Using GitLab CI to deploy to remote host over ssh

Create deployment user on your deploy server:
adduser deployusr


Adding user `deployusr' ...
Adding new group `deployusr' (1000) ...
Adding new user `deployusr' (1000) with group `deployusr' ...
Creating home directory `/home/deployusr' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for deployusr
Enter the new value, or press ENTER for the default
        Full Name []:
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [Y/n] Y
Install MC:
apt-get install mc
Next, login by that user:
su deployusr
Generate ssh key pair. Do not add a passphrase to the SSH key, or the before_script will prompt for it:
ssh-keygen



Generating public/private rsa key pair.
Enter file in which to save the key (/home/deployusr/.ssh/id_rsa):
Created directory '/home/deployusr/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/deployusr/.ssh/id_rsa.
Your public key has been saved in /home/deployusr/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:XbPwgpBEB889UhCMJhmm7NSoJ9o9lKvsFyV8EdG4lE8 [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|    o+*X+o.      |
| . =o.B=Eo       |
|  =..+o=+ + o    |
| +  o.+..+ = o   |
|o o o+  S o o    |
|.+ o..     .     |
|. . +.           |
| . ...           |
| .+.             |
+----[SHA256]-----+
Next, run
ssh-copy-id [email protected]
 
Optional step: If cygwin is installed on your local machine, you can test connection with ssh key just created.
For this, copy ssh files from server to your local machine. I used to copying files with WinSCP. So, I copied files
Id_rsa.pub
Id_rsa
from servers /home/deployusr/.ssh to local machine to the directory c:\cygwin64\home\artkh\.ssh\ .
Open cygwin console, change permission of the copied file:
chmod 400 /home/artkh/.ssh/id_rsa
And try to connect to the server:
ssh [email protected]
This should open connection to your server console.
Then, create a new Secret Variable in your project settings on GitLab following Settings > Pipelines and look for the "Secret Variables" section. As Key add the name SSH_PRIVATE_KEY and in the Value field paste the content of your private key (/home/deployusr/.ssh/id_rsa) that you created earlier.
Add .gitlab-ci.yml file to the root directory of your GitLab project:
image: maven:latest

cache:
  # untracked: true
  key: QQQ3
  paths:
    - repo2/
    
stages:
  - build
  - deploy
    
before_script:

  - apt-get update -y && apt-get upgrade -y
  - apt-get install rsync -y
  
  # Install ssh-agent if not already installed, it is required by Docker.
  # (change apt-get to yum if you use a CentOS-based image)
  - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'

  # Run ssh-agent (inside the build environment)
  - eval $(ssh-agent -s)

  # Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
  - ssh-add <(echo "$SSH_PRIVATE_KEY")

  # For Docker builds disable host key checking. Be aware that by adding that
  # you are suspectible to man-in-the-middle attacks.
  # WARNING: Use this only with the Docker executor, if you use it with shell
  # you will overwrite your user's SSH config.
  - mkdir -p ~/.ssh
  - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
  # In order to properly check the server's host key, assuming you created the
  # SSH_SERVER_HOSTKEYS variable previously, uncomment the following two lines
  # instead.
  # - mkdir -p ~/.ssh
  # - '[[ -f /.dockerenv ]] && echo "$SSH_SERVER_HOSTKEYS" > ~/.ssh/known_hosts'
    
maven-build:  
  stage: build
  
  tags:
#    - gitlab-org-high-cpu
#    - 2gb
    - docker
  
  
  script:    
   - ls -a
   - ls -a ~/
   - ls -a /root/
   - chmod +x apache-maven-3.5.0/bin/mvn
   - chmod +x start.sh
   - chmod +x mySite.service.sh
   - apache-maven-3.5.0/bin/mvn package -B

   - rm -rf .git

  artifacts:
    paths:    
    - .
      
#deployment-stage:
#  stage: deploy
#  script:
#  - echo qqqqq 
#  - ls
#  - pwd