Automate Code Deployment with Coding and GitHub Webhooks on Ubuntu

Overview

This guide shows how to configure automatic code deployment on an Ubuntu 16.04 server (Alibaba Cloud) using Coding (coding.net) or GitHub webhooks. It covers creating a dedicated web user, generating SSH keys, writing a PHP webhook handler, configuring Nginx as a reverse proxy, setting up Git, and troubleshooting common problems.

1. Create a dedicated web user and SSH keys

Create a system user (e.g., www) that will run the web site and own the hook files.

sudo mkdir /var/www/.ssh
sudo chown -R www:www /var/www/.ssh

Generate a personal SSH key (used for general Git operations):

ssh-keygen -t rsa -C "[email protected]"
# Accept defaults (no passphrase)

Optionally generate a deployment key that will be used only by the www user for a specific project:

sudo -Hu www ssh-keygen -t rsa   # choose no passphrase

2. Write the webhook handler

Create a directory /home/www/web/hook/auto-test and place index.php inside it. The script validates the request token, logs the request, and runs git pull in the project directory.

<?php
error_reporting(1);
$web_path = '/home/www/web/hook/auto-test';
$valid_token = '1954FD0D6';
$client_ip = $_SERVER['REMOTE_ADDR'];
$log = fopen('./auto_hook.log', 'a');
fwrite($log, "Request on [".date('Y-m-d H:i:s')."] from [$client_ip]".PHP_EOL);
$payload = file_get_contents('php://input');
$data = json_decode($payload, true);
fwrite($log, 'Data: '.json_encode($data).PHP_EOL);
if (empty($data['token']) || $data['token'] !== $valid_token) {
    exit('aInvalid token request');
}
$cmd = "cd $web_path && git pull";
shell_exec($cmd);
?>

Directory layout:

├── hook
│   └── auto-test
│       └── index.php

3. Set execution permissions

chmod -R u+x /home/www/web/hook

4. Nginx proxy configuration

Add a server block that points the domain auto.tinywan.com to the hook directory.

server {
    server_name auto.tinywan.com;
    set $root_path /home/www/web/hook;
    root $root_path;
    location / {
        if (!-e $request_filename) {
            rewrite ^(.*)$ /index.php?s=/$1 last;
        }
    }
    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php7.1.9-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
        fastcgi_connect_timeout 10000;
        fastcgi_send_timeout 6000;
        fastcgi_read_timeout 6000;
    }
}

Configure an A record so that auto.tinywan.com resolves to the server’s public IP.

5. Verify webhook endpoint

Visit http://auto.tinywan.com/index.php. The response aInvalid token request confirms the script is reachable.

6. Git global configuration

git config --global user.name "Tinywan"
git config --global user.email "[email protected]"   # must match Coding account

7. Add the public key to Coding

Copy the content of /home/www/.ssh/id_rsa.pub and paste it into the Coding user‑settings SSH‑keys page (URL: https://coding.net/user/account/setting/keys).

8. Create a Coding webhook

In the project auto-test settings, add a new webhook with the URL http://auto.tinywan.com/index.php. Optionally set the token to 1954FD0D6 (must match the script).

9. Initial clone on the server

sudo -Hu www git clone https://git.coding.net/Tinywan/auto-test.git /home/www/web/hook/auto-test --depth=1

10. Local development workflow (Windows example)

Clone the repository locally.

Edit or add files (e.g., <?php echo "Hello Coding"; ?>).

Commit and push to the remote.

After the push, the server’s webhook script runs git pull and updates the files automatically.

11. Common troubleshooting points

Ensure the hook script is executable ( chmod -R u+x).

Verify the token in the request matches the token defined in the script.

When using GitHub, read the JSON payload via php://input and validate the secret token before pulling.

12. Token generation tip

Generate a token by taking the MD5 hash of any string, e.g., md5('https://www.tinywan.com/') → 1989BC88338CB4DABEF20BD7C54FD0D6.

13. Shared webhook for multiple projects

Deploy a single endpoint (e.g., http://webhook.tinywan.com/index.php) and configure each project to point to it. Example directory layout:

.
├── webhooks-test
│   └── index.php
└── hook
    └── auto_hook.log

14. GitHub webhook configuration

Add a webhook in the GitHub repository settings that triggers on push events and points to the same PHP script. Ensure the PHP exec (or shell_exec) function is enabled in php.ini. The script should validate the X‑HUB‑SIGNATURE (or a custom secret) before executing git pull.

15. Sample GitHub webhook response

Connection: keep-alive
Content-Length: 22
Content-Type: text/html; charset=UTF-8
Date: Sun, 22 Jul 2018 02:26:23 GMT
Server: Tinywan-server/1.0
...
Body: aInvalid token request

If the token does not match, the script returns aInvalid token request and the pull is aborted.