Skip to content

Instantly share code, notes, and snippets.

@iMega

iMega/README.md

Created February 22, 2021 11:37
Show Gist options
  • Save iMega/f65168d92fd26f61bb4033d2860a433c to your computer and use it in GitHub Desktop.
Save iMega/f65168d92fd26f61bb4033d2860a433c to your computer and use it in GitHub Desktop.
Download ZIP
New release app from Github repo with webhook on VPS
Raw
README.md

Install webhook on VPS

wget https://github.com/adnanh/webhook/releases/download/2.8.0/webhook-linux-amd64.tar.gz
tar -zxf webhook-linux-amd64.tar.gz
mv webhook-linux-amd64/webhook /usr/bin/webhook
chmod +x /usr/bin/webhook

Copy webhook.service to /usr/lib/systemd/system/webhook.service

Insert secret (see 'Create release hook') and copy hooks.json to /etc/webhook/hooks.json

Copy webhook to /etc/sysconfig/webhook

systemctl start webhook
tail -f /var/log/messages

Add location in nginx config of VPS

server {
    listen 80;
    server_name deploy.example.com;

    location /hooks/ {
        # run webhook on port 9000
        proxy_pass http://172.17.0.1:9000/hooks/;
    }
}

Create release hook

Go to Repo - Settings - Hooks

  • Payload URL: http://deploy.example.com/hooks/ (better with https)
  • Content type: application/json
  • Secret: Generate very strong password (ask google)
  • Select event: Releases

Generate github token

Go to https://github.com/settings/tokens. Need access to repo.

Shell script for update app

copy redeploy-app.sh from Repo to ~/ on VPS

insert github token (see prev. paragraph)

Raw
hooks.json
[
{
"id": "<HOOK-ID from URL after /hooks/, see README.md>",
"execute-command": "/home/<YOUR-USERNAME>/redeploy-app.sh",
"command-working-directory": "/home/<YOUR-USERNAME>/<WORKDIR>",
"trigger-rule": {
"and": [
{
"match": {
"type": "payload-hmac-sha1",
"secret": "<INSERT-SECRET-FROM-YOUR-REPO-SETTINGS-HOOKS, see README.md>",
"parameter": {
"source": "header",
"name": "X-Hub-Signature"
}
}
},
{
"match": {
"type": "value",
"value": "released",
"parameter": {
"source": "payload",
"name": "action"
}
}
}
]
},
"pass-arguments-to-command": [
{
"source": "payload",
"name": "release.assets.0.url"
}
]
}
]
Raw
redeploy-app.sh
#!/bin/bash
# GITHUB-TOKEN: Go to https://github.com/settings/tokens. Need access to repo. see README.md
curl -H "Authorization: token <INSERT-GITHUB-TOKEN see README.md>" \
-H "Accept: application/octet-stream" \
-sL -o app \
$@ && echo done! || (echo failed to download your-app && exit 1)
chmod +x app
# next command, eg systemctl restart your-app
Raw
webhook
# /etc/sysconfig/webhook
#
# https://github.com/adnanh/webhook/blob/master/docs/Webhook-Parameters.md
OPTS=-nopanic
Raw
webhook.service
# /usr/lib/systemd/system/webhook.service
[Unit]
Description=Webhook is a lightweight incoming webhook server
Documentation=https://github.com/adnanh/webhook
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
[Service]
Type=simple
EnvironmentFile=/etc/sysconfig/webhook
ExecStart=/usr/bin/webhook -hooks=/etc/webhook/hooks.json $OPTS
ExecReload=/bin/kill -s HUP webhookpid
TimeoutSec=0
RestartSec=2
Restart=always
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment