Auto pull script
<?php echo exec('whoami'); $output=shell_exec('/home/bitnami/stack/git/bin/git pull 2>&1'); echo "<pre>$output</pre>";
This script will tell us who the apache user is (e.g. daemon, www-data or www) and if it has permission to execute shell commands.
Next step is to make sure you’re apache user has read and write access to the entire repository.
sudo chown -R ssh_user:daemon repository/ sudo chmod -R g+wrx repository/
The apache user needs to have a key to talk to the server.
sudo -u daemon ssh-keygen -t rsa
ssh-keygen will tell us where it’s creating the keys.
Make sure your apache user is the owner of the .ssh directory that the keys are being created in.
Copy public key to your project host
Allow the project host to access the server.
(e.g. repository settings > deployment keys)
Test apache user in the shell.
This step is super important.
sudo -u daemon git pull
Then test your apache user in the browser.
Go to your project host and setup your webhook to point to your php auto pull script.
Change the shell_exec to:
<?php $output=shell_exec('/home/bitnami/stack/git/bin/git pull'); echo "<pre>$output</pre>";
Setup the htaccess restriction in your repo to only allow your project host to access your php auto pull script. Those IPs are bitbuckets.
<FilesMatch "autopull.php$"> Order deny,allow Deny from all Allow from 220.127.116.11/28 18.104.22.168/28 </FilesMatch>