Skip to content

Instantly share code, notes, and snippets.

@nicolabricot

nicolabricot/deployment_key.sh

Last active February 22, 2023 11:27
Show Gist options
  • Star 11 You must be signed in to star a gist
  • Fork 9 You must be signed in to fork a gist
  • Save nicolabricot/2d488601712b2723544e to your computer and use it in GitHub Desktop.
Save nicolabricot/2d488601712b2723544e to your computer and use it in GitHub Desktop.
Download ZIP
Creation of Git deployment key for user www-data on Debian
Raw
deployment_key.sh
# let's be root
su
# go the apache folder
cd /var/www
# create folder to store keys
mkdir .ssh
chown -R www-data:www-data .ssh
# create keys
sudo -u www-data ssh-keygen -t rsa
# rename keys
cd .ssh
mv id_rsa service_deployment_www-data
mv id_rsa.pub service_deployment_www-data.pub
# link key to our service host
nano config
# Host service.org
# HostName service.org
# User git
# IdentityFile ~/.ssh/service_deployment_www-data
chown www-data:www-data config
# update a repository
cd /data/git/some-repository
sudo -u www-data git pull
@nicolabricot
Copy link
Author

To clone a repository as the www-data user:

 su - www-data -s /bin/bash -c 'cd /data/git/; git clone git@service.org:username/repo_name.git repo_name'

And to update it:

 su - www-data -s /bin/bash -c 'cd /data/git/repo_name; git pull'

If you have the following error:

Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.

you probably need to add the Service.org server to the list of authorized hosts

su - www-data -s /bin/bash -c 'ssh-keyscan -t rsa service.org >> /var/www/.ssh/known_hosts'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment