Deploying apps online can be really frustrating especially when you starting out and the documentations are not sufficient enough. After deploying apps on Heroku I decided to purchase a Virtual Private Server(VPS) which means I have to build my own machine online.

Creating a config file to your project

CicleCI runs workflow from a configuration file in your project. First you need to the config file config.yml in a .circleci folder.

version: 2
jobs:
  deploy-job:
    docker:
      - image: circleci/openjdk:8u171-jdk
    working_directory: ~/repo
    environment:
      # Customize the JVM maximum heap limit
      MAVEN_OPTS: -Xmx400m
    steps:
      - checkout
      # Download and cache dependencies
      - restore_cache:
          keys:
            - v1-dependencies-{{ checksum "pom.xml" }}
            # fallback to using the latest cache if no exact match is found
            - v1-dependencies-
      - run: ssh -oStrictHostKeyChecking=no -v username@machine_ip "./deploy.sh"



workflows:
  version: 2
  deploy:
    jobs:
      - deploy-job:
          filters:
            branches:
              only: test

CircleCI pipeline spins up a docker container then SSH into the VPS and copy the build file in to a directory.

Create a user for deployment

Its not advisable to give root access to deployment pipelines hence we are going to create a new user for deployment.

Ssh into the VPS

ssh username@machine_ip

Create a new user without password using useradd

sudo useradd -m -d /home/circleci -s /bin/bash circleci

For security purposes, we are not going to add this user as root since circle_ci only needs to create an SSH connection from the VPS to the CircleCI network and run the deploy.sh script.

Now lets open the VPS firewall to port 8080

sudo ufw allow 8080

We need to create an SSH key which our deployment user can use to log in. This SSH key must have no passphrase else CircleCI wont be able to decrypt it.

Local machine

Open you local terminal and run the following command.

ssh-keygen -m PEM -t rsa -f ~/.ssh/circleci

Print out the new public key and copy it to your clipboard.

cat ~/.ssh/circleci.pub

VPS machine

We need to create a .ssh directory for the circleci user.

sudo mkdir /home/circleci/.ssh

We add the public key copied to our clipboard and save to a file called authorized_keys

sudo nano /home/circleci/.ssh/authorized_keys

We give circleci user directory permissions so we dont run to permission problems.

sudo chown -R circleci:circleci /home/circleci

Now we can log in as circleci from our local machine using:

ssh circleci@machine_ip ~/.ssh/circleci

Create a deployment script deploy.sh for CircleCI :

#!/bin/bash

#do something

Adding ssh key to CircleCI

We are almost there, dont give up

Whilst log in as circleci user on the VPS, we generate keys and store them at /home/circleci/.ssh/circle_key

cd ~/.ssh
ssh-keygen

Add public key to authorized keys

Copy ~/.ssh/circle_key contents to ~/.ssh/authorized_keys

cat ~/.ssh/circle_key.pub >> ~/.ssh/authorized_keys

Copy private key to circleCI to clipboard.

cat ~/.ssh/circle_key

Navigate to Project Settings on CircleCI website and add a new key in the SSH Keys sections. Create a new Additional Key and enter the `circle_key' contents from the clipboard and save.

Rerun configuration file on CircleCI and voila.

I do hope you enjoyed this article, and I do hope you keep being awesome.

Take care