Git and deployment on VPS

Git lets you version code and deploy it on a HolyCloud Linux VPS via git pull, post-receive hook, or CI script. This tutorial installs Git, configures SSH authentication to GitHub/GitLab, prepares a production directory, and describes a minimal deployment flow without over-engineering.

Prerequisites

• HolyCloud VPS Ubuntu/Debian, sudo access
• Remote repository (GitHub, GitLab, Gitea) with read access (deploy key or machine account)
• Dedicated user recommended (deploy) — see « Create a sudo user »
• Web stack in place (Apache/Nginx) pointing to the target directory

Tip: Never clone as root; use a deploy user whose group can read/write DocumentRoot with www-data.

Step 1: Install Git

sudo apt update
sudo apt install -y git
git --version

Identity for commits on the server if needed:

git config --global user.name "Deploy HolyCloud"
git config --global user.email "[email protected]"
git config --global init.defaultBranch main

Step 2: Dedicated SSH key for the repository (deploy key)

As user deploy:

sudo -u deploy -i
ssh-keygen -t ed25519 -C "deploy@vps-holycloud" -f ~/.ssh/id_ed25519_git -N ""
cat ~/.ssh/id_ed25519_git.pub

Add the public key on GitHub: Settings → Deploy keys (read-only) or GitLab: Deploy Keys.

~/.ssh/config file:

nano ~/.ssh/config

Host github.com
    HostName github.com
    User git
    IdentityFile ~/.ssh/id_ed25519_git
    IdentitiesOnly yes

chmod 600 ~/.ssh/config ~/.ssh/id_ed25519_git
ssh -T [email protected]

Step 3: First production clone

sudo mkdir -p /var/www/exemple.fr
sudo chown deploy:www-data /var/www/exemple.fr
sudo chmod 775 /var/www/exemple.fr
cd /var/www/exemple.fr
git clone [email protected]:organisation/monapp.git .
git status
git branch -a

Production branch:

git checkout main
git pull origin main

Step 4: Deployment script

sudo nano /opt/scripts/deploy-monapp.sh

#!/bin/bash
set -euo pipefail
APP_DIR=/var/www/exemple.fr
cd "$APP_DIR"
git fetch origin
git checkout main
git pull --ff-only origin main
# PHP example: composer install --no-dev
# composer install --no-dev --optimize-autoloader
# Node example: npm ci && npm run build
sudo systemctl reload apache2
echo "Deploy OK $(date -Is)" >> /var/log/deploy-monapp.log

sudo chmod +x /opt/scripts/deploy-monapp.sh
sudo chown deploy:deploy /opt/scripts/deploy-monapp.sh

Manual test:

sudo -u deploy /opt/scripts/deploy-monapp.sh

Step 5: Bare repository + post-receive hook (optional push-to-deploy)

sudo -u deploy git init --bare /home/deploy/repos/monapp.git
nano /home/deploy/repos/monapp.git/hooks/post-receive

#!/bin/bash
TARGET=/var/www/exemple.fr
GIT_DIR=/home/deploy/repos/monapp.git
git --work-tree="$TARGET" --git-dir="$GIT_DIR" checkout -f main
/opt/scripts/deploy-monapp.sh

chmod +x /home/deploy/repos/monapp.git/hooks/post-receive

From your dev machine (« production » remote):

git remote add production deploy@IP_DU_VPS:/home/deploy/repos/monapp.git
git push production main

Step 6: Variables and secrets

Do not commit .env to production. Create it once on the server:

sudo -u deploy nano /var/www/exemple.fr/.env
sudo chmod 600 /var/www/exemple.fr/.env

Ignored files list:

cat .gitignore

Step 7: cron or webhook (overview)

Scheduled pull (simple, less elegant than hook):

*/30 * * * * deploy /opt/scripts/deploy-monapp.sh >> /var/log/deploy-monapp.log 2>&1

For GitHub Actions, trigger ssh deploy@IP /opt/scripts/deploy-monapp.sh with a dedicated key — limit the command in authorized_keys.

Verification

cd /var/www/exemple.fr && git log -1 --oneline
git remote -v
ls -la
tail -5 /var/log/deploy-monapp.log
curl -I http://127.0.0.1/

Deployed version matches the latest expected commit on main.

HolyCloud support

• Permission denied (publickey): wrong deploy key or IdentitiesOnly
• dubious ownership: git config --global --add safe.directory /var/www/exemple.fr
• Pull conflicts: avoid commits on the server; use --ff-only
• HolyCloud support: deploy user, git pull output, post-receive hook logs