Page 1 of 1

Production Servers, SSH, and Git

Posted: Wed Aug 10, 2011 10:40 pm
by Jonah Bron
Hello, world!

One of my current projects is setting up a site on a shared host for a client. Everything is essentially done at this point, I just wanted to run it by you to get your feedback, and hear how you usually do it.

Here is how it's set up now. The site itself is being tracked with Git. On the remote server, I have access to the home directory of my account via jailed SSH (correct way to say it?). The htdocs folder is in ~/public_html/. I copied my local repository to the server with scp, and placed it as a bare repository (no working tree) in ~/stage.git/. That location is configured as a remote from my development environment. I also set up an RSA key-pair so I don't have to remember the SSH password.

The tricky bit (from my perspective of inexperience ;)) was keeping the .git directory out of the public HTML. Yeah, I know I could just deny access to it with .htaccess, but I want it watertight. Since I can't re-configure the location, I solved the problem by turning the directory public_html/ into a symlink to ~/site/www/. ~/site/ is another Git repository, and all files in the repo were moved into a www/ sub-directory. Whenever I make a change, I commit my local repository, push origin master, SSH into the live repository, and pull origin (from stage.git).

I still haven't solved the problem of keeping configurations separate for production/development, besides the obvious answer to .gitignore the configuration file and make two versions named based on the environment, and manually copy the correct one in your environment.

Unfortunately, I couldn't seem to get a post-receive Git hook working (tried a normal shell script?), so I still have to SSH into the server to pull from stage.git, after I push changes out from my development machine.

One thing I'm thinking about doing is creating a makefile, instead of making ~/site/ a Git repository. There are three reasons for this:
  1. Reduce duplication: there's very little point in having two Git repositories on the same server as far as I can see.
  2. Configuration problem: being able to create a shell script that uses git-checkout-index to copy the repository into the live folder would enable me to manipulate files as I like along the way; in my case setting up the correct configuration file.
  3. Future flexibility: not as big a reason as the other two, but it still allows for more flexibility that may be required in the future.
What do you think? What would you do differently? Feedback welcome :)

P.S. I'm just trying out Git for the experience; as this setup has evolved I see more and more that Subversion would do just fine.