Git Deploy Keys

Screenshot of git settings in SpinupWP

For SpinupWP to pull code to your server from your git repository at GitHub, GitLab, BitBucket, or another provider, it needs read access to the git repository.

When you enable git for a site in SpinupWP, a unique deploy key is generated for the site. You can then log in to GitHub, GitLab, BitBucket, or whatever provider your repository is with and add this deploy key to your repository, giving SpinupWP access to it. This needs to be repeated for each site and repository.

If you find it a nuisance to add a deploy key to your git provider for each site, you can toggle off the unique deploy key option to reveal the server’s deploy key:

You then only need to add the server’s deploy key to your git provider at the account level once and then all the sites on that server can access any repository in your GitHub/GitLab/BitBucket/etc account.

We recommend using unique deploy keys for each site for two reasons:

  • Better security – you only grant access to specific repositories.
  • Portability – if you move your site to another server, the server’s deploy key will be different and will need to be added to your git provider.

Each git provider is a little different so we’ve provided step-by-step instructions below to guide you through the process of adding a key at your provider:

GitHub

Adding a Site’s Deploy Key to GitHub

  • Go to your site repository in your GitHub account.
  • Click Settings.
  • Click Deploy keys in the left menu.
  • Click the Add deploy key button.
  • Enter “SpinupWP” as the Title for the deploy key.
  • Copy the Site’s Deploy Key from SpinupWP into the Key field.
  • Leave Allow write access unchecked.
  • Click the Add key button.

Adding a Server’s Deploy Key to GitHub

  • Go to GitHub and click on your avatar in the top right corner of the page.
  • Click Settings.
  • Click SSH & GPG keys in the left menu.
  • Click the New SSH key button.
  • Add a Title for the key that indicates this key is used by SpinupWP and which server.
  • Copy the Server’s Deploy Key from SpinupWP into the Key field.
  • Click the Add SSH key button.

GitLab

Adding a Site’s Deploy Key to GitLab

  • Go to your site repository in your GitLab account.
  • In the left menu, go to Settings > Repository.
  • In the Deploy keys section, click the Expand button.
  • Click the Add new key button.
  • Enter “SpinupWP” as the Title for the deploy key.
  • Copy the Site’s Deploy Key from SpinupWP into the Key field.
  • Leave the checkbox unchecked and the Expiration date empty.
  • Click the Add key button.

Adding a Server’s Deploy Key to GitLab

  • Go to GitLab and click on your avatar in the top right corner of the page.
  • Click Edit profile.
  • Click SSH Keys in the left menu.
  • Click the Add new key button.
  • Copy the Server’s Deploy Key from SpinupWP into the Key field.
  • Add a Title that indicates this SSH key is used by SpinupWP and which server.
  • Select Authentication from the Usage type select box.
  • Feel free to remove the expiration date or keep it, up to you.
  • Click the Add key button.

BitBucket

Adding a Site’s Deploy Key to BitBucket

  • Go to your site repository in your BitBucket account.
  • Click Repository settings in the left menu.
  • Click Access keys in the left menu.
  • Click the Add key button.
  • Enter “SpinupWP” as the Label for the key.
  • Copy the Site’s Deploy Key from SpinupWP into the Key field.
  • Click the Add SSH key button.

Adding a Server’s Deploy Key to BitBucket

  • Go to BitBucket and click on the gear icon next to your avatar in the top right corner of the page.
  • Click SSH keys in the left menu.
  • Click the Add key button.
  • Add a Label for the key that indicates this key is used by SpinupWP and which server.
  • Copy the Server’s Deploy Key from SpinupWP into the Key field.
  • Click the Add key button.

How Deploy Keys are Generated and Stored

A deploy key consists of two parts: a private key and a public key. The public key is displayed by SpinupWP for you to install on a repository in your GitHub/GitLab/BitBucket/etc account. The private key is never displayed by SpinupWP and is installed on your server behind the scenes. The private key is only ever stored on your server and is not stored by SpinupWP.

When you turn on git for a site in SpinupWP, a unique deploy key pair is generated by SpinupWP. The public key is displayed to you and you are asked to install it on a repository in your GitHub/GitLab/BitBucket/etc account. Once SpinupWP verifies the public key has been added to the repository at the git provider, it installs the private key on your server.

A server’s deploy key pair is generated on the server when the server is first created. The public key is stored in SpinupWP for display purposes and the private key is stored on your server.