Securely Deploying Static Sites using Rsync

Published on 2022-03-09 by Andrei

I have always deployed my static websites by using scp to copy the website over to my user's home directory and then ssh-ing into the server to login into the root user and copy the directory into a place where it's served by the web server (usually /var/www or /usr/local/www). However this approach is tedious.

Instead, I have switched to using rsync to copy the folder directly into the location that is needed. On my FreeBSD server, I started by downloading and enabling rsync.

# pkg install rsync
# service rsyncd enable
# service rsyncd start

Then, I added the following line into my /etc/sudoers file. If you are replicating this, replace my name with the name of your user.

andrei ALL= NOPASSWD:/usr/bin/rsync

Now, deploying the website is as simple as running the following command (on OpenBSD)

$ openrsync -a _site/ andrei@andrei.website:/usr/local/www/personal-website --rsync-path="sudo rsync"

You can add this into a script or do whatever you want with it. Obviously, replace "_site" with the folder your site is located in, "andrei" with the name of your user and "andrei.website" with the ip or hostname of your server.

This approach is not perfect but it's a whole lot more secure than allowing ssh login for your root user. Hope you found this useful!