Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
7 easy steps to automated git push deployments. With small and configurable bash only post-receive hook

How-to setup a simple git push deployment

These are my notes basically. At first i created this gist just as a reminder for myself. But feel free to use this for your project as a starting point. If you have questions you can find me on twitter @thomasf https://twitter.com/thomasf This is how i used it on a Debian Wheezy testing (https://www.debian.org/releases/testing/)

Discuss, ask questions, etc. here https://news.ycombinator.com/item?id=7445545

On the server (example.com)

  1. Create a user on example.com, as which we (the git client) connect (push) to exmaple.com. We set git-shell as the login shell, so it is not possible to interactively login as this user.
sudo useradd -m -s /usr/bin/git-shell git
  1. Add your ssh public key to the authorized_keys file of the created user:
## Because user git can not interactively login, we have to use sudo to get git temporarily
sudo -u git bash
cd ~
## cd /home/git
mkdir -p .ssh
vim .ssh/authorized_keys
## Paste your public key and save
  1. Create a git bare repo for your project:
mkdir testapp
cd testapp
## /home/git/testapp
git init --bare
  1. Copy the post-receive script from this gist to the hooks dir of the created bare repo.
vim testapp/hooks/post-receive
## Paste the post-receive script from this gist and save
## If you do not need to execute a 'build' and/or 'restart' command,
## just delete or comment the lines 'UPDATE_CMD' and 'RESTART_CMD'
chmod +x testapp/hooks/post-receive
  1. Set ownership and permissions of the DEPLOY_ROOT directory:
sudo chown root:git -R /var/www
sudo chmod 775 /var/www
  • (Optional) Add a systemd service file for your app. If you are using systemd, you can use the testapp.service file from this gist. Make sure you name it like your repository. The post-receive hook can automatically restart your app. You will also have to allow user git to make the sudo call. Be very careful and restrictive with this!

On the client

  1. Create a git repo and add our newly created remote:
mkdir testapp
cd testapp
git init
git remote add production git@example.com:~/testapp
  1. Commit and push to production:
$ vim Makefile
## Paste contents of Makefile from this gist (as an example)
$ git add .
$ git commit -am "test commit"
$ git push production master
Counting objects: 12, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (4/4), done.
Writing objects: 100% (4/4), 432 bytes | 0 bytes/s, done.
Total 4 (delta 2), reused 0 (delta 0)
remote: +++++++++++++++++++++++ Welcome to 'example.com' (1.2.3.4) ++++++++++++++++++++++++
remote: 
remote: githook: I will deploy 'master' branch of the 'testapp' project to '/var/www/testapp'
remote: 
remote: githook: UPDATE (CMD: 'cd "${DEPLOY_TO}" && make "update"'):
remote: Makefile: Doing UPDATE stuff like grunt, gulp, rake,...
remote: git
remote: /var/www/testapp
remote: 
remote: githook: RESTART (CMD: 'sudo systemctl restart "${PROJECT_NAME}.service" && sudo systemctl status "${PROJECT_NAME}.service"'):
remote: testapp.service - node.js testapp
remote:    Loaded: loaded (/etc/systemd/system/testapp.service; disabled)
remote:    Active: inactive (dead) since Fri 2014-03-21 22:10:23 UTC; 10ms ago
remote:   Process: 9265 ExecStart=/bin/bash -c sleep 3;echo "I am starting";echo "$(whoami)"; (code=exited, status=0/SUCCESS)
remote: 
remote: Mar 21 22:10:20 image systemd[1]: Starting nodejs testapp...
remote: Mar 21 22:10:23 image testapp[9265]: I am starting
remote: Mar 21 22:10:23 image testapp[9265]: www-data
remote: Mar 21 22:10:23 image systemd[1]: Started node.js testapp.
remote: 
remote: ++++++++++++++++++++ See you soon at 'example.com' (1.2.3.4) ++++++++++++++++++++++
To git@example.com:~/testapp
   08babc4..95cabcc  master -> master

  • Repeat: Develop, test, commit and push :)
make deploy

Congratulations, you just setup git push deployment with automated build and service restart

Here are some more configuration files as a starting point:

