Php – Can’t “git pull” with PHP on AWS EC2

amazon-web-servicesgitgithubPHP

I'm trying to setup this EC2 instance to listen for a webhook from Github and then run a git pull. The web runs this under the user 'apache'.

I was following: http://jondavidjohn.com/blog/2012/10/git-pull-from-a-php-script-not-so-simple

When I got the last part where you start running:

sudo -u www git pull

My server asks me for the password to "ec2-user". As far as I know you don't get that you just get a key and for the life of me I can't figure out how to run git pull.

From my apache error_log:

Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

To my knowledge I need to add an SSH key but I can't because I don't know the password to ec2-user to run that command for the user 'apache'.

Me trying anything and everything:

<?php
// POST http://example.com/pull.php
putenv("HOME=/var/www/worker");

echo shell_exec("
#!/bin/sh
cd /var/www/html/worker/ || exit
unset GIT_DIR
git pull 2>&1
");

Anyone else run into this?

UPDATE

When I run sudo bash I am then running stuff as

[root@ip-10-233-33-33]#

When I run cat /etc/passwd I can confirm the account that I need to work with is named apache.

When I run su apache I get:

This account is currently not available.

Best Answer

Did you follow the whole article. In particular:

An easier way I discovered was to give the apache user a home directory (via /etc/passwd) and a .ssh directory and then run the ssh-keygen command as the apache user (www)

$> sudo -u www ssh-keygen -t rsa This creates the keys and puts them in their expected location with the proper permissions applied.

Then I added the key as a read-only key for the BitBucket repository and everything worked as expected.

Related Topic