Stop Using FTP: Architecting a Git-Driven Deployment Pipeline
If I see one more developer drag-and-dropping a var/www folder using FileZilla on a Friday afternoon, I am going to revoke their sudo access permanently. In 2013, there is absolutely no excuse for manual file transfers. It is error-prone, it lacks audit trails, and it makes rollbacks a nightmare that involves guessing which version of config.php was the one that actually worked.
We are moving towards what I call "Git-Driven Operations." The concept is simple: if it isn't in Git, it doesn't exist. Your infrastructure, your application code, and your configuration should all originate from a commit hash. This isn't just about convenience; it's about survival. When your primary database locks up during the holiday rush, you need to know exactly what changed, by whom, and how to revert it in seconds, not hours.
The Architecture of a Push-to-Deploy Workflow
For a robust setup, we aren't just pushing code; we are triggering a state change. The target environmentâwhether it's a dev staging box or your production clusterâmust reflect the repository's master branch. Here is the stack that separates the professionals from the amateurs:
- Version Control: Git (obviously).
- CI Server: Jenkins (for running tests before deployment).
- Configuration Management: Puppet or Chef (to ensure the server libraries match the code requirements).
- Hosting Layer: KVM-based VPS (like CoolVDS) to avoid the resource contention typical of OpenVZ containers.
The "Poor Man's" Deploy: Server-Side Git Hooks
You don't always need a complex Jenkins cluster for simple sites. A bare Git repository with a post-receive hook is often enough to eliminate FTP forever. I've used this on countless high-traffic setups where latency to the repo is criticalâhosting this in Norway ensures your push times from Oslo offices are under 15ms.
Here is how you set up a bare repo on your CoolVDS instance to handle deployments:
# On your server
mkdir -p /srv/git/project.git
cd /srv/git/project.git
git init --bare
Now, the magic happens in the hooks. Create hooks/post-receive:
#!/bin/bash
TARGET="/var/www/html"
GIT_DIR="/srv/git/project.git"
BRANCH="master"
while read oldrev newrev ref
do
# Only deploy if master branch is pushed
if [[ $ref =~ .*/$BRANCH$ ]];
then
echo "Ref $ref received. Deploying ${BRANCH}..."
mkdir -p $TARGET
git --work-tree=$TARGET --git-dir=$GIT_DIR checkout -f $BRANCH
# Fix permissions (crucial for PHP/Nginx setups)
chown -R www-data:www-data $TARGET
# Restart workers if necessary
service php5-fpm reload
echo "Deployment complete."
else
echo "Ref $ref received. Doing nothing: only the ${BRANCH} branch may be deployed on this server."
fi
done
Make it executable with chmod +x hooks/post-receive. Now, deploying is just git push production master. No dragging files. No missed assets.
Scaling Up: Infrastructure as Code with Puppet
Scripts are fine for code, but what about the server itself? If you are tweaking /etc/my.cnf by hand, you are doing it wrong. We use Puppet to ensure that if a server dies, we can spin up a clone on CoolVDS in minutes. This is "Infrastructure as Code."
Define your web server state in a Puppet manifest. This ensures your PHP settings and Nginx configurations are identical across dev and prod.
# manifests/web.pp
package { 'nginx':
ensure => installed,
}
service { 'nginx':
ensure => running,
enable => true,
require => Package['nginx'],
}
file { '/etc/nginx/sites-available/default':
ensure => file,
content => template('nginx/vhost.erb'),
notify => Service['nginx'],
}
Store this in Git. When you need to change the keepalive_timeout, you edit the manifest, commit, and let Puppet apply the change. This provides an audit log that satisfies even the strictest auditors checking for compliance with the Norwegian Personopplysningsloven (Personal Data Act).
Why Underlying Hardware Matters (KVM vs. The Rest)
Automated workflows put a different kind of load on your servers. Running a git checkout of a massive Magento repository, followed by a Composer install and asset compilation, generates significant I/O spikes.
Pro Tip: Avoid OpenVZ or "Container" VPS hosting for CI/CD pipelines. These technologies share the kernel and often the disk I/O queue with noisy neighbors. If another user on the node is running a backup, your deployment script will hang.
This is why I strictly provision KVM instances on CoolVDS. KVM (Kernel-based Virtual Machine) provides hardware virtualization. You get your own kernel, your own dedicated RAM, and most importantly, better isolation for I/O operations. When you are compiling assets or running migration scripts, you need raw CPU power that isn't being stolen by the guy next door hosting a Minecraft server.
Performance Tuning for Deployments
To speed up these Git operations, you need to tune your file system mounting options to reduce metadata overhead. On your CoolVDS instance, check your /etc/fstab:
# /etc/fstab optimizations for SSD
/dev/vda1 / ext4 errors=remount-ro,noatime,barrier=0 0 1
Setting noatime prevents the system from writing to the disk every time a file is merely readâmassive savings during a deployment where thousands of files are checked.
The Data Sovereignty Angle
We operate in a post-Snowden world (almostâthe leaks are fresh). Privacy is paramount. Hosting your code and your CI/CD pipelines on US-controlled clouds introduces legal grey areas regarding data access. By keeping your Git repositories and production servers on Norwegian soil with CoolVDS, you reduce latency to the Norwegian Internet Exchange (NIX) and keep your data under Norwegian jurisdiction. This is a critical selling point when you are explaining your architecture to a CTO concerned about the Data Protection Directive.
Final Thoughts
Stop treating your servers like pets you nurse to health. Treat them like cattle. If a deployment fails, kill the instance and spawn a new one. This is only possible if you embrace Git-driven workflows and rely on robust, hardware-virtualized hosting. Manual FTP is a relic. Let it die.
Ready to build a pipeline that doesn't break? Spin up a KVM instance on CoolVDS today and push your first hook.