Here’s the (somewhat stripped down/censored) script I’m using to deploy my sites. My old method had a script *per repo* inside the directory and added to `.gitignore`. Not a very maintainable or elegant solution. This way, I just hit an address with a query string. Obviously, the repo needs to be owned by the user that the web server is running …

webhook.php

<?php 

/*
	Usage: http://example.com/webhook.php?repo=repo-name
	
	Obviously, for security, a different file name (or at least a different query string variable name) should be used.
*/

$path = null;

// If we're requesting a pull...
if($repo = $_GET["repo"]) {

  // Check where we're pulling to.
  switch($repo) {
		case 'daneden.me':
			$path = '/var/www/docs/daneden.me/public';
			break;
		case 'emilybrook':
			$path = '/var/www/docs/emilybrook.co.uk/public';
			break;
		case 'gateway':
			$path = '/var/www/docs/dev.gateway-learning.com/public';
			break;
	}

  // Prepare our command.
	$output = 'cd ' . $path . ' && git pull';
  
  // Execute & check for success.
	if ($exec = shell_exec($output)) {
		echo "Nice work, kid. Don&rsquo;t get cocky.<br>";
		echo $exec;
	} else {
		echo "Something went wrong. Bugger.<br>";
    
    // Echo diagnostics.
		echo $exec;
		echo '<br>' . $output . '<br>' . $path . '<br>' . $repo;
	}
} else {
  // If we're not pulling, give the user something to stare at.
	echo '<img src="http://24.media.tumblr.com/tumblr_mbal9whEhn1rogl95o1_500.gif" alt="Nothing to see here.">';
}