I always thought that instead of writing a long blogpost it would make much more sense to create a screencast. So here we go! This is my first work in this format, obviously there is room for improvement, but hopefully at least a few people will find this helpful.
Here is the screencast:
Here is my deployment script which I show you in the video:
#!/bin/bash
proxyUser=[ProxyUser]
proxyAddress=[ProxyServerAddress]
chmod 400 /opt/vsts/work/r1/a/[SSHFile1]
chmod 400 /opt/vsts/work/r1/a/[SSHFile2]
scp -i /opt/vsts/work/r1/a/[SSHFile1] -o StrictHostKeyChecking=no -o ProxyCommand="ssh -o StrictHostKeyChecking=no -i /opt/vsts/work/r1/a/[SSHFile2] -W %h:%p $proxyUser@$proxyAddress" $SYSTEM_ARTIFACTSDIRECTORY/[BuildDefinitaionName]/drop/BlogSite.zip [DeploymentUser]@[TargetMachine]~/
function runCommand {
ssh -i /opt/vsts/work/r1/a/[SSHFile1] -o ProxyCommand="ssh -i /opt/vsts/work/r1/a/[SSHFile2] -W %h:%p $proxyUser@$proxyAddress" [DeploymentUser]@[TargetMachine] $1
}
runCommand "unzip BlogSite.zip -d BlogSite"
runCommand "rm -r /var/www/kalaposnet/"
runCommand "cp -r BlogSite/. /var/www/kalaposnet"
runCommand "sudo /usr/bin/supervisorctl restart kalaposnet"
runCommand "rm BlogSite.zip"
runCommand "rm -r BlogSite"
And here is how you can encrypt a the SSH keys with Open SSL, so you can use them with the Decrypt task securely:
openssl des3 -in sshkeyfile -out sshkeyfile.enc
And if the background music (which in my opinion is very cool!) annoys you here is a version without it: