Skip to content

Instantly share code, notes, and snippets.

@thomasfr
Last active July 3, 2024 02:22
Show Gist options
  • Save thomasfr/9691385 to your computer and use it in GitHub Desktop.
Save thomasfr/9691385 to your computer and use it in GitHub Desktop.
7 easy steps to automated git push deployments. With small and configurable bash only post-receive hook

How-to setup a simple git push deployment

These are my notes basically. At first i created this gist just as a reminder for myself. But feel free to use this for your project as a starting point. If you have questions you can find me on twitter @thomasf https://twitter.com/thomasf This is how i used it on a Debian Wheezy testing (https://www.debian.org/releases/testing/)

Discuss, ask questions, etc. here https://news.ycombinator.com/item?id=7445545

On the server (example.com)

  1. Create a user on example.com, as which we (the git client) connect (push) to exmaple.com. We set git-shell as the login shell, so it is not possible to interactively login as this user.
sudo useradd -m -s /usr/bin/git-shell git
  1. Add your ssh public key to the authorized_keys file of the created user:
## Because user git can not interactively login, we have to use sudo to get git temporarily
sudo -u git bash
cd ~
## cd /home/git
mkdir -p .ssh
vim .ssh/authorized_keys
## Paste your public key and save
  1. Create a git bare repo for your project:
mkdir testapp
cd testapp
## /home/git/testapp
git init --bare
  1. Copy the post-receive script from this gist to the hooks dir of the created bare repo.
vim testapp/hooks/post-receive
## Paste the post-receive script from this gist and save
## If you do not need to execute a 'build' and/or 'restart' command,
## just delete or comment the lines 'UPDATE_CMD' and 'RESTART_CMD'
chmod +x testapp/hooks/post-receive
  1. Set ownership and permissions of the DEPLOY_ROOT directory:
sudo chown root:git -R /var/www
sudo chmod 775 /var/www
  • (Optional) Add a systemd service file for your app. If you are using systemd, you can use the testapp.service file from this gist. Make sure you name it like your repository. The post-receive hook can automatically restart your app. You will also have to allow user git to make the sudo call. Be very careful and restrictive with this!

On the client

  1. Create a git repo and add our newly created remote:
mkdir testapp
cd testapp
git init
git remote add production [email protected]:~/testapp
  1. Commit and push to production:
$ vim Makefile
## Paste contents of Makefile from this gist (as an example)
$ git add .
$ git commit -am "test commit"
$ git push production master
Counting objects: 12, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (4/4), done.
Writing objects: 100% (4/4), 432 bytes | 0 bytes/s, done.
Total 4 (delta 2), reused 0 (delta 0)
remote: +++++++++++++++++++++++ Welcome to 'example.com' (1.2.3.4) ++++++++++++++++++++++++
remote: 
remote: githook: I will deploy 'master' branch of the 'testapp' project to '/var/www/testapp'
remote: 
remote: githook: UPDATE (CMD: 'cd "${DEPLOY_TO}" && make "update"'):
remote: Makefile: Doing UPDATE stuff like grunt, gulp, rake,...
remote: git
remote: /var/www/testapp
remote: 
remote: githook: RESTART (CMD: 'sudo systemctl restart "${PROJECT_NAME}.service" && sudo systemctl status "${PROJECT_NAME}.service"'):
remote: testapp.service - node.js testapp
remote:    Loaded: loaded (/etc/systemd/system/testapp.service; disabled)
remote:    Active: inactive (dead) since Fri 2014-03-21 22:10:23 UTC; 10ms ago
remote:   Process: 9265 ExecStart=/bin/bash -c sleep 3;echo "I am starting";echo "$(whoami)"; (code=exited, status=0/SUCCESS)
remote: 
remote: Mar 21 22:10:20 image systemd[1]: Starting nodejs testapp...
remote: Mar 21 22:10:23 image testapp[9265]: I am starting
remote: Mar 21 22:10:23 image testapp[9265]: www-data
remote: Mar 21 22:10:23 image systemd[1]: Started node.js testapp.
remote: 
remote: ++++++++++++++++++++ See you soon at 'example.com' (1.2.3.4) ++++++++++++++++++++++
To [email protected]:~/testapp
   08babc4..95cabcc  master -> master

  • Repeat: Develop, test, commit and push :)
make deploy

Congratulations, you just setup git push deployment with automated build and service restart

