To deploy code you need SSH access to the server on which code is to be deployed. In particular the server need not have any private or deployment keys which give it access to github. The server merely needs to be configure with public keys.
We assume the deployment server is Debian or a derivative like Ubuntu. By convention web-apps are deployed to /var/www/sitename.com. This will work with both Apache & Nginx.
/var/www/sitename.com:
— logs
— <hash>
— current -> hash
— persistent
The doc root for Apache/Nginx is configured to
/var/www/sitename.com/current/public
Actual deployment happens when we git push “server”:
-
Update remote “server” (atomic, git ensures this step either succeeds or fails; cannot partially succeed).
-
The remote runs git hook post_commit (see https://github.com/Grynn/scripts/blob/master/ubuntu/create-site-git.sh)
-
The post_commit hook extracts deploy.sh from the repo itself (
git show master:deploy.sh) and runs it as user git -
This script checks out the newly updated repo (a bare repo) to
/var/www/sitename.com/<commit-hash> -
The deploy script then symlinks
/var/www/sitename.com/<commit-hash>/storageto/var/www/sitename.com/persistent/storage -
The deploy script then runs “app-specific” code (with working dir:
/var/www/sitename.com/current)ln -s ../persistent/.env .env #optionally use Hashicorp Vault or confd or similar to generate .env composer install php artisan migrate -
If this goes well, we update symlink
/var/www/sitename.com/currentto/var/www/sitename.com/<commit-hash> -
NOTE: Above step is atomic! cron jobs, web requests will now flow to the new deployment
-
The deploy script then runs “app-specific” post install code via sudo (whitelisted)
# restart workers (daemons) since they could be using outdated code # supervisorctl restart or similar. -
Send email to stakeholders (with details of newly deployed code)
https://github.com/Grynn/scripts/blob/master/ubuntu/create-site-git.sh https://github.com/Grynn/scripts/blob/master/ubuntu/deploy.sh.example