How to configure Gitlab-CI to Auto-deploy your App via SSH
End Goal: Using Gitlab-CI to Deploy your project to a server via SSH. 💪🤓
My assumptions:
- You have a Gitlab Runner with docker executor up and running(could be locally). You don’t? read this.
- You have a Server to deploy to(could be locally too, it has to be reachable by the Runner).
- You have a Gitlab account and already created a Repository for your project with a
.gitlab-ci.yml
file.
Introduction:
I don’t like introductions, but as you’re expecting one, let me show you something:
Happy🤔?! Scroll down please 😬
Short story long
characters
The characters of our “Love💖” story are:
- Gitlab Repository( with a
.gitlab-ci.yml
file), - Gitlab Runner(with docker executor),
- Server to deploy our app to, thru ssh.
Places
Our deployment story happens in at least two places(servers/clouds) depends on your setup:
- Gitlab itself; gitlab.com in case you don’t self-host GitLab.
- Cloud to host the Runner and the Server(could be each on a different cloud).
The only important thing here is that the Runner can reach Server so SSH will be possible, also the Runner can reach your Gitlab; so you can enable the runner for our demo project(repository) in Settings > CI/CD > Runners
. By ‘reach’ I don’t mean they has to be on the same network but at least they are “pingable👻”. see 👇
“Speak so I can see you.” ~Socrates
Gitlab Pipeline configuration:
Case 1: the Runner and the Server are in the same self-hosted VPC
In my example here; I have used the localhost to setup:
- A vagrant machine hosts a Gitlab runner with Docker executor(Github repo ready-to-use runner). And your repository has this Runner enabled:
Settings > CI/CD > Runners
- Another vagrant machine with static IP to simulate a server(Github repo demo server).
So I have the Runner and the Server on the localhost, so the Runner can reach the server, and of course can reach the Gitlab too.
Steps:
1- SSH to the Runner’s vagrant-machine, in case it’s not a vagrant machine skip: vagrant ssh
2- Generate an SSH key pair:
ssh-keygen -t rsa -N ‘’ -f ~/.ssh/id_rsa <<< n
3- Get the Private key of the Runner’s machine:
- In the terminal run:
cat ~/.ssh/id_rsa
- Add this private key as a variable to your project on Gitlab,
Settings > CI/CD > Variables
and don’t ‘Masked’ it.
4- SSH to the Server-simulation vagrant-machine:
vagrant ssh
5- Copy the public key of the Runner’s Machine to inside the the ~/.ssh/authorized_keys
of the Server-simulation vagrant-machine.
6- Modify your .gitlab-ci.yml
. according to the following example, a Debian based image is assumed. Edit to your needs:
7- Commit & push .gitlab-ci.yml
changes, the pipeline will start and ssh to your server and perform the demo command ls -al
Case 2: the Runner is self-hosted and the Server is an EC2 instance
The only change here is you instead of using runners keypair, you need to put the key from the .pem
file, which created/downloaded during the creation of the EC2 instance, to inside a Gitlab’s variable: Settings > CI/CD > Variables:
and no need to add the public key to anywhere in the Server-simulation vagrant-machine.
and the final .gitlab-ci.yml
would be something like this:
That’s it. Easy breezy ha? 🙄😬
If you have a question leave it in the comments below.