1 创建一个linux 账户用来,运行php (命令: useradd -m -c “php” www)
2 生成www账户,github免密登录的密匙对 (命令: sudo -Hu www ssh-keygen -t rsa -C “chengqian2100@139.com”, 一路’enter’键,不用管中途的提示)
3 配置github的公匙 (复制 /home/www/.ssh/id_rsa.pub里面的内容,将其粘贴到github的 ssh配置里面)
4 配置发布脚本(deploy.php)
<?php
//密钥
$secret = "af16b4d29e93c6cccd0e6ffbdebc0d0d";
//获取 GitHub 发送的内容
$json = file_get_contents('php://input');
$content = json_decode($json, true);
//github 发送过来的签名
$signature = $_SERVER['HTTP_X_HUB_SIGNATURE'];
if (!$signature) {
return http_response_code(404);
}
list($algo, $hash) = explode('=', $signature, 2);
//计算签名
$payloadHash = hash_hmac($algo, $json, $secret);
// 判断签名是否匹配
if ($hash === $payloadHash) {
echo "0. begin 开始发布".PHP_EOL;
echo $content['ref'].PHP_EOL;
echo $content['repository']['name'].PHP_EOL;
if ($content['ref']=='refs/heads/master') {
$path = './master';
$path .= '/'.$content['repository']['name'];
echo $path.PHP_EOL;
$res = system("cd {$path} && git pull", $status); //以www用户运行
echo "1. 代码开始完成 ".$status." ".PHP_EOL;
system("rsync -vztr --exclude-from=exclude.list {$path} /app/www/", $status2); // /app/www 为项目所在的目录
echo "2. 代码同步完成 ". $status2." ".PHP_EOL;
$path2 = '/app/www/'.$content['repository']['name'];
if (is_file($path2."https://cdn.laoqiange.club/composer.json")){
system("cd {$path2} && export PATH=/app/php73/bin/:/app/php73/sbin:/app/nginx/sbin:/app/Python3.7/bin:usr/local/bin:/usr/bin && /usr/local/bin/composer install", $status3);
echo "3. composer 执行完成".$status3." ".PHP_EOL;
}
$res_log = '-------------------------'.PHP_EOL;
$res_log .= $content['head_commit']['author']['name'] . ' 在' . date('Y-m-d H:i:s') . '向' . $content['repository']['name'] . '项目的' . $content['ref'] . '分支push了' . '个commit:' . PHP_EOL;
$res_log .= PHP_EOL;
file_put_contents("git-webhook.txt", $res_log, FILE_APPEND);//追加写入
}
echo "4. sucess 发布完成";
} else {
$res_log = 'Error:'.PHP_EOL;
$res_log .= $content['head_commit']['author']['name'] . ' 在' . date('Y-m-d H:i:s') . '向' . $content['repository']['name'] . '项目的' . $content['ref'] . '分支 push 了' . count($content['commits']) . '个 commit:' . PHP_EOL;
$res_log .= '密钥不正确不能 pull'.PHP_EOL;
$res_log .= '======================================================================='.PHP_EOL;
echo $res_log;
}
在同级目录下创建 exclude.list
vendor
storage
.env
.git
bootstrap/cache/
在同级目录下创建master 文件夹,并进入(cd)到目录里面,git clone 下项目。
5 配置github的webhook
6 搞定修改一点文件,测试下脚本。
常见问题: 需要更改php-fpm的执行的用户和用户组为www,(./php-fpm.d/www.conf, 下面有个配置行,user = www 和 group = www)
权限问题,将php的项目的组和用户,全部变成www ( chown -R www:www 项目目录)
根据错误码排除问题 (也可以把执行结果的返回打印出来)
rsync 错误码
0 Success
1 Syntax or usage error
2 Protocol incompatibility
3 Errors selecting input/output files, dirs
4 Requested action not supported: an attempt was made to manipulate 64-bit files on a platform that cannot support them; or an option was specified that is supported by the client and not by the server.
5 Error starting client-server protocol
6 Daemon unable to append to log-file
10 Error in socket I/O
11 Error in file I/O
12 Error in rsync protocol data stream
13 Errors with program diagnostics
14 Error in IPC code
20 Received SIGUSR1 or SIGINT
21 Some error returned by waitpid()
22 Error allocating core memory buffers
23 Partial transfer due to error
24 Partial transfer due to vanished source files
25 The --max-delete limit stopped deletions
30 Timeout in data send/receiveshell 一般的错误码
0 命令成功结束
1 一般性未知错误
2 不适合的shell 命令
123 命令不可执行
127 没找到命令
128 无效退出参数
128+x 与linux信号x相关的严重错误
130 通过ctrl+C终止的命令
255 正常范围之内的退出状态码