Last active
November 9, 2021 22:11
-
-
Save missionmike/a21d92370e92dd129fb2be8bd4ab3015 to your computer and use it in GitHub Desktop.
Deploy via SSH & rsync GitHub action
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy via rsync | |
# Controls when the action will run. Workflow runs when manually triggered using the UI | |
# or API. | |
# | |
# To add additional options, such as triggering when the main branch is updated, add: | |
# on: | |
# push: | |
# branches: | |
# - main | |
# | |
# More info: https://docs.github.com/en/actions/reference/events-that-trigger-workflows | |
# | |
# Requires 4 secret keys: | |
# | |
# PRODUCTION_SERVER_SSH_KEY --Private SSH key | |
# PRODUCTION_SERVER_REMOTE_USER --SSH user on receiving end | |
# PRODUCTION_SERVER_REMOTE_HOST --host.domain.com or IP | |
# PRODUCTION_SERVER_REMOTE_TARGET --Base target directory, ex: /home/user/public_html | |
# | |
on: | |
workflow_dispatch: | |
# A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
jobs: | |
# This workflow contains a single job called "deploy" | |
deploy: | |
# The type of runner that the job will run on | |
# Replace with your preferred runner tag if needed | |
runs-on: self-hosted | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
- name: Checkout Branch | |
uses: actions/checkout@v2 | |
- name: Deploy to Production via rsync | |
# https://github.com/easingthemes/ssh-deploy | |
uses: easingthemes/ssh-deploy@v2 | |
env: | |
# SSH key must be PEM format, 4096 bit: | |
# ssh-keygen -m PEM -t rsa -b 4096 | |
SSH_PRIVATE_KEY: ${{ secrets.PRODUCTION_SERVER_SSH_KEY }} | |
# rsync arguments explained (more detail here: https://ss64.com/bash/rsync_options.html) | |
# | |
# -r, --recursive This tells rsync to copy directories recursively. See also --dirs (-d). | |
# -l, --links When symlinks are encountered, recreate the symlink on the destination. | |
# -t, --times This tells rsync to transfer modification times along with the files and update them on the remote system. | |
# -D The -D option is equivalent to --devices --specials. | |
# -z, --compress With this option, rsync compresses the file data as it is sent to the destination machine | |
# -v, --verbose This option increases the amount of information you are given during the transfer. | |
# -O, --omit-dir-times This tells rsync to omit directories when it is preserving modification times (see --times). | |
# --delete This tells rsync to delete extraneous files from the receiving side (ones that aren't on the sending side), | |
# but only for the directories that are being synchronized. | |
ARGS: "-rltDzvO --delete" | |
# SOURCE is excluded here, defaults to root of repository. For post-build deploys, see example below: | |
# SOURCE: "public/" | |
REMOTE_HOST: ${{ secrets.PRODUCTION_SERVER_REMOTE_HOST }} # format host.domain.com or IP | |
REMOTE_USER: ${{ secrets.PRODUCTION_SERVER_REMOTE_USER }} # SSH user on receiving end | |
TARGET: ${{ secrets.PRODUCTION_SERVER_REMOTE_TARGET }} # Base target directory, ex: /home/user/public_html | |
EXCLUDE: "keys.php, README.md, logs, .gitignore, .github" # Exclude specific files and directories |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment