Rocket - Start building, Now!
Mini toolsBaseMax / github-actions-ssh-git-pull
A plug-and-play GitHub Actions template for automated CI/CD deployments over SSH. On every push to your repository, it connects to your remote server, performs a git pull, and optionally restarts your service (via systemctl, pm2, etc.). Perfect for personal projects, VPS-hosted apps, or lightweight Docker updates - no extra tools required.
README
GitHub Actions SSH Git Update Template
This repository provides a GitHub Actions CI/CD template to automatically update code from Git and restart a Linux service or PM2-managed app on a remote server using SSH.
๐ Ideal for deploying updates to remote Git projects directly from your GitHub repository.
โจ Features
- โ
Automatic deployment on push to
main(or any branch) - ๐ Secure connection via SSH (using GitHub secrets)
- ๐ Pulls the latest code from Git
- ๐ Restarts a Linux service or PM2 process
- ๐ง Easy to fork and adapt for any project
๐ Project Structure
.github/
โโโ workflows/
โโโ deploy.yml # CI/CD workflowโ๏ธ Prerequisites
- Remote server with:
- Git installed
- PM2 (for Node.js apps) or a systemd-managed service
- SSH access configured
- GitHub repository with:
- This template copied or forked
- Required secrets added (see below)
๐ Required GitHub Secrets
Go to your repo โ Settings โ Secrets and variables โ Actions โ New repository secret and add:
| Secret Name | Description |
|---|---|
SSH_HOST |
IP or domain of your remote server |
SSH_USERNAME |
SSH user with access to the project directory |
SSH_KEY |
Private SSH key (no passphrase) |
SSH_PASSWORD |
SSH password with access to the project directory |
PROJECT_DIRECTORY |
Absolute path of the Git project on the server |
RESTART_COMMAND |
Command to restart the service or PM2 app |
๐ฆ GitHub Actions Workflow - SSH by Key (.github/workflows/deploy-git-ssh-key.yml)
name: Deploy via SSH by Key
on:
push:
branches:
- main
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Set up SSH
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.SSH_KEY }}
- name: Connect and Deploy
run: |
ssh -o StrictHostKeyChecking=no ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_HOST }} << 'EOF'
cd ${{ secrets.PROJECT_DIRECTORY }}
git fetch origin main
git reset --hard origin/main
git clean -fd
if [ -n "${{ secrets.RESTART_COMMAND }}" ]; then
eval "${{ secrets.RESTART_COMMAND }}"
fi
EOF๐ฆ GitHub Actions Workflow - SSH by Password (.github/workflows/git-ssh-password.yml)
name: Deploy via SSH by Password
on:
push:
branches:
- main
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Install sshpass
run: sudo apt-get update && sudo apt-get install -y sshpass
- name: Deploy to Server via SSH
env:
SSHPASS: ${{ secrets.SSH_PASSWORD }}
run: |
sshpass -e ssh -p ${{ secrets.SSH_PORT }} -o StrictHostKeyChecking=no ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_HOST }} << EOF
cd ${{ secrets.PROJECT_DIRECTORY }}
git fetch origin main
git reset --hard origin/main
git clean -fd
if [ -n "${{ secrets.RESTART_COMMAND }}" ]; then
eval "${{ secrets.RESTART_COMMAND }}"
fi
EOF๐ Quick Start
- Fork this repo (or copy deploy.yml to your own)
- Add the required GitHub secrets
- Ensure SSH access from GitHub to your remote server
- Push to main branch - the deployment runs automatically!
๐ ๏ธ Customization
Change main to another branch in the on.push.branches section
Use different RESTART_COMMAND values such as:
pm2 restart app-namesudo systemctl restart my-servicenpm run build && pm2 reload ecosystem.config.js
๐งช Testing
You can manually trigger a run from GitHub:
Go to Actions โ Deploy via SSH โ Run workflow
๐งพ License
MIT License - feel free to use and adapt.
๐โโ๏ธ Author
Max Base (Ali)
๐ GitHub: @BaseMax
