✅ Branch develop → Deploy to staging server
✅ Branch main → Deploy to production server
✅ Environment & Secrets are used to securely store credentials
GitHub Actions requires SSH access to the VPS for deployment.
On both the development and production VPS, run the following:
ssh-keygen -t ed25519 -C "github-actions" -f ~/.ssh/github_actions
cat ~/.ssh/github_actions.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keysCopy the private key (~/.ssh/github_actions) and add it to GitHub Secrets:
Add secrets in GitHub Repository → Settings → Secrets and Variables → Actions
For staging (develop):
STAGING_VPS_HOST→ IP of the staging VPSSTAGING_VPS_USER→ SSH user on the VPSSTAGING_SECRET_KEY→ Private SSH Key
For production (main):
PROD_VPS_HOST→ IP of the production VPSPROD_VPS_USER→ SSH user on the VPSPROD_SECRET_KEY→ Private SSH Key
name: Deploy to Server
on:
push:
branches:
- develop
- main
jobs:
deploy:
runs-on: ubuntu-latest
environment: ${{ github.ref == 'refs/heads/main' && 'main' || 'develop' }}
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup SSH Connection
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
ssh-keyscan -H ${{ secrets.VPS_HOST }} >> ~/.ssh/known_hosts
- name: Pull Latest Code on Server
run: |
ssh ${{ secrets.VPS_USER }}@${{ secrets.VPS_HOST }} << 'EOF'
cd /var/www/myapp
git pull origin $(basename ${{ github.ref }})
EOF- Push to
develop→ GitHub Actions will deploy to the staging server - Push to
main→ GitHub Actions will deploy to the production server