Checking out code from your SVN repository to your client's server
At Code Positive, it is a standard practice to login to client's server via ssh and check out the code from Code+ server if their site is not hosted by Code+. Instead of uploading hundreds of damn files, it is a smart and efficient way of copying all the latest files to client's server.
Since I now have my own server and clients, I've been trying to set up this process myself. Here's my note (largely for myself) on how to do it.
Prerequisite:
- You have your own *nix server / ability to add new users
- You have access to your server via ssh
- Your client has a *nix server and is accessible via ssh
- Your client's web server has svn client installed
I. Preparations on your server
I-1. Create a user account for checking out code from remote. We'll call this 'svn-1' here.
sudo adduser svn-1
I-2. Authentication (Create an RSA key for svn-1, add the pubkey to authorized_keys)
su svn-1
cd ~/
mkdir ~/.ssh
ssh-keygen -t rsa
(you can of course create this in your client's server and send the pubkey to your server - that's much easier. But not all the servers let you do that.)
I-3. Allow the new user's access via ssh (edit sshd_config)
Open ssh's config file and add svn-1 as an allowed user.
sudo vi /etc/ssh/sshd_config
AllowUsers svn-1
Then don't forget to reload ssh so the change will take effect.
/etc/init.d/ssh reload&
At this stage, you should make sure this user can login to your server via ssh. If not, obviously nothing described below will work so you first have to figure out what the problem is.
I-4. Change the ownership of the repository
Assuming you have an SVN repository already setup for this client, change the owner of the repository to svn-1
cd [path to your svn repository]
sudo chown -R svn-1 [directory name of project repository]
This way the user only has access to the project repository and not other repositories.
II. Preparations on client's server
II-1. Add / configure a user account
If the site is hosted on a shared server, you probably have to manage everything with a single user. In that case, use that user to check out from the svn repository.
To allow a user to check out via ssh, adding a config file will make things easier:
First, create .ssh directory and add a file 'config' in it.
mkdir ~/.ssh vi ~/.ssh/config
then add the following lines to this file:
Host [your server's address]
User svn-1
IdentityFile /home/[username]/.ssh/id_rsa
make sure this file is owned by the user (not svn-1) and permission is set to 600. It will fail with an error message saying permission is bad or something.
If your server's ssh allows connection only with a certain port other than 22, add 'Port [port number] to the file above.
II-2. Copy a secret key (id_rsa) from your server to client's server
Using SFTP or SCP, download the secret key you created in I-2. Then upload it to the client's server's /home/[username]/.ssh
III Check out the files
Now it should be good to go. In your client's server, move to [drupal installation]/sites/default/modules and enter the following command
svn co svn+ssh://[your server's address]/[path to the repository where modules are stored] .
Make sure you add the trailing period.
IV Update the files
Well, needless to say, enter:
svn update