repl.deploy
is split into
- A GitHub app, which listens for code changes and sends events to your repl
- A daemon, which runs on your repl, listens for events, fetches changes from GitHub and restarts your application
Table of Contents
Usage
-
Authorize repl.deploy to get events from GitHub
-
Make sure you have a
main
branch on yourorigin
remote -
Add
replit-deploy.json
to your git repository with a singleendpoint
key, which is the address of your repl +/refresh
. E.g.
{
"endpoint": "https://my-amazing-application.my-username.repl.co/refresh"
}
-
Clone your git repository to your repl
-
Download
repl.deploy
to the root of your repl -- Open the shell, and run
curl -sL https://repl-deploy.vercel.app/ -o repl.deploy.tar.gz
tar xf repl.deploy.tar.gz
rm repl.deploy.tar.gz
WARNING: Proceeding will overwrite any local changes and reset from your GitHub repo. Commit AND push any local changes BEFORE running repl.deploy
-
For repls that do not use an HTTP server in their code (See example)
- Create/modify the
.replit
file in the root of your repl and changerun=
to run./repl.deploy --standalone <command to run your code here>
. E.g.
run="./repl.deploy --standalone node index.js"
- Create/modify the
-
For repls that use an HTTP server in their code (See example)
- Create/modify the
.replit
file in the root of your repl and changerun=
to run./repl.deploy <command to run your code here>
. E.g.
run="./repl.deploy node index.js"
- Set up the
/refresh
endpoint, and log a line in the following format tostdout
when a request is recieved:repl.deploy<insert json body here (don't include the angle brackets)><insert "Signature" header here (don't include the angle brackets)>
. E.g.
repl.deploy{"timestamp":1615896087141,"endpoint":"https://8c051d0fbc4b.ngrok.io/refresh"}ostjM6/jGmHbRWcHazxKWSPmvgvoIryI9XxLgNKgxPCKRW==
- Your application will recieve JSON via
stdin
. E.g.
{"status":"403","body":"Invalid Signature"}
simply respond with the given status and body (see example)
- Once you've responded, log (to
stdout
)
repl.deploy-success
- Create/modify the
-
Click
Run
once. Make sure your repl is set to always-on or has a pinging service set up (otherwise, the daemon will be stopped by repl once you close your browser tab) -
That's it! Repl.it should automatically pull changes from GitHub the next time you commit
How?
-
When you commit, GitHub sends an event to a hosted instance of the
repl.deploy
server -
A payload consisting of both the endpoint and the current time is prepared and signed with an RSA private key
-
The daemon running on the repl recieves the payload, and
- Verifies the signature
- Checks that the endpoint matches (this is to prevent someone from just forwarding a signed request to your repl and causing it to restart)
- Checks that the timestamp is less than 15 seconds old (this is to prevent someone from abusing a signature in the event that a signed request is leaked by you)
-
If the request is valid, the daemon
- runs
git fetch --all
and thengit reset --hard origin/main
- restarts your program
- runs
FAQ
-
Q: What does
run="./repl.deploy --standalone node index.js"
do?
A: It makes the ReplitRun
button run the daemon instead of executing the program directly, which then executes/re-executes the program ongit push
-
Q: Does repl.deploy need to be downloaded every time the program is run?
A: No, repl.deploy only needs to be downloaded once per repl -
Q: What's
https://repl-deploy.vercel.app/
?
A: A hosted version of getReleaseURL, which saves you the time of manually finding the latest release and linking it.