Setup Git deployment on push to remote origin with post-update hook

Git

1. Generate SSH keys pair.
Use ssh-keygen command to generate SSH keys pair.
Example usage:

$ ssh-keygen -t rsa -b 4096 -C "taras@shkodenko.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/tarasius/.ssh/id_rsa):

2. Setup SSH key authorization.
To setup autorization by SSH key add contents of your public key
($HOME/.ssh/id_rsa.pub) to $HOME/.ssh/authorized_keys file.
For example:

$ cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys

Or use command ssh-copy-id command like:

$ ssh-copy-id -i $HOME/.ssh/id_rsa.pub tarasius@remote.server2.com
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
tarasius@remote.server2.com's password:

3. Setup working copy Git repository.

$ cd $HOME/web/remote.server2.com
$ git init
Initialized empty Git repository in $HOME/web/remote.server2.com/.git/

4. Setup bare Git repository.

$ cd
$ git init --bare remote2.git
Initialized empty Git repository in /home/tarasius/remote2.git/

5. Git web hook script.

$ cp -fvp /home/tarasius/remote2.git/hooks/post-update.sample /home/tarasius/remote2.git/hooks/post-update
$ vim /home/tarasius/remote2.git/hooks/post-update


#!/bin/sh
#
# An example hook script to prepare a packed repository for use over
# dumb transports.
#
# To enable this hook, rename this file to "post-update".
#
# exec git update-server-info

unset GIT_INDEX_FILE

export GIT_WORK_TREE=/home/tarasius/web/remote.server2.com/
export GIT_DIR=/home/tarasius/remote2.git/

/usr/bin/git checkout -f

$

6. Add remote origin
To view list or remote origins:

$ git remote -v

To add remote origin:

$ git remote add origin tarasius@remote.server2.com:/home/tarasius/remote2.git

7. To deploy changes
To deploy your changes push commit:

$ git push origin master

In this example:

/home/tarasius - example user home directory $HOME or ~
/home/tarasius/web/remote.server2.com/ - folder with application working copy
/home/tarasius/remote2.git/ - bare Git repository
remote.server2.com - host name of server with git repositories

mysql and mysqldump –defaults-file without a password

MySQL has an amazing option called –defaults-file. It can be used to store credentials in configuration file as it shown in example below:


[client]
user=dbUser
password=dbPassword

Make sure you did not store such configration files anywhere inside public_html accessible via HTTP or HTTPS on your website. It is real security breach. Do not do it. Consider to change –defaults-file ../some_secure_path_outside_www/.db1.my.cnf permissions as low as 600 only accessible to user to read/write it. Nobody other should have access to it. Store such files outside of any virtual host htdocs, www or public_html folders.

With such configation files you can skip authorization when using mysql, mysqldump commands.
Example commands are:
1. To make db backup you can run command like:

# mysqldump --defaults-file=../some_secure_path_outside_www/.db1.my.cnf db1 > db1.sql

2. To restore db from SQL dump file you can execute command below:

# mysql --defaults-file=../some_secure_path_outside_wwwpath/.db1.my.cnf db1 < db1.sql

You could also use my PHP cli scripts to generate such .cnf configuration files automatically from a popular CMS and frameworks at: https://github.com/podlom/get_mysql_db_php_from_cms

Example usage of command below:

# php get_create_my_cnf.php /home/taras/public_html >../some_secure_path_outside_www/.db1.my.cnf

Please, also look at documentation for more details: https://dev.mysql.com/doc/refman/5.5/en/option-file-options.html