From 0933f514db67cb1a251cd96c73d5a473adbcaf1a Mon Sep 17 00:00:00 2001 From: jordank195 Date: Fri, 26 Jan 2024 18:49:54 +0000 Subject: [PATCH 1/2] Added section in readme to emphasise ssh keygen for webserver user --- README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/README.md b/README.md index e33ed2b..8d8cc1d 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,25 @@ Generate an SSH key and add it to your account so that `git pull` can be run wit - [GitLab documentation](http://doc.gitlab.com/ce/ssh/README.html) - [Bitbucket documentation](https://confluence.atlassian.com/bitbucket/add-an-ssh-key-to-an-account-302811853.html) +When __deploy.php__ is called by the web-hook, the webserver user (`www`, `www-data`, `apache`, etc...) will attempt to run `git pull ...`. You need to ensure that the SSH key you generate is for the webserver user. + +First, find out the home directory of our apache user, for example by looking into /etc/passwd and looking for the `www-data` user or however the apache user of your distribution is called. The home directory is likely `/var/www`. + +Then, run (replacing `/var/www` with the home directory of the apache user on your setup): + +```bash +$ mkdir "$HOME/www-data.ssh" +$ ssh-keygen -q -t rsa -f "$HOME/www-data.ssh/id_rsa" -N "" +$ chown -R www-data:www-data "$HOME/www-data.ssh" +$ mkdir /var/www/.ssh +$ cat << END > /var/www/.ssh/config +> Host * +> IdentityFile $HOME/www-data.ssh/id_rsa +> END +$ chown -R www-data:www-data /var/www/.ssh +``` +Now your webserver user will use the ssh key in $HOME/www-data.ssh/id_rsa for all its ssh connections. + ### Configuration Copy the __git-deploy__ folder and its contents in to your public folder (typically public_html). Note that you can change the name of the folder if desired. From 2a8d4dda337cd9515febd0be4e752e6efd4af824 Mon Sep 17 00:00:00 2001 From: Jordan K Date: Fri, 26 Jan 2024 18:51:50 +0000 Subject: [PATCH 2/2] Update README.md --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 8d8cc1d..fc9ee21 100644 --- a/README.md +++ b/README.md @@ -16,11 +16,11 @@ Generate an SSH key and add it to your account so that `git pull` can be run wit - [GitLab documentation](http://doc.gitlab.com/ce/ssh/README.html) - [Bitbucket documentation](https://confluence.atlassian.com/bitbucket/add-an-ssh-key-to-an-account-302811853.html) -When __deploy.php__ is called by the web-hook, the webserver user (`www`, `www-data`, `apache`, etc...) will attempt to run `git pull ...`. You need to ensure that the SSH key you generate is for the webserver user. +When __deploy.php__ is called by the web-hook, the webserver user (`www`, `www-data`, `apache`, etc...) will attempt to run `git pull ...`. You must ensure that the SSH key you generate is for the webserver user. -First, find out the home directory of our apache user, for example by looking into /etc/passwd and looking for the `www-data` user or however the apache user of your distribution is called. The home directory is likely `/var/www`. +First, find the home directory of our webserver user, for example, by looking into /etc/passwd and looking for the `www-data` user or whatever the webserver user of your distribution is called. The home directory is likely `/var/www`. -Then, run (replacing `/var/www` with the home directory of the apache user on your setup): +Then, run (replacing `/var/www` with the home directory of the webserver user on your setup): ```bash $ mkdir "$HOME/www-data.ssh" @@ -33,7 +33,7 @@ $ cat << END > /var/www/.ssh/config > END $ chown -R www-data:www-data /var/www/.ssh ``` -Now your webserver user will use the ssh key in $HOME/www-data.ssh/id_rsa for all its ssh connections. +Now, your webserver user will use the SSH key in $HOME/www-data.ssh/id_rsa for all its SSH connections. ### Configuration