DEV Community

Cover image for GitHub and EC2 manual deployment with Deploy keys
ABU SAID
ABU SAID

Posted on

GitHub and EC2 manual deployment with Deploy keys

For those looking to quickly deploy a project, whether it’s a prototype or a solo endeavor, manual deployment with GitHub and AWS EC2 is a reliable and efficient method. Here’s a comprehensive guide to setting up your deployment using deploy keys.

Setting Up Your EC2 Instance

Begin by launching an on-demand EC2 instance on AWS. Access this instance via SSH, and use Git to clone or pull your repository. This setup will be similar to your local development environment, except you’ll need to configure environment variables specific to your server.

To ensure your server is secure, configure nginx with SSL certificates. This adds a layer of security and professionalism to your deployment.

Using GitHub Deploy Keys

Deploy keys provide a secure, read-only connection between your EC2 instance and your GitHub repository. Here’s how to set them up:

Step 1: Generate SSH Keys

First, generate an SSH key pair on your EC2 instance:

ssh-keygen -t ed25519 -f ~/.ssh/my_project_deploy_key -C "your_email@example.com"
Enter fullscreen mode Exit fullscreen mode

Using ed25519 instead of the more common RSA provides better security. The -C flag is optional but useful if you plan to use the key for commit signing in addition to deployment.

Step 2: Add the Public Key to GitHub

In your GitHub repository, navigate to Settings > Deploy keys. Click Add Deploy Key, provide a descriptive title like "EC2 Deployment Key", and paste the contents of your public key file (~/.ssh/my_project_deploy_key.pub). For most deployment scenarios, you won’t need to enable write access.

Step 3: Configure SSH for Git

To allow your EC2 instance to access multiple repositories without using the default id_rsa key name, configure your SSH client:

vim ~/.ssh/config
Enter fullscreen mode Exit fullscreen mode

Add the following entries to the file:

Host github.com-my_project
  HostName github.com
  IdentityFile ~/.ssh/my_project_deploy_key
  User git

Host github.com-other_project
  HostName github.com
  IdentityFile ~/.ssh/other_deploy_key
  User git
Enter fullscreen mode Exit fullscreen mode

This configuration allows you to manage multiple repositories with different keys.

To clone your repository, use the configured host:

git clone git@github.com-my_project:your_github_org/your_repo.git
Enter fullscreen mode Exit fullscreen mode

You can then use git pull as needed to update your project.

Improving Your Deployment Process

While this manual setup is quick and effective, it does have some limitations, such as downtime during updates. To minimize downtime, consider using a process manager like pm2, which supports zero-downtime restarts.

As your project grows, SSH-based manual deployments might become cumbersome. Automating your deployment process can save time and reduce errors. You can use GitHub webhooks to trigger automatic deployments or configure your server as a Git remote to push updates directly. This approach can streamline your workflow and enhance efficiency.

Conclusion

Deploying with GitHub and EC2 using deploy keys is a straightforward and effective way to manage your projects, especially for quick prototypes and solo projects. This method allows you to leverage the power of AWS and GitHub without the overhead of more complex deployment strategies. Stay tuned for future posts where we’ll explore advanced deployment techniques and best practices.

Top comments (1)

Collapse
 
trason profile image
Boris • Edited

Thank you for this helpful article! I was only setting up one project, and I got a bit stumped on the step where you involve "other_project." I added this to the file and was able to successfully clone the git repo. However, when I try to 'git pull' later on I run into permissions error. Should "my_project" have any special meaning to the other names used elsewhere here? Here is the error I'm getting:

ssh: Could not resolve hostname github.com-my_project: Name or service not known
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.