Automate deployment using CircleCI to Ubuntu Server.
A step-by-step approach to deploy your apps without hassle....
Deploying apps online can be really frustrating especially when you starting out and the documentations are not sufficient enough. After deploying apps on Heroku I decided to purchase a Virtual Private Server(VPS) which means I have to build my own machine online.
PermalinkCreating a config file to your project
CicleCI runs workflow from a configuration file in your project. First you need to the config file config.yml
in a .circleci
folder.
version: 2
jobs:
deploy-job:
docker:
- image: circleci/openjdk:8u171-jdk
working_directory: ~/repo
environment:
# Customize the JVM maximum heap limit
MAVEN_OPTS: -Xmx400m
steps:
- checkout
# Download and cache dependencies
- restore_cache:
keys:
- v1-dependencies-{{ checksum "pom.xml" }}
# fallback to using the latest cache if no exact match is found
- v1-dependencies-
- run: ssh -oStrictHostKeyChecking=no -v username@machine_ip "./deploy.sh"
workflows:
version: 2
deploy:
jobs:
- deploy-job:
filters:
branches:
only: test
CircleCI pipeline spins up a docker container then SSH into the VPS and copy the build file in to a directory.
PermalinkCreate a user for deployment
Its not advisable to give root access to deployment pipelines hence we are going to create a new user for deployment.
Ssh into the VPS
ssh username@machine_ip
Create a new user without password using useradd
sudo useradd -m -d /home/circleci -s /bin/bash circleci
For security purposes, we are not going to add this user as root since circle_ci only needs to create an SSH connection from the VPS to the CircleCI network and run the
deploy.sh
script.
Now lets open the VPS firewall to port 8080
sudo ufw allow 8080
We need to create an SSH key which our deployment user can use to log in. This SSH key must have no passphrase else CircleCI wont be able to decrypt it.
Local machine
Open you local terminal and run the following command.
ssh-keygen -m PEM -t rsa -f ~/.ssh/circleci
Print out the new public key and copy it to your clipboard.
cat ~/.ssh/circleci.pub
VPS machine
We need to create a .ssh
directory for the circleci
user.
sudo mkdir /home/circleci/.ssh
We add the public key copied to our clipboard and save to a file called authorized_keys
sudo nano /home/circleci/.ssh/authorized_keys
We give circleci
user directory permissions so we dont run to permission problems.
sudo chown -R circleci:circleci /home/circleci
Now we can log in as circleci
from our local machine using:
ssh circleci@machine_ip ~/.ssh/circleci
Create a deployment script deploy.sh
for CircleCI :
#!/bin/bash
#do something
PermalinkAdding ssh key to CircleCI
We are almost there, dont give up
Whilst log in as circleci
user on the VPS, we generate keys and store them at /home/circleci/.ssh/circle_key
cd ~/.ssh
ssh-keygen
Add public key to authorized keys
Copy ~/.ssh/circle_key
contents to ~/.ssh/authorized_keys
cat ~/.ssh/circle_key.pub >> ~/.ssh/authorized_keys
Copy private key to circleCI to clipboard.
cat ~/.ssh/circle_key
Navigate to Project Settings on CircleCI website and add a new key in the SSH Keys sections. Create a new Additional Key and enter the `circle_key' contents from the clipboard and save.
Rerun configuration file on CircleCI and voila.
I do hope you enjoyed this article, and I do hope you keep being awesome.
Take care