GitHub Secrets & Variables
Configure these in your GitHub repository: Settings > Secrets and variables > Actions.
Secrets
Secrets are encrypted and not visible after creation.
Required (Both Strategies)
| Secret | Description | Example |
|---|---|---|
SSH_PRIVATE_KEY | Full SSH private key content | -----BEGIN OPENSSH PRIVATE KEY-----... |
SSH_KNOWN_HOSTS | Known hosts entry for the server | Output of ssh-keyscan -p 65100 host |
Optional
| Secret | Description |
|---|---|
SSH_KEY_PASSPHRASE | SSH key passphrase, if set |
FTP Strategy Only
| Secret | Description | Example |
|---|---|---|
FTP_HOST | FTP server hostname | your-server.netsons.com |
FTP_USER | FTP username | your-cpanel-user |
FTP_PASS | FTP password | your-cpanel-password |
FTP_PORT | FTP port | 21 |
Custom Env Variables
Any secret-backed env variables configured in netsons-deploy.json must also be added as secrets. For example:
| Secret | Description |
|---|---|
DB_DATABASE | Database name |
DB_USERNAME | Database username |
DB_PASSWORD | Database password |
Use php artisan netsons:env list to see all configured secrets.
Notifications (Optional)
| Secret | Description |
|---|---|
SLACK_WEBHOOK_DEBUG | Slack webhook URL for deploy notifications |
The secret name is configurable via netsons-deploy.json.
Variables
Variables are visible in plain text. Do not store sensitive data here.
Required (Both Strategies)
| Variable | Description | Example |
|---|---|---|
SSH_HOST | SSH hostname | your-server.netsons.com |
SSH_USER | SSH username | your-cpanel-user |
DEPLOY_PATH | Deploy path relative to home | public_html |
APP_ENV | Application environment | production |
APP_DEBUG | Debug mode | false |
APP_URL | Application URL | https://your-domain.com |
Optional
| Variable | Default | Description |
|---|---|---|
SSH_PORT | 65100 | SSH port |
Git Strategy Only
| Variable | Description | Example |
|---|---|---|
GIT_REPO | Repository URL (SSH format) | git@github.com:user/repo.git |
GIT_BRANCH | Branch to deploy | main |
Environment-Specific Configuration
Use GitHub Environments to have different values per environment:
- Go to Settings > Environments
- Create
stageandproductionenvironments - Add environment-specific variables/secrets to each
This allows the same workflow to deploy to different servers or paths depending on the selected environment.
Getting SSH Values
SSH_PRIVATE_KEY
cat ~/.ssh/id_ed25519Include everything from -----BEGIN to -----END.
SSH_KNOWN_HOSTS
ssh-keyscan -p 65100 your-server.netsons.comCopy the full output.