Bogdan FLOREA

personal blog

Gitlab SSH Autodeploy

The goal here is to create a build and deployment process. We will use gitlab.com for our git repository, ssh and rsync to copy files over to our server and hugo to create a static blog.

HUGO site

If you don’t have hugo you can follow the instructions found here to install: https://gohugo.io/getting-started/installing

Then we will create a new hugo website:

hugo new site hgauto

Install a theme:

cd hgauto
git init
git submodule add https://github.com/budparr/gohugo-theme-ananke.git themes/ananke

To use the newly installed theme we will need to edit config.toml file and add theme = "ananke"to it.

Deploying to SSH server

We will be using SSH for the auto-deployment process. In order for gitlab to connect to our server we will need to create a pair of SSH keys.

ssh-keygen -t rsa

Then enter the file to save your ssh keys in.

Enter file in which to save the key (/home/bogdan/.ssh/id_rsa):

Lastly, you can choose to have a passphrase or not. This tutorial assumes you will not set a passphrase.

Gitlab setup.

Go ahead and create a new project in Gitlab. Then we will make the initial commit without gitlab-ci enabled.

git remote add origin https://gitlab.com/floreabogdan/hgauto.git
git add .
git commit -a -m "initial commit"
git push origin master

Now, in the root of our project we will create a new file called gitlab-ci.yml and add the following content to it:

stages:
  - build
  - deploy
build:
  stage: build
  image: floreabogdan/hugo
  before_script:
    - apk add --update git
  script:
  - git submodule update --init --recursive
  - hugo -d public_html
  cache:
    paths:
    - public_html
  artifacts:
    paths:
    - public_html
  only:
  - master
deploy:
  stage: deploy
  image: alpine:3.5
  before_script:
    - apk add --no-cache bash ca-certificates openssh rsync
    - mkdir -p ~/.ssh
    - echo -e "${DEPLOY_KEY}" > ~/.ssh/id_rsa
    - echo -e "${HOST_KEY}" > ~/.ssh/known_hosts
    - echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
    - chmod 600 ~/.ssh/id_rsa
  script:
    - rsync -hrvz --delete --exclude=_ -e 'ssh -i ~/.ssh/id_rsa' public_html/ "${SSH_USER_HOST_LOCATION}"
  only:
    - master

Please leave a comment if the file is not self-explenatory.

Next, we will setup some gitlab variables in order for our gitlab-ci file to work. We will need to add 3 variables DEPLOY_KEY, HOST_KEY and SSH_USER_HOST_LOCATION.

Go to Settings > CI/CD > Secret variables and add them.

[DEPLOY_KEY]

Assuming you did not change the location in the previous steps, enter the following command in your deployment server shell:

cat ~/.ssh/id_rsa
[HOST_KEY]

In your deployment server enter:

ssh-keyscan [server_hostname]

[server_hostname] should be your public server hostname.

There result should be something like:

vps.florea.xyz ssh-rsa AAABB3NzaC1yc2EAAAABIwAAAQEAxXfRRjD9BIiVQ5KUpXIMqvxrCcURCAJQsvwQ9hkobQLIN3NMuJyChln5h50+HRyaHqvk0K6qhot6abuG4+ac8zLxL20yFaqSe+S7Dzi82JUmx/N0BxoB6904jTJD6K8NB3TnP9AuY37RE8DE3wsekRreRVAbs4WHtSMv+x8pnhGrVM53gopy062dGYHH3fNkESJKCs/k5YBrLWdZ1jw51GvvPvW2jmE80oOOda3+7BE0/p3phUf1NaE7fgpm+SJ2RfuEZ0rV04b7zzVNDdE1mOozmuPH93Cdl1+1ixQ/oP+WaYeSixrPLs//f31ipxrK9PWNfZWRexbMV8w6whad+Q==

We will add this value to gitlab HOST_KEY secret variable.

[SSH_USER_HOST_LOCATION]

This is the last variable we will need to define in Gitlab. It’s value should be something like:

[server_username]@[server_hostname]:/path/to/our/files/

Last steps

Lastly, we need to add our public key to the authorized_keys file and push our changes to gitlab.

Copy the content of ~/.ssh/id_rsa.pub to the end of ~/.ssh/authorized_keys.

Push our changes to gitlab.com:

git add .
git commit -a -m "enabling ci"
git push origin master

Then go to CI/CD tab in Gitlab and watch your newly created pipeline. If everything was set correctly the deploy stage should execute without error and your static website should be sent to your [SSH_USER_HOST_LOCATION].

After that, set your HTTP server to serve content from that location.