Composite GitHub Action for deploying a project to AWS Lightsail via SSH/rsync. Optimized for small PHP/WordPress apps, but generic enough for static and Node stacks.
Author: James Bregenzer — Full‑Stack Developer · https://jamesbregenzer.com
License: MIT
-
Add repo secrets (Settings → Secrets and variables → Actions → New repository secret):
AWS_HOST— Lightsail public IP or hostnameAWS_USER— SSH user (e.g.,ubuntu)AWS_KEY— private key contents (PEM)DEPLOY_PATH— absolute path on server (e.g.,/var/www/html/app)
-
Use the example workflow from
.github/workflows/deploy.yml(below). Start withdry-run: true. -
Push to main or run via workflow_dispatch to deploy.
name: Deploy to Lightsail
on:
workflow_dispatch:
inputs:
dry-run:
description: "Simulate without uploading"
type: boolean
default: true
push:
branches: ["main"]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup SSH key
run: |
echo "${{ secrets.AWS_KEY }}" > key.pem
chmod 600 key.pem
- name: Deploy via rsync
uses: ./.github/actions/lightsail-deployer
with:
host: ${{ secrets.AWS_HOST }}
user: ${{ secrets.AWS_USER }}
key: key.pem
path: ${{ secrets.DEPLOY_PATH }}
source: ./
dry-run: ${{ github.event.inputs.dry-run || 'false' }}
exclude: |
.git
.github
node_modules
vendor
*.log| Name | Required | Default | Description |
|---|---|---|---|
host |
yes | — | Server host/IP |
user |
yes | — | SSH username |
key |
yes | — | Path to private key file on runner |
path |
yes | — | Remote destination path |
source |
no | ./ |
Local source path |
dry-run |
no | false |
Pass --dry-run to rsync |
exclude |
no | — | Newline-delimited exclude globs |
- Uses
rsync -az --deletewith SSH. Adjust flags for your stack. - For zero downtime deploys: sync to a releases/ dir and atomically switch a
currentsymlink. - Consider
composer install --no-dev --optimize-autoloadereither on CI or as a remote post‑deploy.
See ROADMAP.