Git Push to Deploy: Automating Server Deployment with Post-Receive Hooks and Docker Compose
🔐 Secure Git Push-Based Deployment This guide explains how to securely deploy a Docker-based application using Git push, with two users: sshuser – non-root user responsible for pushing code. myrootuser – root-privileged user responsible for executing deployment. ✅ Deployment Flow Summary Actor Action Runs As sshuser Pushes code to bare Git repo sshuser post-receive Triggers deploy script via sudo -u myrootuser deploy.sh Runs Docker Compose as myrootuser 🧭 Step-by-Step Setup 🔹 1. On Server: Create Bare Git Repo (as sshuser ) ssh sshuser@your-server mkdir -p ~/repos/myapp.git cd ~/repos/myapp.git git init --bare 🔹 2. Create post-receive Hook (as sshuser ) nano ~/repos/myapp.git/hooks/post-receive Paste this: #!/bin/bash sudo -u myrootuser /home/myrootuser/deploy-scripts/deploy.sh Make it executable: chmod +x ~/repos/myapp.git/hooks/post-receive 🔹 3. Allow sshuser to Run Only This Script as myrootuser Run as root or...