Mayank Tripathi

Complete Guide to Setting Up CI/CD and Server SSH for Deployment

Introduction
Continuous Integration and Continuous Deployment (CI/CD) automates the process of building, testing, and deploying applications, reducing manual errors and improving efficiency. In this guide, we’ll outline the step-by-step process for setting up CI/CD and configuring SSH for seamless deployment to a standalone server.

Part 1: Configuring CI/CD for Your Repository

Step 1: Setup a GitHub Repository

  1. Create or use an existing private repository on GitHub.
  2. Ensure all code changes are committed and pushed to the main branch.

Step 2: Add SSH Key for Secure Access

  1. Generate an SSH key pair on your local machine:
   ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  • Save the key to a secure location (e.g., ~/.ssh/id_rsa).
  • Leave the passphrase blank for automated processes.
  1. Copy the public key to your GitHub repository:
   cat ~/.ssh/id_rsa.pub
  • Navigate to your repository > Settings > Deploy Keys.
  • Add the public key and enable write access.
  1. Add the private key to the SSH agent:
   eval $(ssh-agent -s)
   ssh-add ~/.ssh/id_rsa

Step 3: Create a GitHub Actions Workflow

  1. Navigate to your repository > Actions.
  2. Create a new workflow file in .github/workflows/deploy.yml.
  3. Add the following YAML configuration:
  name: Deploy to Server on Push

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Code
        uses: actions/checkout@v3
        with:
          token: ${{ secrets.TOKEN }}

      - name: Set up SSH
        uses: webfactory/ssh-agent@v0.5.3
        with:
          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}

      - name: Deploy to Standalone Server
        run: |
          ssh -o StrictHostKeyChecking=no themangaka-admin@77.90.14.137 << 'EOF'
            # Load NVM (if you're using it)
            export NVM_DIR="$HOME/.nvm"
            [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
            
            # Or source the profile to get the correct PATH
            source ~/.profile
            source ~/.bashrc
            
            cd htdocs/admin.themangaka.com/mangaka-cms/ || exit
            git pull git@github.com:Evy04/mangaka-cms.git || exit
            
            # Use absolute paths if needed
            /home/themangaka-admin/.nvm/versions/node/v22.12.0/bin/npm install
            /home/themangaka-admin/.nvm/versions/node/v22.12.0/bin/npm run build
            /home/themangaka-admin/.nvm/versions/node/v22.12.0/bin/pm2 restart mangaka-admin
          EOF
  1. Save and commit the file to the repository.

Step 4: Add Secrets to GitHub Repository

  1. Navigate to Settings > Secrets and variables > Actions > New Repository Secret.
  2. Add the private key as a secret:
  • Name: SSH_PRIVATE_KEY
  • Value: Copy the contents of your private key (~/.ssh/id_rsa).
  • Name: Token
  • Value: Your classic github token for account

Part 2: Configuring the Server

Step 1: Install Dependencies

  1. Update the server:
   sudo apt update && sudo apt upgrade -y
  1. Install Node.js and npm:
   curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
   sudo apt install -y nodejs
  1. Install pm2 for process management:
   sudo npm install -g pm2

Step 2: Configure SSH Access

  1. Add your public SSH key to the server:
   nano ~/.ssh/authorized_keys
  • Paste the public key from your local machine.
  • Save and exit.
  1. Test the connection:
   ssh user@your-server-ip

Step 3: Set Up the Project on the Server

  1. Clone the repository:
   git clone git@github.com:your-username/your-repo.git /path/to/project
  1. Install project dependencies:
   cd /path/to/project
   npm install
  1. Start the application using pm2:
   pm2 start app.js --name "your-app-name"
  1. Save the PM2 process list:
   pm2 save
  1. Enable PM2 to restart on server reboot:
   pm2 startup

Part 3: Troubleshooting Common Issues

Error: Command Not Found for npm or pm2

  • Ensure the correct environment is loaded by adding nvm setup in your .bashrc or script:
  export NVM_DIR="$HOME/.nvm"
  [ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"

Error: Could Not Resolve Hostname

  • Verify the server IP address and DNS resolution.
  • Check the network connectivity using:
  ping your-server-ip

Error: Could Not Read Username

  • Ensure the SSH key is added to your GitHub repository and your server’s SSH configuration.

Error: Permissions are too open.

Permissions 0777 for '/Users/username/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.

Solution:

chmod 600 ~/.ssh/id_rsa

Ref: https://stackoverflow.com/questions/9270734/ssh-permissions-are-too-open

Conclusion

With this setup, every push to the main branch triggers an automated workflow that builds and deploys the application to your server. Proper configuration of SSH keys and environment variables ensures a secure and seamless process. This automation reduces manual intervention and helps maintain a robust development pipeline.


By ~Leaveitblank (Mayank Tripathi)