Automatic website publishing with Git, GitHub-Style

One of the things I like about GitHub is the fact that it sports a gh-pages branch. Anything you push to it, is automatically published on your GitHub subdomain http://username.github.com/projectname/.

Inspired by this GitHub publishing flow, I’ve set up a likewise method on our web servers at work: a branch which gets published automatically onto our web server whenever we push code to it. This way we can eliminate the manual (and tedious) task of FTP’ing to the server (or opening up a network share) and copying the files onto the server in order to publish.

Somewhat related: Did you know, you can also (ab)use Dropbox as a web publishing tool? Not as robust as this method, yet it might be more fitting for some of you readers.

~

The Setup

The web server at work is a Windows 2008 R2 machine running a WAMP stack to serve the (mostly static) sites. Each hosted subsite is configured a vhost and is stored in its own subfolder on disk. Apache is being run as a separate user which has limited access to the filesystem.

<VirtualHost *:80>
    ServerName subdomain.ikdoeict.be
    UseCanonicalName On
    DocumentRoot "c:/apache2/htdocs/vhosts/subdomain.ikdoeict.be/wwwroot"
    php_admin_value open_basedir "c:/apache2/htdocs/vhosts/subdomain.ikdoeict.be;c:/php/temp"
</VirtualHost>

Next to the web server we also have a private Git server running Linux to/from wich code is pushed/pulled. Repositories are accessible via HTTPS and authenticating to this server is done via an HTTP Username & Password (not via a SSH key).

Of course your mileage may vary:

  • you might be running all-linux machines with shell access enabled (in which case you might be better off with Capistrano);
  • or you might have one single server function as both the web and Git server;
  • or you might have your code stored onto a public Git server (if you’re on GitHub, just set up a Post-Recieve URL and use this script as the update script);
  • or you might skip out on the gh-pages branch and want to deploy your master;
  • etc.

Either way: adjust/skip steps where necessary to reflect your setup/preferences ;)

~

Prerequisites

Install Git on the Web Server

As it’s a Windows server I’ve installed Git for Windows, choosing to run Git and the Unix Tools from the Windows Command Prompt.

Once installed, I’ve restarted the server to get the git command available anywhere on the server.

Create new repository on the Git server

Create a (bare) repository on the Git server and make sure that is externally accessible so that you can clone it on an other machine.

~

Gitting [sic] started

Clone, Branch & Develop on your local machine

Develop your site on your machine as you’d normally do (in my case: on the master branch).

git clone https://user@gitserver/project.git .
[build site]
git add .
git commit -m 'the one true commit'
git push origin master

Also create a gh-pages branch which will be the version to be deployed to the web server.

Note: If the gh-pages branch won’t differ from the master, feel free to skip out on it and deploy the master on the web server later on.

git branch gh-pages
git checkout gh-pages
[make changes, such as adding a Google Analytics Tracking Code]
git add .
git commit -m 'changes for online version'
git push origin gh-pages

Clone on the Web Server

On the web server, clone the project into the vhost’s DocumentRoot and activate the gh-pages branch so that the web server will serve that version.

cd c:/apache2/htdocs/vhosts/subdomain.ikdoeict.be/wwwroot
git clone https://user@gitserver/project.git -b gh-pages .

Note: If you already have a clone on the web server, or mistakingly have cloned the master, run these commands instead

git branch -f gh-pages origin/gh-pages
git checkout gh-pages
git branch -d master

Be sure to verify with your favorite text editor that you’ve got the correct version. If it’s correct you’ve successfully deployed your site onto the web server. Break out the champagne, but don’t open it yet, we’ve got some more work to do.

Security Alert!

You might not know this but whenever you clone a Git project onto disk, you’ll end up with a (hidden) .git directory in the root of your project. In that directory, everything about the repository clone is stored: commits, branches, hooks, ignore files, remotes, etc.

Now that you’ve deployed the project onto the web server, that .git directory will also be present in your vhost DocumentRoot, meaning that it — and its files — are now publicly accessible via http://subdomain.ikdoeict.be/.git/

To prevent this adjust your apache config to disallow the .git folder from being accessed over HTTP.

