As a freelancer, I build a lot of web sites. That's a lot of code changes to track. Thankfully, a Git-enabled workflow with proper branching makes short work of project tracking. I can easily see development features in branches as well as a snapshot of the sites' production code. A nice addition to that workflow is that ability to use Git to push updates to any of the various sites I work on while committing changes.
- Prerequisites
- Getting Started
- Configuring the Remote Repository
- Configuring the Local Development Machine
- Build Something Beautiful
- Additional Tips
- Git, installed on both the development machine and the live server
- a basic working knowledge of Git, beginners welcome!
- passwordless SSH access to your server using pre-shared keys
- a hobby (you'll have a lot of extra time on your hands with the quicker workflow)
Git is available for Windows, Linux, and Mac. Getting it installed and running is a pretty straightforward task. Check out the following link for updated instructions on getting Git up and running.
Getting Started Installing Git
You'll need to have Git installed on your development machines as well as on the server or servers where you wish to host your website. This process can even be adapted to work with multiple servers such as mirrors behind a load balancer.
The process for updating a live web server relies on the use of post hooks within the Git environment. Since this is fully automated, there is no opportunity to enter login credentials while establishing the SSH connection to the remote server. To work around this, we are going to set up passwordless SSH access. To begin, you will need to SSH into your server.
ssh user@hostname
Next, you'll need to make sure you have a ~/.ssh
in your user's home directory. If not, go ahead and create one now.
mkdir ~/.ssh
On Mac and Linux, you can harness the power of terminal to do both in one go.
if [ ! -d ~/.ssh ]; then mkdir ~/.ssh; fi
Next you'll need to generate a public SSH key if you don't already have one. List the files in your ~/.ssh
directory to check.
ls -al ~/.ssh
The file you're looking for is usually named similarly to id_rsa.pub
or id_ed25519
. If you're not sure, you can generate a new one. The command below will create an SSH key using the provided email as a label.
ssh-keygen -t ed25519 -C "your_email@example.com"
You'll probably want to keep all of the default settings. This will should create a file named id_ed25519
in the ~/.ssh
directory created earlier.
When prompted, be sure to provide a secure SSH passphrase.
If you had to create an SSH key, you'll need to configure the ssh-agent program to use it.
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519
If you know what you are doing, you can use an existing SSH key in your ~/.ssh
directory by providing the private key file to ssh-agent.
If you're still not sure what's going on, you should two files in your ~/.ssh
directory that correspond to the private and public key files. Typically, the public key will be a file by the same name with a .pub extension added. An example would be a private key file named id_ed25519
and a public key file named id_ed25519.pub
.
Once you have generated an SSH key on your local machine, it's time to put the matching shared key file on the server.
ssh-copy-id -i ~/.ssh/id_ed25519.pub user@hostname
This will add your public key to the authorized keys on the remote server. This process can be repeated from each development machine to add as many authorized keys as necessary to the server. You'll know you did it correctly when you close your connection and reconnect without being prompted for a password.
The machine you intend to use as a live production server needs to have a Git repository that can write to an appropriate web-accessible directory. The Git metadata (the .git directory) does not need to be in a web-accessible location. Instead, it can be anywhere that is user-writeable by your SSH user.
In order to push files to your web server, you'll need to have a copy of your repository on your web server. You'll want to start by creating a bare repository to house your web site. The repository should be set up somewhere outside of your web root. We'll instruct Git where to put the actual files later. Once you decide on a location for your repository, the following commands will create the bare repository.
git init --bare --shared mywebsite.git && cd $_
A bare repository contains all of the Git metadata without any HEAD. Essentially, this means that your repository has a .git
directory, but does not have any working files checked out. The next step is to create a Git hook that will check out those files any time you instruct it to.
If you wish to run git commands from the detached work tree, you'll need to set the environmental variable
GIT_DIR
to the path ofmywebsite.git
before running any commands.
Create a file named post-receive
in the hooks directory of your repository with the following contents. You may optionally specify a branch name to checkout. If unspecified, the default master
or main
branch is used.
#! /bin/sh
GIT_WORK_TREE=/path/to/webroot/of/mywebsite git checkout -qf [--detach] [<branch>]
Once you create your hook, go ahead and mark it as executable.
chmod +x hooks/post-receive
GIT_WORK_TREE
allows you to instruct Git where the working directory should be for a repository. This allows you to keep the repository outside of the web root with a detached work tree in a web accessible location. Make sure the path you specify exists, Git will not create it for you.
The local development machine will house the web site repository. Relevant files will be copied to the live server whenever you choose to push those changes. This means you should keep a working copy of the repository on your development machine. You could also employ the use of any centralized repository including cloud-based ones such as GitHub or BitBucket. Your workflow is entirely up to you. Since all changes are pushed from the local repository, this process is not affected by how you choose to handle your project.
On your development machine, you should have a working Git repository. If not, you can create one in an existing project directory with the following commands.
git init
git add -A
git commit -m "Initial Commit"
Once you have a working repository, you'll need to add a remote pointing to the one you set up on your server.
git remote add live ssh://server1.example.com/home/user/mywebsite.git
Make sure the hostname and path you provide point to the server and repository you set up previously. If your remote user name is different from that of your local machine, you'll need to modify the above command to include the remote user name.
git remote add live ssh://user@server1.example.com/home/user/mywebsite.git
Finally, it's time to push your current website to the live server for the first time.
git push live +master:refs/heads/master
This command instructs Git to push the current master branch to the live
remote. (There's no need to send any other branches.) In the future, the server will only check out from the master branch so you won't need to specify that explicitly every time.
Everything is ready to go. It's time to let the creative juices flow! Your workflow doesn't need to change at all. Whenever you are ready, pushing changes to the live web server is as simple as running the following command.
git push live
Setting
receive.denycurrentbranch
to "ignore" on the server eliminates a warning issued by recent versions of Git when you push an update to a checked-out branch on the server.
If you ever need to force a reload on the server side without making any local changes, simply create an empty commit and push it!
git commit --allow-empty -m "trigger update"
git push live
Here are a few more tips and tricks that you may find useful when employing this style of workflow.
You may find the need to push to multiple servers. Perhaps you have multiple testing servers or your live site is mirrored across multiple servers behind a load balancer. In any case, pushing to multiple servers is as easy as adding more urls to the [remote "live"]
section in .git/config
.
[remote "live"]
url = ssh://server1.example.com/home/user/mywebsite.git
url = ssh://server2.example.com/home/user/mywebsite.git
Now issuing the command git push live
will update all of the urls you've added at one time. Simple!
From time to time you'll find there are files you want to track in your repository but don't wish to have changed every time you update your website. A good example would be configuration files in your web site that have settings specific to the server the site is on. Pushing updates to your site would ordinarily overwrite these files with whatever version of the file lives on your development machine. Preventing this is easy. SSH into the remote server and navigate into the Git repository. Enter the following command, listing each file you wish to ignore.
git update-index --assume-unchanged <file...>
This instruct Gits to ignore any changes to the specified files with any future checkouts. You can reverse this effect on one or more files any time you deem necessary.
git update-index --no-assume-unchanged <file...>
If you want to see a list of ignored files, that's easy too.
git ls-files -v | grep ^[a-z]
Could we update the keygen to utilize a stronger algorithm, such as ed25519? While RSA is sufficient for now, ed25519 is considered to be quantum resistant and better practice.
Either way, thank you for your contributions! Guides for newbies are always a good thing!