1

I have a file upload form and after the file uploads I want to push the files up to GitHub by running:

git add .
git commit -m "some message"
git push origin master

How do I go about this? I've seen examples of using exec() but that makes me nervous. 

shell_exec('cd /var/www/vhost/xxx.com/httpdocs/clients/portal/upoads/54 && /usr/bin/git add -A');
shell_exec('cd /var/www/vhost/xxx.com/httpdocs/clients/portal/upoads/54 && /usr/bin/git commit -m "something 1"');
shell_exec('cd /var/www/vhost/xxx.com/httpdocs/clients/portal/upoads/54 && /usr/bin/git push origin master');

Those commands don't error but don't work either. Do I need to grant access to the apache user to use the ssh key?

zanussi
  • 1,286
  • 2
  • 22
  • 29
poptartgun
  • 107
  • 1
  • 13
  • Have you looked at [PHP GitHub API](https://github.com/KnpLabs/php-github-api)? – infinigrove Feb 04 '17 at 02:59
  • CentOS - yes I looked at that library but I am using CodeIgniter 3 and not using composer, so I wasn't sure how to implement it. – poptartgun Feb 04 '17 at 03:08
  • I tried this too: https://github.com/kbjr/Git.php – poptartgun Feb 04 '17 at 03:09
  • I split it into two libraries and put them in /libraries inside codeigniter and loaded them successfully with $this->load->library() but when I told it my github repo path it either said it didn't exist or wasn't a git repo, but it is, I initialized it. – poptartgun Feb 04 '17 at 03:10
  • I got this library to run: https://github.com/kbjr/Git.php and I got the error "Message: Host key verification failed. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists." -- so it is a permission error, how do I give my web user access to the known hosts and key? – poptartgun Feb 04 '17 at 03:21
  • I can cd into that directory from the CLI and do a commit, as root, on my server. – poptartgun Feb 04 '17 at 03:22

3 Answers3

2

i guess is permission problems, you can use exec() , and get the error info by $output

exec($your_command.' 2>&1', $output, $return_var);
var_dump($output);
suibber
  • 267
  • 1
  • 6
  • I ran this: $your_command = 'cd /var/www/vhost/xxx.com/httpdocs/clients/portal/upoads/54 && /usr/bin/git status'; exec($your_command.' 2>&1', $output, $return_var); var_dump($output); – poptartgun Feb 04 '17 at 03:19
  • I got this: array(0) { } – poptartgun Feb 04 '17 at 03:19
  • just run your command,what you get:cd /var/www/vhost/xxx.com/httpdocs/clients/portal/upoads/54 && /usr/bin/git status – suibber Feb 04 '17 at 03:30
  • Nothing, just an empty page – poptartgun Feb 04 '17 at 03:43
  • If I run it at the command line it just says repo clean... I just need to add access for my web user to the ssh key but I have no idea how. I tried generating a new key inside it's home directory / .ssh and adding that to github but that didn't worth either. – poptartgun Feb 04 '17 at 03:47
  • i guess,you need change to web user like 'sudo su - apache' ,then generate a ssh key in ~/.ssh(not /.ssh) and add to github? – suibber Feb 04 '17 at 05:36
  • I did that, I created it as root, added it to github, I still get the error. – poptartgun Feb 04 '17 at 08:13
  • But I chowned it too sudo chown -R apache:apache ~apache/.ssh – poptartgun Feb 04 '17 at 08:18
  • root and apache ,has different home path ,you'd better to switch to apache to do that... – suibber Feb 06 '17 at 02:58
0

Do I need to grant access to the apache user to use the ssh key?

Yes.

This means you have to copy the key somewhere that the apache user can read it. SSH won't work unless the key file is readable by the user only (i.e. 0600 permissions on the key file).

Copy the key like:

mkdir -p --mode=0700 ~apache/.ssh    
cp /my/id_rsa ~apache/.ssh/id_rsa
chown -R apache:apache ~apache/.ssh/id_rsa
chmod 0600 ~apache/.ssh/id_rsa

Also, you don't need to cd every time you want to run the command. Use GIT_DIR:

putenv('GIT_DIR=/path/to/git/repo')
shell_exec('git commit ...')
Grisha Levit
  • 8,194
  • 2
  • 38
  • 53
  • I am still getting the error: "Message: Host key verification failed. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists." – poptartgun Feb 04 '17 at 05:46
  • Grisha, if I run exec('whoami') inside of my PHP script I get 'opcode' and when I cat /etc/passwd I see that opcode's home directory is /var/www/vhost/xxx.com so I created a .ssh directory in there and moved the files in and applied the permissions you suggested, I chowned it to opcode:psacln to match the script... no luck. – poptartgun Feb 04 '17 at 08:31
  • Any ideas? There has to be a way LOL. – poptartgun Feb 04 '17 at 08:32
  • You can debug by running `su -s /bin/bash opcode` to start a shell as the web server user. – Grisha Levit Feb 04 '17 at 08:36
0

I solved it. I ran all of this as root user.

Inside my PHP script I ran 

exec("whoami");

to get the user that is running that script. Then I ran 

cat /etc/passwd

to get the home directory for that user (/var/www/vhost/mydomain.com)

I noticed that on my web server (Centos 7) that all my web files were chown'd as opcode:psacln so I created a .ssh directory inside opcode's home folder:

mkdir -p --mode=0700 /var/www/vhost/mydomain.com/.ssh  
cd (back to root)  
cp .ssh/id_rsa /var/www/vhost/mydomain.com/.ssh/id_rsa
chown -R opcode:psacln /var/www/vhost/mydomain.com/.ssh/id_rsa
chmod 0600 /var/www/vhost/mydomain.com/.ssh/id_rsa

The thing I was missing was that I had to also move my known_hosts file over, since the script I was using wasn't adding to it. 

cp .ssh/known_hosts /var/www/vhost/mydomain.com/.ssh/known_hosts
chmod 0600 /var/www/vhost/mydomain.com/.ssh/known_hosts

Of course, I had to login to my server at the command line and do an initial commit to the repo in order to get it added to my known_hosts file, before I copied it over. Hope this helps someone.

poptartgun
  • 107
  • 1
  • 13