Gitlab CI/CD - user and permissions best practices
Question
I am trying to find some guide or documentation that discusses best practices for setting up gitlab CI/CD to auto deploy a web server (nginx) / Centos or any Linux. Setting up the CI/CD as user root is easy, but i don't like the idea of having a root key in gitlab.
If i create a 'gitlab' user and assign it to the same group as NGINX, I am stuck because i can't CHOWN -R nginx to the folder and files once all the files deploy. So what are my options here? I suppose i could add the ssh key as user NGINX, but seems odd.
Are there any decent ways to do this?
1 answers
solution1
1 2020-09-02 07:03:02
Ideally, you would:
connect as nginx directly to make the installation
don't manage the private/public key through GitLab, but through a deployment tool like Ansible (see " How to use GitLab and Ansible to create infrastructure as code ")
That way, no chown to do, and the keys are managed in Ansible, which knows how to connect to the target machines.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.