all:
@echo "Doing all"
deploy:
@echo "Pushing to production"
@git push git@example.com:~/testapp master
update:
@echo "Makefile: Doing UPDATE stuff like grunt, gulp, rake,..."
@whoami
@pwd
#!/bin/bash
#
# Author: "FRITZ Thomas" <fritztho@gmail.com> (http://www.fritzthomas.com)
# GitHub: https://gist.github.com/thomasfr/9691385
#
# The MIT License (MIT)
#
# Copyright (c) 2014-2017 FRITZ Thomas
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
# Application Name:
export DEPLOY_APP_NAME=`whoami`
# This is the root deploy dir.
export DEPLOY_ROOT="${HOME}/work"
# When receiving a new git push, the received branch gets compared to this one.
# If you do not need this, just add a comment
export DEPLOY_ALLOWED_BRANCH="master"
# You could use this to do a backup before updating to be able to do a quick rollback.
# If you need this just delete the comment and modify to your needs
#PRE_UPDATE_CMD='cd ${DEPLOY_ROOT} && backup.sh'
# Use this to do update tasks and maybe service restarts
# If you need this just delete the comment and modify to your needs
#POST_UPDATE_CMD='cd ${DEPLOY_ROOT} && make update'
###########################################################################################
export GIT_DIR="$(cd $(dirname $(dirname $0));pwd)"
export GIT_WORK_TREE="${DEPLOY_ROOT}"
IP="$(ip addr show eth0 | grep 'inet ' | cut -f2 | awk '{ print $2}')"
echo "githook: $(date): Welcome to '$(hostname -f)' (${IP})"
echo
# Make sure directory exists. Maybe its deployed for the first time.
mkdir -p "${DEPLOY_ROOT}"
# Loop, because it is possible to push more than one branch at a time. (git push --all)
while read oldrev newrev refname
do
export DEPLOY_BRANCH=$(git rev-parse --symbolic --abbrev-ref $refname)
export DEPLOY_OLDREV="$oldrev"
export DEPLOY_NEWREV="$newrev"
export DEPLOY_REFNAME="$refname"
if [ "$DEPLOY_NEWREV" = "0000000000000000000000000000000000000000" ]; then
echo "githook: This ref has been deleted"
exit 1
fi
if [ ! -z "${DEPLOY_ALLOWED_BRANCH}" ]; then
if [ "${DEPLOY_ALLOWED_BRANCH}" != "$DEPLOY_BRANCH" ]; then
echo "githook: Branch '$DEPLOY_BRANCH' of '${DEPLOY_APP_NAME}' application will not be deployed. Exiting."
exit 1
fi
fi
if [ ! -z "${PRE_UPDATE_CMD}" ]; then
echo
echo "githook: PRE UPDATE (CMD: '${PRE_UPDATE_CMD}'):"
eval $PRE_UPDATE_CMD || exit 1
fi
# Make sure GIT_DIR and GIT_WORK_TREE is correctly set and 'export'ed. Otherwhise
# these two environment variables could also be passed as parameters to the git cli
echo "githook: I will deploy '${DEPLOY_BRANCH}' branch of the '${DEPLOY_APP_NAME}' project to '${DEPLOY_ROOT}'"
git checkout -f "${DEPLOY_BRANCH}" || exit 1
git reset --hard "$DEPLOY_NEWREV" || exit 1
if [ ! -z "${POST_UPDATE_CMD}" ]; then
echo
echo "githook: POST UPDATE (CMD: '${POST_UPDATE_CMD}'):"
eval $POST_UPDATE_CMD || exit 1
fi
done
echo
echo "githook: $(date): See you soon at '$(hostname -f)' (${IP})"
exit 0
[Unit]
Description=node.js testapp
Requires=network.target
After=network.target
[Service]
WorkingDirectory=/var/www/testapp
Type=forking
ExecStart=/bin/bash -c 'sleep 3;echo "I am starting";echo "$(whoami)";'
# For a node.js app this could be something like:
#ExecStart=/bin/bash -c 'npm start'
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=testapp
User=www-data
Group=www-data
Environment="NODE_ENV=production" "DEBUG=testapp:*"
[Install]
WantedBy=multi-user.target
@qcom
qcom commented Oct 7, 2015

very, very helpful, thank you!
that post-receive script is just what I needed
really well written and easy to tweak :)

@bonsi
bonsi commented Oct 26, 2015

Awesome, just what I was looking for.
Thanks for sharing!

@larsbo
larsbo commented Jan 2, 2016

thank you for this great script! Can you help me to add a working submodule update to this?
using git submodule update --init --recursive
produces this error:
remote: fatal: /usr/lib/git-core/git-submodule cannot be used without a working tree.

@mfressdorf

@larsbo
you need to cd into the working tree first:

cd $DEPLOY_ROOT
git submodule update --init --recursive --force
@selenearzola

Thanks for sharing, really helpful! :)

@tareq1988

Apologize if it seems a promotion: but made this tool: gitpull as a hosted service.

@ankitmani2004

Hi,

I am using Mac OS 10.11 . I tried creating user with the command "sudo useradd -m -s /usr/bin/git-shell git" but I am getting error that useradd command does not exist. Please help. Also let me know where should I run this command and "git" at the end in the command is the user name?

@oldpainless

Nice job, works like a charm :)

@php-dev2

Amazing work. Worked in first shot. Configuration variables on top adds meaning to the script. Many thanks.

@vindex10

It would be great also to skip "git push :delete-branch" requests:

while read OLDSHA NEWSHA REF ; do
  if [ "$NEWSHA" = "0000000000000000000000000000000000000000" ]; then
    # This ref has been deleted! Respond appropriately.
    exit 1
  fi
done

Source at StackOverflow

@brendaniel

Awesome!!! Thanks for sharing!

@thomas-kinnari

Sweet - probably the best version of a post-receive script available on the net.
Thanks!

@LabN36
LabN36 commented Feb 17, 2017

is it possible that server automatically create a bare repo "mkdir " & "git init --bare" as soon as i push from local machine ?

@webhacking

👍

@luigi370

@thomasfr, hello all! I did something similar.. but how can i handle a rollback of my applications after? What i mind.. if i did a push to my deploy repo of my master branch... and after this.. the app stop working. I wanna rollback fast to my previous version.. without losing my actual (but broken code) in order to be able to fix it later. Any suggestion someone? many thanks!

@thomasfr
Owner

@LabN36: Maybe you could do this if you use key based authentication only over ssh - which you should do anyways. You could then prepend a command option to your authorized_keys file. Something like ( I have not tested this):

# ~/.ssh/authorized_keys
command="mkdir -p $HOME/repository.git && cd $HOME/repository.git && git init --bare"  ssh-rsa AAAA....
@thomasfr
Owner

@luigi370: Not that easy i think. I would not risk stability of the production system. I would rather add a staging environment and modify development flow in a way that a specific branch will be deployed automatically on a "dev" or "test" server where some integration tests are triggered automatically. If tests are failing i would report back to someone/something. I love to use Codeship for this as Codeship is also reporting status back to GitHub.

@thomasfr
Owner

@vindex10 Thanks, i have added it!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment