Connect your website to a github repo with SSH keys

Category

Learn how to connect a repository on github.gatech.edu to a virtual host on a server (examples given for a RHEL7 server).

Make SSH Keys on Server

  1. On your server, become the superuser (sudo su).
  2. Create a folder in which to store SSH keys (mkdir /var/www/.ssh).
  3. Create an SSH key pair on your server in that .ssh directory (ssh-keygen -b 2048 -t rsa), and name the key for the virtual host (example: /var/www/.ssh/mysite).
  4. Create a config file (touch /var/www/.ssh/config) and add this code inside it: IdentityFile /var/www/.ssh/mysite.
  5. Change the .ssh folder permissions (chmod 700 /var/www/.ssh).
  6. Change the .ssh folder ownership for use by apache (chown -R apache:apache /var/www/.ssh).
  7. Change ownership of the already-existing vhost's folder for use by apache (chown -R apache:apache /var/www/vhosts/mysite.gatech.edu).
  8. Copy the contents of the public key into your Text Editor of choice (cat /var/www/.ssh/mysite.pub).

Add Deploy Key on Github

  1. Create your private repo on github.gatech.edu, under the appropriate departmental Team. Do not add any files (not even a README).
  2. Within your repo, click the Settings tab.
  3. Choose "Deploy keys" in the left side menu, and click on "Add deploy key"
  4. Give a descriptive title, like "Mysite server public key".
  5. Paste the public key you copied from your server into the "Key" area.
  6. Check "Allow write access", so that you can push to this github repo from your server.
  7. Click "Add key".

Connect your Server to Github

  1. Make sure git is running (git --version).
  2. Become the apache user (su -s /bin/bash - apache).
  3. You may need to symlink the .ssh directory for the apache user so that known_hosts is saved in the correct place (ln -s /var/www/.ssh /usr/share/httpd/.ssh).

Existing Server Repository

If this vhost on your server already has a git repo initialized, follow these steps:

  1. Change to your vhost's folder (cd /var/www/vhosts/mysite.cc.gatech.edu).
  2. Add the github repo as its origin, use ssh not http to connect (git remote add origin git@github.gatech.edu:My-Dept/mysite.git).
  3. Push your server's repo to github (git push -u origin master).
  4. Check the repo on github to make sure you see the commits from your server.

New Server Repository

If this vhost on your server does not yet have a git repo initialized, follow these steps:

  1. Change to the directory above your vhost (cd /var/www/vhosts).
  2. Copy the repo from github to your server, using ssh not http to connect (git clone git@github.gatech.edu:My-Dept/mysite.git mysite.gatech.edu).
  3. Change to your vhost's folder (cd /var/www/vhosts/mysite.gatech.edu).
  4. Check the repo on your server to make sure you see the commits from github (git log -n 1).

Customize .gitignore file

For a Drupal 7 site, add these lines to the repo's .gitignore file (as they should not be version controlled):

  • sites/*/files
  • sites/*/private
  • sites/*/settings.php

Set cron to do a git pull (Under construction section)

Example:
0 */1 * * * cd /var/www/vhosts/mysite.gatech.edu && git pull >> /dev/null

Change File Permissions (Under construction section)

Often, the file and directory permissions on the server differ from your local development environment. You will need a cron job or automatic git-accompanying command so that, whenever it pulls updates from the remote repository, files and directories receive the correct ownership and permissions for the server.

For a Drupal 7 site, the defaults should be:

  • user and group = apache:apache
  • most directories = 755
  • most files = 644
  • not version controlled, so set it once and forget it:
    • settings.php file = 444
    • /sites/*/files = 777 (directory)
    • /sites/*/files/* = 666 (files)