo "\\$nrconf{restart} = \\"a\\";" | sudo tee /etc/needrestart/conf.d/90-autorestart.conf),
         %(grep -qxF "RAILS_ENV=production" /etc/environment || echo "RAILS_ENV=production" | sudo tee -a /etc/environment),
         %(grep -qxF "EDITOR=vim" /etc/environment || echo "EDITOR=vim" | sudo tee -a /etc/environment),
-        "sudo apt-get update -y",
-        "sudo apt-get upgrade -y",
-        "sudo apt-get install -y vim dirmngr gnupg apt-transport-https ca-certificates curl",
+        "sudo apt-get install -y vim dirmngr gnupg apt-transport-https ca-certificates",
         "curl https://oss-binaries.phusionpassenger.com/auto-software-signing-gpg-key.txt | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/phusion.gpg >/dev/null",
         %(echo "deb https://oss-binaries.phusionpassenger.com/apt/passenger jammy main" | sudo tee /etc/apt/sources.list.d/passenger.list),
         "sudo apt-get update -y",
         "sudo apt-get install -y nginx libnginx-mod-http-passenger",
+        "sudo rm /etc/nginx/sites-enabled/default",
       ].join("; "), home: true
     end
 

data/lib/bard/provision/repo.rb

@@ -37,9 +37,9 @@ class Bard::Provision::Repo < Bard::Provision
     github_url = "git@github.com:botandrosedesign/#{project_name}"
     provision_server.run [
       "needle=$(ssh-keyscan -t ed25519 github.com 2>/dev/null | cut -d \" \" -f 2-3)",
-      "grep -q \"$needle\" ~/.ssh/known_hosts || ssh-keyscan -H github.com >> ~/.ssh/known_hosts",
+      "grep -q \"$needle\" ~/.ssh/known_hosts || ssh-keyscan -H github.com >> ~/.ssh/known_hosts 2>/dev/null",
       "git ls-remote #{github_url}",
-    ].join("; "), home: true
+    ].join("; "), home: true, quiet: true
   end
 
   def project_name

data/lib/bard/provision/rvm.rb

@@ -10,8 +10,9 @@ class Bard::Provision::RVM < Bard::Provision
         "gpg --keyserver keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB",
         "curl -sSL https://get.rvm.io | bash -s stable",
       ].join("; ")
-      print " Installing Ruby #{File.read(".ruby-version")},"
-      provision_server.run! "rvm install ."
+      version = File.read(".ruby-version").chomp
+      print " Installing Ruby #{version},"
+      provision_server.run! "rvm install #{version}"
     end
 
     puts " ✓"

data/lib/bard/provision/ssh.rb

@@ -5,16 +5,16 @@ class Bard::Provision::SSH < Bard::Provision
   def call
     print "SSH:"
 
-    if !ssh_available?(provision_server.ssh_uri, port: server.ssh_uri.port)
+    if !ssh_available?(provision_server.ssh_uri, port: target_port)
       if !ssh_available?(provision_server.ssh_uri)
-        raise "can't find SSH on port #{server.ssh_uri.port} or #{provision_server.ssh_uri.port}"
+        raise "can't find SSH on port #{target_port} or #{provision_server.ssh_uri.port || 22}"
       end
       if !ssh_known_host?(provision_server.ssh_uri)
         print " Adding known host,"
         add_ssh_known_host!(provision_server.ssh_uri)
       end
-      print " Reconfiguring port to #{server.ssh_uri.port},"
-      provision.server.run! %(echo "Port #{server.ssh_uri.port}" | sudo tee /etc/ssh/sshd_config.d/port_22022.conf; sudo service ssh restart), home: true
+      print " Reconfiguring port to #{target_port},"
+      provision_server.run! %(echo "Port #{target_port}" | sudo tee /etc/ssh/sshd_config.d/port_#{target_port}.conf; sudo service ssh restart), home: true
     end
 
     if !ssh_known_host?(provision_server.ssh_uri)
@@ -22,23 +22,30 @@ class Bard::Provision::SSH < Bard::Provision
       add_ssh_known_host!(provision_server.ssh_uri)
     end
 
-    # provision with new port from now on
+    # provision with new target port from now on
     ssh_url.gsub!(/:\d+$/, "")
-    ssh_url << ":#{server.ssh_uri.port}"
+    ssh_url << ":#{target_port}"
     puts " ✓"
   end
-  
+ 
   private
 
-  def ssh_available? ssh_uri, port: ssh_uri.port
+  def target_port
+    server.ssh_uri.port || 22
+  end
+
+  def ssh_available? ssh_uri, port: nil
+    port ||= ssh_uri.port || 22
     system "nc -zv #{ssh_uri.host} #{port} 2>/dev/null"
   end
 
   def ssh_known_host? ssh_uri
-    system "grep -q \"$(ssh-keyscan -t ed25519 -p#{ssh_uri.port || 22} #{ssh_uri.host} 2>/dev/null | cut -d ' ' -f 2-3)\" ~/.ssh/known_hosts"
+    port ||= ssh_uri.port || 22
+    system "grep -q \"$(ssh-keyscan -t ed25519 -p#{port} #{ssh_uri.host} 2>/dev/null | cut -d ' ' -f 2-3)\" ~/.ssh/known_hosts"
   end
 
   def add_ssh_known_host! ssh_uri
-    system "ssh-keyscan -p#{ssh_uri.port || 22} -H #{ssh_uri.host} >> ~/.ssh/known_hosts"
+    port ||= ssh_uri.port || 22
+    system "ssh-keyscan -p#{port} -H #{ssh_uri.host} >> ~/.ssh/known_hosts 2>/dev/null"
   end
 end

data/lib/bard/provision/user.rb

@@ -16,6 +16,7 @@ class Bard::Provision::User < Bard::Provision
         "sudo mkdir -p ~#{new_user}/.ssh",
         "sudo cp ~/.ssh/authorized_keys ~#{new_user}/.ssh/authorized_keys",
         "sudo chown -R #{new_user}:#{new_user} ~#{new_user}/.ssh",
+        "sudo chmod +rx ~#{new_user}", # so nginx and passenger can read it
       ].join("; "), home: true
     end