Table of Contents
Configuration on server
if [approot]/public_html/ copy inc_config.php.dist to inc_config.php.dist. set a secret behind key apikey.
It means: this is a shared secret between this server and all your application servers.
It is not realized yet to use a secret per application.
$approot=dirname(__DIR__);
return array(
// define a secret aka api key
'apikey'=>'our-package-server-secret',
// packages to deliver where files from ci server are synched
'packagedir'=>$approot.'/packages',
// max age of request ... client and server need to be in sync
'maxage'=>60,
// force that a hash can be used only once
// a side effect is that fast repeat or simultanius requests
// will be denied.
'onetimesecret'=>true,
// filesize of lock file with stored hashed before starting garbage collection
// 10.000 byte are reached after 114 req
'maxlockfilesize'=>10000,
// tmp dir to store used hashes
'tmpdir'=>$approot.'/tmp',
// allow directory listing when accessing a path of a package
// true is required to fetch all packages
'showdircontent'=>true,
);
Prepare receive of packages
- Create an deployment account package server that can be used to be connected via SSH by the ci server
- add the public key of www-data of the ci server into /home/deployment/.ssh/authorized keys
- Set permissions that the deployment user can write into
/var/www/cipkg.example.com/packages/
and the user of the webeservice can read it
chown deployment:apache /var/www/cipkg.example.com/packages/andchmod 750 /var/www/cipkg.example.com/packages/
Ci server: add a sync target
TODO
In the config of CI web server add a sync target. Use
- the deployment user as ssh
- the fqdn as hostname
- the defined packagedir in your inc_config.php as target directory