Configuration on server

if [approot]/public_html/ copy inc_config.php.dist to inc_config.php.dist. set a secret behind key apikey.

It means: this is a shared secret between this server and all your application servers.

It is not realized yet to use a secret per application.

$approot=dirname(__DIR__);
return array(
    
    // define a secret aka api key
    'apikey'=>'our-package-server-secret',

    // packages to deliver where files from ci server are synched
    'packagedir'=>$approot.'/packages',
    
    // max age of request ... client and server need to be in sync
    'maxage'=>60,

    // force that a hash can be used only once
    // a side effect is that fast repeat or simultanius requests
    // will be denied.
    'onetimesecret'=>true,

    // filesize of lock file with stored hashed before starting garbage collection
    // 10.000 byte are reached after 114 req
    'maxlockfilesize'=>10000,
    
    // tmp dir to store used hashes
    'tmpdir'=>$approot.'/tmp',

    // allow directory listing when accessing a path of a package
    // true is required to fetch all packages
    'showdircontent'=>true,
);

Prepare receive of packages

  • Create an deployment account package server that can be used to be connected via SSH by the ci server
  • add the public key of www-data of the ci server into /home/deployment/.ssh/authorized keys
  • Set permissions that the deployment user can write into /var/www/cipkg.example.com/packages/ and the user of the webeservice can read it chown deployment:apache /var/www/cipkg.example.com/packages/ and chmod 750 /var/www/cipkg.example.com/packages/

Ci server: add a sync target

TODO

In the config of CI web server add a sync target. Use

  • the deployment user as ssh
  • the fqdn as hostname
  • the defined packagedir in your inc_config.php as target directory