PHP Implementation of git Deployment Method Tutorial

Background

On small sites, it is quite convenient to deploy php code directly with git. Your remote site and local version repository have 1 version control, so it is easy to track problems or roll back.

Because I work in a small company, the original system is still uploading and deploying using the traditional ftp, which is too troublesome to deploy and difficult to control the online code. I found the tutorial of git deployment on the Internet, and I came down with a lot of pits. Now I send out the whole process, hoping to help everyone. I don't say much below. Let's take a look at the detailed introduction.

Account correlation

useradd -m git // Add git Account number 
ssh-keygen // Key generation , If you already have it, you can skip it 
su git // Switch to git Account number 
cd ~ // Switch to git Account root directory 
mkdir .ssh // Create .ssh Directory 
cat / Key storage directory /xxx.pub >> ~/.ssh/authorized_keys // Set the public key 

Here 1 must pay attention to the permission problem, otherwise the key login cannot take effect, and the corresponding permissions of each folder are as follows

.ssh Folder permissions  700
id_rsa 600
id_rsa.pub 644
authorized_keys 600

File permission setting

Place git in one user group with users running nginx or apache at the site, such as www

vim/etc/passwd Find git account number and www account number, and change the group ID of git account number to the same as www group ID 1

The site owner is set to git and the user group is set to www//Assume that both nginx and git belong to the www user group

Directory permissions are set to 775, and file permissions are set to 664

Warehouse code

Server side

cd  Site Directory 
git init // Initialize directory 

git Configuration

git config receive.denyCurrentBranch ignore // Set the warehouse to accept code submission 

Setting sudo Secret Free

vim /etc/sudoers
# Defaults secure_path  If there is no order you want, , Pay attention to adding 
# php By default, the command of  secure_path Add at the end  :/usr/local/php/bin"
 In  root ALL=(ALL) ALL  Below 1 Row addition 
git ALL=(ALL) NOPASSWD:ALL 
#  Save Exit  , This is aimed at laravel  To restart the queue command, you can use it .
# sudo php artisan queue:restart

Hook setting

cd .git/hooks // Switch to the site hook directory 
touch post-receive // Create a receive submission hook 
//  The contents of the hook file are as follows :
#!/bin/sh
#  Set the default permissions for account creation files 
umask 002 
unset GIT_DIR
cd ..
git checkout -f
#  Execute PHP Hook logic 
/usr/bin/curl http(s):// Domain name / Hook text position /hook.php
#  If there is a use laravel Queue needs to restart the queue process , Let the new code take effect 
# sudo php artisan queue:restart
exit 0

hook. php content

<?php
/**
 * git Upload execution hook 
 */
//TODO  Security restrictions 
//TODO  Other hook behaviors 
//  Clear opcache
if (version_compare(PHP_VERSION, '5.5.0', '>=')) {
 opcache_reset();
}

Increase Hook Executable Permission

chmod a+x .git/hooks/post-receive

Native code

git remote add  Remote warehouse name  ssh://git@IP Address :/ Site Directory  // Add Remote Warehouse 
git push  Remote warehouse name  master 

Pay special attention

User uploaded picture directory 1 must do a good job of file neglect action, otherwise it is possible to delete this part of the file when clearing untracked files, resulting in disastrous results

Summarize