<VirtualHost *:80>
    ServerName student.ikdoeict.be
    UseCanonicalName On
    DocumentRoot "c:/apache/htdocs/vhosts/student.ikdoeict.be/wwwroot"
    php_admin_value open_basedir "c:/apache/htdocs/vhosts/student.ikdoeict.be;c:/php/temp"
    
    <Directory "c:/apache/htdocs/vhosts/student.ikdoeict.be/wwwroot/.git">
        Order allow,deny
        Deny from all
    </Directory>
    
</VirtualHost>

~

Getting the server to fetch updates

Deploying changes

Now, how to get changes onto the web server? Make changes on your local machine as you’d normally do, and push them upstream when commited. Be sure to merge your changes in the gh-pages branch as that’s the version that’s served on the web server.

git checkout master
[make changes]
git add .
git commit -m 'changes'
git push origin master
	
git checkout gh-pages
git merge master
git push origin gh-pages

On the web server, do a git pull to get the latest version

git pull origin gh-pages

~

Automating Deployment

Prerequisite: “standalone” git pull

In order to automate deployment, git pull should run fine without any user intervention such as requiring to enter a password.

As our setup requires HTTP username + password authentication it’ll ask for the password each time I push/pull something. In order to bypass this edit .git/config so that the remote url contains the password. If you’re doing a fresh clone, you can clone the repository as https://user:pass@gitserver/project.git straightaway.

Beware though: everything is stored plaintext! If other people have access to the machine, this isn’t a good idea! Also be sure to have implemented the security step above.

PHP, do your thing!

Up until now we can deploy changes onto the server, yet it still requires us to log in to the server and manually invoke a git pull. What if we could just open up a webpage in our browser which does the updating for us?

Luckily for us, PHP has a built-in command shell_exec, which allows you to execute a command via the shell and which returns the output. Given this, it’s fairly easy to knock up a PHP script that executes a git pull

<php
    echo nl2br(shell_exec('git pull origin gh-pages 2>&1'));

Note: the 2>&1 at the end of the commmand is to route encountered errors to the output.

Add this file on your local machine to your gh-pages branch …

git checkout gh-pages
[create update.php]
git add .
git commit -m 'update script'
git push origin gh-pages

… and — for the final time — do a manual git pull on the web server.

git pull origin gh-pages

Once the file is on the web server, you can from then on update the version on the server by visiting http://subdomain.ikdoeict.be/update.php. The file will give output when done.

Note: Since Apache is running as a limited user, you must give that user R/W permissions on your DocumentRoot so that it can perform the git pull and do all basic CRUD file manipulations. You can test this by making a local change, pushing it, and visiting update.php: if no error occurs, it’s all fine and dandy!

Putting the magic in automagic

Deploying new versions goes smooth by now, but it’s not fully automated … yet.

You might not know this but Git supports hooks. Hooks are executed after a certain action is performed and are stored in .git/hooks/. For example: after a commit, you could let a hook send out a tweet with your commit message.

One of the hooks that’s interesting for us is the post-receive hook, a server-side hook which is executed after a client has performed a push. We can take this hook, and let it call the update.php script for us. This way, we just have to push, and the web server will be updated automagically.

First, create the hook by renaming the sample provided

cd .git/hooks/
mv post-receive.sample post-receive
chmod +x post-receive

Second — and most important — adjust the hook’s content so that it calls the update.php script

#!/bin/sh
curl -s http://subdomain.ikdoeict.be/update.php

Tip: If you want some actual feedback to see if everything works fine, adjust update.php so that it sends you an e-mail.

Happy deploying!

~

Like what you see? Make a donation.

It certainly is no obligation but it would put a smile on my face ;)

Elsewhere , , , , ,

One Response to Automatic website publishing with Git, GitHub-Style

  1. Pingback: Automatic Website Publishing with git-ftp.py on Mac OS X | Bram.us

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>