One of the things I like about GitHub is the fact that it sports a
gh-pages branch. Anything you push to it, is automatically published on your GitHub subdomain
Inspired by this GitHub publishing flow, I’ve set up a likewise method on our web servers at work: a branch which gets published automatically onto our web server whenever we push code to it. This way we can eliminate the manual (and tedious) task of FTP’ing to the server (or opening up a network share) and copying the files onto the server in order to publish.
Somewhat related: Did you know, you can also (ab)use Dropbox as a web publishing tool? Not as robust as this method, yet it might be more fitting for some of you readers.
The web server at work is a Windows 2008 R2 machine running a WAMP stack to serve the (mostly static) sites. Each hosted subsite is configured a vhost and is stored in its own subfolder on disk. Apache is being run as a separate user which has limited access to the filesystem.
<VirtualHost *:80> ServerName subdomain.ikdoeict.be UseCanonicalName On DocumentRoot "c:/apache2/htdocs/vhosts/subdomain.ikdoeict.be/wwwroot" php_admin_value open_basedir "c:/apache2/htdocs/vhosts/subdomain.ikdoeict.be;c:/php/temp" </VirtualHost>
Next to the web server we also have a private Git server running Linux to/from wich code is pushed/pulled. Repositories are accessible via HTTPS and authenticating to this server is done via an HTTP Username & Password (not via a SSH key).
Of course your mileage may vary:
- you might be running all-linux machines with shell access enabled (in which case you might be better off with Capistrano);
- or you might have one single server function as both the web and Git server;
- or you might have your code stored onto a public Git server (if you’re on GitHub, just set up a Post-Recieve URL and use this script as the update script);
- or you might skip out on the
gh-pagesbranch and want to deploy your
Either way: adjust/skip steps where necessary to reflect your setup/preferences 😉
Install Git on the Web Server
As it’s a Windows server I’ve installed Git for Windows, choosing to run Git and the Unix Tools from the Windows Command Prompt.
Once installed, I’ve restarted the server to get the
git command available anywhere on the server.
Create new repository on the Git server
Create a (bare) repository on the Git server and make sure that is externally accessible so that you can clone it on an other machine.
Gitting [sic] started
Clone, Branch & Develop on your local machine
Develop your site on your machine as you’d normally do (in my case: on the
git clone https://user@gitserver/project.git . [build site] git add . git commit -m 'the one true commit' git push origin master
Also create a
gh-pages branch which will be the version to be deployed to the web server.
Note: If the
gh-pages branch won’t differ from the
master, feel free to skip out on it and deploy the
master on the web server later on.
git branch gh-pages git checkout gh-pages [make changes, such as adding a Google Analytics Tracking Code] git add . git commit -m 'changes for online version' git push origin gh-pages
Clone on the Web Server
On the web server, clone the project into the vhost’s
DocumentRoot and activate the
gh-pages branch so that the web server will serve that version.
cd c:/apache2/htdocs/vhosts/subdomain.ikdoeict.be/wwwroot git clone https://user@gitserver/project.git -b gh-pages .
Note: If you already have a clone on the web server, or mistakingly have cloned the
master, run these commands instead
git branch -f gh-pages origin/gh-pages git checkout gh-pages git branch -d master
Be sure to verify with your favorite text editor that you’ve got the correct version. If it’s correct you’ve successfully deployed your site onto the web server. Break out the champagne, but don’t open it yet, we’ve got some more work to do.
You might not know this but whenever you clone a Git project onto disk, you’ll end up with a (hidden)
.git directory in the root of your project. In that directory, everything about the repository clone is stored: commits, branches, hooks, ignore files, remotes, etc.
Now that you’ve deployed the project onto the web server, that
.git directory will also be present in your vhost
DocumentRoot, meaning that it — and its files — are now publicly accessible via
To prevent this adjust your apache config to disallow the
.git folder from being accessed over HTTP.
<VirtualHost *:80> ServerName student.ikdoeict.be UseCanonicalName On DocumentRoot "c:/apache/htdocs/vhosts/student.ikdoeict.be/wwwroot" php_admin_value open_basedir "c:/apache/htdocs/vhosts/student.ikdoeict.be;c:/php/temp" <Directory "c:/apache/htdocs/vhosts/student.ikdoeict.be/wwwroot/.git"> Order allow,deny Deny from all </Directory> </VirtualHost>
Getting the server to fetch updates
Now, how to get changes onto the web server? Make changes on your local machine as you’d normally do, and push them upstream when commited. Be sure to merge your changes in the
gh-pages branch as that’s the version that’s served on the web server.
git checkout master [make changes] git add . git commit -m 'changes' git push origin master git checkout gh-pages git merge master git push origin gh-pages
On the web server, do a
git pull to get the latest version
git pull origin gh-pages
In order to automate deployment,
git pull should run fine without any user intervention such as requiring to enter a password.
As our setup requires HTTP username + password authentication it’ll ask for the password each time I
pull something. In order to bypass this edit
.git/config so that the remote url contains the password. If you’re doing a fresh clone, you can clone the repository as
Beware though: everything is stored plaintext! If other people have access to the machine, this isn’t a good idea! Also be sure to have implemented the security step above.
PHP, do your thing!
Up until now we can deploy changes onto the server, yet it still requires us to log in to the server and manually invoke a
git pull. What if we could just open up a webpage in our browser which does the updating for us?
Luckily for us, PHP has a built-in command
shell_exec, which allows you to execute a command via the shell and which returns the output. Given this, it’s fairly easy to knock up a PHP script that executes a
<php echo nl2br(shell_exec('git pull origin gh-pages 2>&1'));
2>&1 at the end of the commmand is to route encountered errors to the output.
Add this file on your local machine to your
gh-pages branch …
git checkout gh-pages [create update.php] git add . git commit -m 'update script' git push origin gh-pages
… and — for the final time — do a manual
git pull on the web server.
git pull origin gh-pages
Once the file is on the web server, you can from then on update the version on the server by visiting
http://subdomain.ikdoeict.be/update.php. The file will give output when done.
Note: Since Apache is running as a limited user, you must give that user R/W permissions on your
DocumentRoot so that it can perform the
git pull and do all basic CRUD file manipulations. You can test this by making a local change, pushing it, and visiting
update.php: if no error occurs, it’s all fine and dandy!
Putting the magic in automagic
Deploying new versions goes smooth by now, but it’s not fully automated … yet.
You might not know this but Git supports hooks. Hooks are executed after a certain action is performed and are stored in
.git/hooks/. For example: after a commit, you could let a hook send out a tweet with your commit message.
One of the hooks that’s interesting for us is the
post-receive hook, a server-side hook which is executed after a client has performed a push. We can take this hook, and let it call the
update.php script for us. This way, we just have to push, and the web server will be updated automagically.
First, create the hook by renaming the sample provided
cd .git/hooks/ mv post-receive.sample post-receive chmod +x post-receive
Second — and most important — adjust the hook’s content so that it calls the
#!/bin/sh curl -s http://subdomain.ikdoeict.be/update.php
Tip: If you want some actual feedback to see if everything works fine, adjust
update.php so that it sends you an e-mail.
I don’t run ads on my blog nor do I do this for profit. A donation however would always put a smile on my face though. Thanks!