Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
How to automatically deploy from GitHub

Deploy your site with git

This gist assumes:

  • you have an online remote repository (github / bitbucket etc.)
  • you have a local git repo
  • and a cloud server (Rackspace cloud / Amazon EC2 etc)
    • your (PHP) scripts are served from /var/www/html/
    • your webpages are executed by Apache
    • the Apache user is named www-data (may be apache on other systems)
    • apache's home directory is /var/www/

1 - On your local machine

Here we add the deployment script and push it to the origin, the deployment script runs git commands to PULL from the origin thus updating your server

Grab a deployment script for your site

See deploy.php

Add, commit and push this to github

git add deploy.php
git commit -m 'Added the git deployment script'
git push -u origin master

2 - On your server

Here we install and setup git on the server, we also create an SSH key so the server can talk to the origin without using passwords etc

Install git...

After you've installed git, make sure it's a relatively new version - old scripts quickly become problematic as github / bitbucket / whatever will have the latests and greatest, if you don't have a recent version you'll need to figure out how to upgrade it :-)

git --version

Setup git (optionally)

git config --global user.name "Server"
git config --global user.email "server@server.com"

Create an ssh directory for the apache user

sudo mkdir /var/www/.ssh
sudo chown -R apache:apache /var/www/.ssh/

Generate a deploy key for apache user

sudo -Hu apache ssh-keygen -t rsa # choose "no passphrase"
sudo cat /var/www/.ssh/id_rsa.pub

3 - On your origin (github)

Here we add the SSH key to the origin to allow your server to talk without passwords. In the case of GitHub we also setup a post-receive hook which will automatically call the deploy URL thus triggering a PULL request from the server to the origin

GitHub instructions

Add the SSH key to your user

  1. https://github.com/settings/ssh
  2. Create a new key
  3. Paste the deploy key you generated on the server

Set up service hook

  1. https://github.com/oodavid/server.com/admin/hooks
  2. Select the Post-Receive URL service hook
  3. Enter the URL to your deployment script - http://server.com/deploy.php
  4. Click Update Settings

Bitbucket instructions

Add the SSH key to your account

  1. https://bitbucket.org/account/ssh-keys/
  2. Create a new key
  3. Paste the deploy key you generated on the server

Set up service hook

  1. Go to: Repo > Admin > Services
  2. Select "POST"
  3. Add the URL to your deployment script - http://server.com/deploy.php
  4. Save

4 - On the Server

Here we clone the origin repo into a chmodded /var/www/html folder

Pull from origin

sudo chown -R www-data:www-data /var/www/html
sudo -Hu www-data git clone git@github.com:you/server.git /var/www/html

Rejoice!

Now you're ready to go :-)

Some notes

  • Navigate the the deployment script to trigger a pull and see the output:
  • When you push to GitHub your site will automatically ping the above url (and pull your code)
  • When you push to Bitbucket you will need to manually ping the above url

Sources

<?php
// Forked from https://gist.github.com/1809044
// Available from https://gist.github.com/nichtich/5290675#file-deploy-php
$TITLE = 'Git Deployment Hamster';
$VERSION = '0.11';
echo <<<EOT
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<title>$TITLE</title>
</head>
<body style="background-color: #000000; color: #FFFFFF; font-weight: bold; padding: 0 10px;">
<pre>
o-o $TITLE
/\\"/\ v$VERSION
(`=*=')
^---^`-.
EOT;
// Check whether client is allowed to trigger an update
$allowed_ips = array(
'207.97.227.', '50.57.128.', '108.171.174.', '50.57.231.', '204.232.175.', '192.30.252.', // GitHub
'195.37.139.','193.174.' // VZG
);
$allowed = false;
$headers = apache_request_headers();
if (@$headers["X-Forwarded-For"]) {
$ips = explode(",",$headers["X-Forwarded-For"]);
$ip = $ips[0];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
foreach ($allowed_ips as $allow) {
if (stripos($ip, $allow) !== false) {
$allowed = true;
break;
}
}
if (!$allowed) {
header('HTTP/1.1 403 Forbidden');
echo "<span style=\"color: #ff0000\">Sorry, no hamster - better convince your parents!</span>\n";
echo "</pre>\n</body>\n</html>";
exit;
}
flush();
// Actually run the update
$commands = array(
'echo $PWD',
'whoami',
'git pull',
'git status',
'git submodule sync',
'git submodule update',
'git submodule status',
'test -e /usr/share/update-notifier/notify-reboot-required && echo "system restart required"',
);
$output = "\n";
$log = "####### ".date('Y-m-d H:i:s'). " #######\n";
foreach($commands AS $command){
// Run it
$tmp = shell_exec("$command 2>&1");
// Output
$output .= "<span style=\"color: #6BE234;\">\$</span> <span style=\"color: #729FCF;\">{$command}\n</span>";
$output .= htmlentities(trim($tmp)) . "\n";
$log .= "\$ $command\n".trim($tmp)."\n";
}
$log .= "\n";
file_put_contents ('deploy-log.txt',$log,FILE_APPEND);
echo $output;
?>
</pre>
</body>
</html>
@scriptburn

This comment has been minimized.

Copy link

scriptburn commented Jun 29, 2017

@zaak

This comment has been minimized.

Copy link

zaak commented Sep 18, 2017

Please note that X-Forwarded-For header can be spoofed. https://gist.github.com/nichtich/5290675#file-deploy-php-L37

@adnanh

This comment has been minimized.

@MortyDice

This comment has been minimized.

Copy link

MortyDice commented Nov 19, 2017

I managed to follow nearly all the instructions, but I'm stuck when launching the deploy.php script to debug.

`echo $PWD
/var/www/html
$ whoami
www-data
$ git config -l
core.repositoryformatversion=0
core.filemode=true
core.bare=false
core.logallrefupdates=true
remote.origin.url=http://mygogsaddress:3000/mycompany/myproject
remote.origin.fetch=+refs/heads/:refs/remotes/origin/
branch.master.remote=origin
branch.master.merge=refs/heads/master
credential.helper=store
credential.user=webserver
$ git pull -v
fatal: unable to set up default path; use --file
fatal: could not read Username for 'http://mygogsaddress:3000': No such device or address
$ git status
On branch master
Your branch is up-to-date with 'origin/master'.
Changes not staged for commit:
(use "git add ..." to update what will be committed)
(use "git checkout -- ..." to discard changes in working directory)

modified:   .gitignore
modified:   deploy.php

Untracked files:
(use "git add ..." to include in what will be committed)

deploy-log.txt

no changes added to commit (use "git add" and/or "git commit -a")
$ git submodule sync

$ git submodule update

$ git submodule status

$ test -e /usr/share/update-notifier/notify-reboot-required && echo "system restart required"`

What I don't understand is that "sudo -Hu www-data git pull" works flawlessly.

@nirbd

This comment has been minimized.

Copy link

nirbd commented Aug 12, 2019

Hi,
Thanks for this great script. However it doesnt seem to work for elastic cluster when the number of similar servers change.
What is the best practice in this case?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.