Git Strategy

The Git strategy clones your repository directly on the server via SSH and installs dependencies there.

How It Works

1. Build assets — GitHub Actions builds Node/CSS/JS assets locally (Netsons doesn’t have Node)
2. Clone — The repo is cloned on the server via SSH (git clone --depth 1)
3. Install — Composer dependencies are installed on the server using the Netsons PHP binary
4. Upload assets — Built CSS/JS assets are uploaded from the runner via SCP
5. First deploy — If first deploy, generates APP_KEY and runs configured seeders
6. Post-deploy — Symlinks set up, .env values updated, migrations run, caches rebuilt
7. Switch — Atomic symlink update
8. Cleanup — Old releases pruned, SSH agent cleaned up

Tip

Unlike the FTP strategy, the git strategy does not run PHP setup or Composer on the GitHub Actions runner — those only run on the Netsons server. The runner’s only build responsibility is Node assets, which are uploaded via SCP after the server-side clone.

When to Use

• Requires SSD 30+ plan (git must be available on server)
• Faster deployments (shallow clone instead of full FTP upload)
• Composer runs on server — ensure the server has enough resources

Server Requirements

• Git — available on SSD 30+ plans
• Composer — typically at /usr/local/bin/composer (configurable via REMOTE_COMPOSER)
• PHP CLI — use the full path (e.g., /usr/local/bin/ea-php84)
• SSH access — with key authentication

Public Repositories

For public repos, set GIT_REPO to the HTTPS URL:

https://github.com/user/repo.git

No additional configuration is needed.

Private Repositories

Netsons shared hosting blocks outbound SSH (port 22), so the git strategy uses HTTPS with token authentication for cloning.

Using GITHUB_TOKEN (recommended for same-repo deploys)

Edit your .github/workflows/deploy.yml and change the GIT_TOKEN line in the “Deploy via Git” step:

GIT_TOKEN: ${{ github.token }}

github.token is automatically provided by GitHub Actions with read access to the repository. No secrets to create or rotate.

Using a Personal Access Token (cross-repo or fine-grained control)

1. Create a fine-grained PAT at github.com > Settings > Developer settings > Personal access tokens > Fine-grained tokens
2. Grant read-only access to the repository contents
3. Add it as a secret named GIT_TOKEN in your repo (Settings > Secrets)
4. The workflow already references ${{ secrets.GIT_TOKEN }}

See GitHub Secrets for details.

Composer on Netsons

Composer must be invoked with the correct PHP binary:

/usr/local/bin/ea-php84 /usr/local/bin/composer install --no-dev

The action handles this automatically using the remote-php and remote-composer inputs. The default Composer path is /usr/local/bin/composer. If your server has Composer at a different location, set the composer_binary config option or the REMOTE_COMPOSER workflow env var.

The git deploy step also creates bootstrap/cache before running composer install, since this directory is gitignored but required by Composer’s post-autoload-dump scripts.

Configuration

Set the strategy in config/netsons-deploy.php:

'strategy' => env('NETSONS_DEPLOY_STRATEGY', 'git'),

'git' => [
    'repo' => env('NETSONS_GIT_REPO'),
    'branch' => env('NETSONS_GIT_BRANCH', 'main'),
],

Server Directory Structure

Same layout as FTP — see FTP Strategy.