Deploying To DigitalOcean From Travis

August 25, 2019

If you're here, I probably don't need to espouse the benefits of using Travis.

Strategy

To deploy to DigitalOcean, we'll use some bash scripts that are executed after the travis build.

Here's what will happen when you commit changes to your github repo.

  • Travis will start the build
  • Travis will decrypt private SSH keys to access our droplet
  • Travis will move the ssh keys to ~/.ssh/id_rsa on the virtual machine
  • Travis will install dependencies and create a .tgz file (TAR archive) that contains our project build
  • Travis will execute a bash script that uploads the package.tgz with our build via scp
  • Travis will ssh into our droplet, install dependencies, and start the server

Info You'll Need

  • Your domain name
  • Your droplet ip address (<code>ping your_domain.com</code>)

To Start

cd my-project 
touch .travis.yml # if you don't already have one

Here's a sample .travis.yml:

language: nodeCreate public and private SSH keysjs
nodejs:
- 6.9.1
notifications:
  email:
    onfailure: change
    onsuccess: change
addons:
  sshknownhosts:
  - 123.45.56.78 # your droplet IP goes here
branches:
  only:
  - master
env:
  global:
  - REMOTEAPPDIR=/var/www/MYDOMAIN.COM/
  - REMOTEUSER=deploy
  - REMOTEHOST=123.45.56.78 # your droplet IP goes here
  - PORT=8080
beforeinstall:
- npm install -g npm@^2
install:
- npm install --only=dev
beforescript:
- chmod 600 deploy && mv deploy ~/.ssh/idrsa
script:
- npm run build
after_success:
- "./scripts/deploy.sh"

On your local machine, open terminal and create keys.

ssh-keygen -f ~/.ssh/deploy
ssh-add -K ~/.ssh/deploy # add your SSH private key and store password in keychain

Creating A New Ubuntu Server

Resource: new ubuntu user.

ssh user@123.45.56.78
su - root # switch to root 
adduser deploy # add a new user
usermod -aG sudo deploy
su - deploy ## switch to newly created user 'deploy'
cat ~/.ssh/deploy.pub | ssh user@123.45.56.78 "mkdir -p ~/.ssh && cat >>  ~/.ssh/authorized_keys"

Copy local private key to project folder

Locally, we'll do the following.

cd my-project
cp ~/.ssh/deploy > ./deploy ## copy private keys to project directory
travis encrypt-file deploy --add
echo 'deploy' >> .gitignore ## make sure your private key is .gitignored!
rm deploy ## even better

Notes

  • This assumes you've installed the travis-ci gem
  • This assumes you've enabled the project (<code>travis enable</code>)
  • This assumes you've created a .travis.yml config file (otherwise --add won't work).

Deployment scripts

mkdir scripts

scripts/deploy.sh

#!/usr/bin/env sh
set -x
tar -czf package.tgz build && \
scp package.tgz $REMOTE_USER@$REMOTE_HOST:$REMOTE_APP_DIR && \
ssh $REMOTE_USER@$REMOTE_HOST 'bash -s' < ./scripts/untar.sh

scripts/untar.sh

#!/usr/bin/env sh
set -x
export NODE_ENV=production
export NVM_BIN=$HOME/.nvm/versions/node/v6.9.0/bin
cd /var/www/YOUR-DOMAIN.com && \
tar zxvf package.tgz -C . && \
mv build/package.json . && \
npm install && \
npm run start