Ansible: Easy and Safe SSH deployments from GitHub

Ansible: Easy and Safe SSH deployments from GitHub

Ansible is a server orchestration tool that you can also use to perform workflows on remote machines in a predictable and repeatable way. In a previous post, “Automating Laravel deployment using Ansible”, I’ve lined out how you can deploy an application using your GitHub username and a user token using the Ansible Vault.

Ansible is a server orchestration tool that you can also use to perform workflows on remote machines in a predictable and repeatable way. In a previous post, “Automating Laravel deployment using Ansible”, I’ve lined out how you can deploy an application using your GitHub username and a user token using the Ansible Vault. However, you can also do this using SSH, making sure your server only has pull-access to your application repository. This extra layer of security is quite easy to accomplish, so in this post, we’re going to look at how to do this.

In this blog post, we’ll go over the following steps to use the same configuration as before, but with SSH instead of user tokens or passwords:

  1. Generating an SSH key on your server
  2. Submitting the Public SSH key to GitHub as a Deploy key
  3. Deploying your application using SSH

Prerequisites

You can use the configuration from the previous blog post to deploy your application, the only difference in this post is that you won’t need the Ansible Vault, so you can remove the “vars_files” key from the configurations mentioned in that post. Along with that, you’ll need to use the SSH address as the “github_repo_url” value: [email protected]:your-username/your-repository.git.

Generating an SSH key on your server

Generating an SSH key on your server is a quick process and involves a single command:

ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa

Let’s break this down:

  • “-t”: this is where we define the public key algorithm and set this to “RSA”
  • “-b”: we’re setting the key size to 4096 bits (don’t go any lower)
  • “-f”: We’re specifying which filename we’d like to use.

When you’re specifying a filename, make sure the file doesn’t already exist. This will result in the existing key being overwritten, which could break other SSH connections you might have. If the file already exists, choose a different name: ~/.ssh/your_repository_name, for example.

github developer ansible devops deployment

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Hire Dedicated DevOps Developers

Hire our Dedicated DevOps Developers who have in-depth skills and expertise to develop an interactive and secure web application. Get custom DevOps solutions for your project.

Hire DevOps Developer

Looking to hire top DevOps developers at affordable prices? **[Hire DevOps Developer](https://hourlydeveloper.io/hire-dedicated-devops-developer/ "Hire DevOps Developer")** from **[HourlyDeveloper.io](https://hourlydeveloper.io/...

A Simple Guide to Github Page Deployment

Long story short: Jekyll is a template engine changing markdown documents on static HTML webpages, that you can then host anywyere, because you don't need databases or server that has PHP or Python.

How long does it take to develop/build an app?

This article covers A-Z about the mobile and web app development process and answers your question on how long does it take to develop/build an app.

Developer Career Path: To Become a Team Lead or Stay a Developer?

For a developer, becoming a team leader can be a trap or open up opportunities for creating software. Two years ago, when I was a developer, ... by Oleg Sklyarov, Fullstack Developer at Skyeng company