Here are some more configuration files as a starting point:

all:
@echo "Doing all"
deploy:
@echo "Pushing to production"
@git push [email protected]:~/testapp master
update:
@echo "Makefile: Doing UPDATE stuff like grunt, gulp, rake,..."
@whoami
@pwd
#!/bin/bash
#
# Author: "FRITZ Thomas" <[email protected]> (http://www.fritzthomas.com)
# GitHub: https://gist.github.com/thomasfr/9691385
#
# The MIT License (MIT)
#
# Copyright (c) 2014-2017 FRITZ Thomas
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
# Application Name:
export DEPLOY_APP_NAME=`whoami`
# This is the root deploy dir.
export DEPLOY_ROOT="${HOME}/work"
# When receiving a new git push, the received branch gets compared to this one.
# If you do not need this, just add a comment
export DEPLOY_ALLOWED_BRANCH="master"
# You could use this to do a backup before updating to be able to do a quick rollback.
# If you need this just delete the comment and modify to your needs
#PRE_UPDATE_CMD='cd ${DEPLOY_ROOT} && backup.sh'
# Use this to do update tasks and maybe service restarts
# If you need this just delete the comment and modify to your needs
#POST_UPDATE_CMD='cd ${DEPLOY_ROOT} && make update'
###########################################################################################
export GIT_DIR="$(cd $(dirname $(dirname $0));pwd)"
export GIT_WORK_TREE="${DEPLOY_ROOT}"
IP="$(ip addr show eth0 | grep 'inet ' | cut -f2 | awk '{ print $2}')"
echo "githook: $(date): Welcome to '$(hostname -f)' (${IP})"
echo
# Make sure directory exists. Maybe its deployed for the first time.
mkdir -p "${DEPLOY_ROOT}"
# Loop, because it is possible to push more than one branch at a time. (git push --all)
while read oldrev newrev refname
do
export DEPLOY_BRANCH=$(git rev-parse --symbolic --abbrev-ref $refname)
export DEPLOY_OLDREV="$oldrev"
export DEPLOY_NEWREV="$newrev"
export DEPLOY_REFNAME="$refname"
if [ "$DEPLOY_NEWREV" = "0000000000000000000000000000000000000000" ]; then
echo "githook: This ref has been deleted"
exit 1
fi
if [ ! -z "${DEPLOY_ALLOWED_BRANCH}" ]; then
if [ "${DEPLOY_ALLOWED_BRANCH}" != "$DEPLOY_BRANCH" ]; then
echo "githook: Branch '$DEPLOY_BRANCH' of '${DEPLOY_APP_NAME}' application will not be deployed. Exiting."
exit 1
fi
fi
if [ ! -z "${PRE_UPDATE_CMD}" ]; then
echo
echo "githook: PRE UPDATE (CMD: '${PRE_UPDATE_CMD}'):"
eval $PRE_UPDATE_CMD || exit 1
fi
# Make sure GIT_DIR and GIT_WORK_TREE is correctly set and 'export'ed. Otherwhise
# these two environment variables could also be passed as parameters to the git cli
echo "githook: I will deploy '${DEPLOY_BRANCH}' branch of the '${DEPLOY_APP_NAME}' project to '${DEPLOY_ROOT}'"
git checkout -f "${DEPLOY_BRANCH}" || exit 1
git reset --hard "$DEPLOY_NEWREV" || exit 1
if [ ! -z "${POST_UPDATE_CMD}" ]; then
echo
echo "githook: POST UPDATE (CMD: '${POST_UPDATE_CMD}'):"
eval $POST_UPDATE_CMD || exit 1
fi
done
echo
echo "githook: $(date): See you soon at '$(hostname -f)' (${IP})"
exit 0
[Unit]
Description=node.js testapp
Requires=network.target
After=network.target
[Service]
WorkingDirectory=/var/www/testapp
Type=forking
ExecStart=/bin/bash -c 'sleep 3;echo "I am starting";echo "$(whoami)";'
# For a node.js app this could be something like:
#ExecStart=/bin/bash -c 'npm start'
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=testapp
User=www-data
Group=www-data
Environment="NODE_ENV=production" "DEBUG=testapp:*"
[Install]
WantedBy=multi-user.target
@irsabir
Copy link

irsabir commented Oct 26, 2017

When pushing by following step 7 we are getting the following error
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

@sagudev
Copy link

sagudev commented Jan 7, 2018

it's working

@andrejad
Copy link

A question about the step 2 ("Add your ssh public key to the authorized_keys file of the created user:")

  • Where do I find the public key? It is a public key of what?

@gabrielengel
Copy link

gabrielengel commented Jun 26, 2018

Based on your work, I wrote a small shell script to automate the setup of githook and after the push, generically call a deploy.sh that should live in the root of your project. You can see it here: https://github.com/pushprod/pushprod

@azazqadir
Copy link

You could also use Continuous Integration in PHP apps for automated testing and test coverage before pushing any build. This will ensure that your build is bug free and that there won't be any problem when deploying changes to live server.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment