{"id":13352,"date":"2025-12-27T11:57:19","date_gmt":"2025-12-27T06:27:19","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=13352"},"modified":"2025-12-27T11:57:21","modified_gmt":"2025-12-27T06:27:21","slug":"how-to-setup-ci-cd-on-linux-server-in-2026-complete-guide","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-setup-ci-cd-on-linux-server-in-2026-complete-guide","title":{"rendered":"How to Setup CI\/CD on Linux Server in 2026 – Complete Guide"},"content":{"rendered":"\n

To set up CI\/CD on a Linux server<\/strong>, create a secure deploy user, install a CI engine (GitHub Actions self hosted runner, GitLab Runner, or Jenkins), configure SSH and environment secrets, write a pipeline file to build\/test\/package (often with Docker), and deploy behind Nginx with SSL, health checks, and rollbacks.<\/p>\n\n\n\n

If you want to set up CI\/CD on a Linux server, this guide walks you through a modern, secure, and beginner-friendly process. We\u2019ll cover architecture choices (GitHub Actions, GitLab CI, Jenkins), step-by-step installation on Ubuntu, sample pipelines, zero-downtime deployments, SSL, and best practices I\u2019ve honed across real-world hosting environments.<\/p>\n\n\n\n

What is CI\/CD and Why Do it on a Linux Server?<\/strong><\/h2>\n\n\n\n
\"What<\/figure>\n\n\n\n

CI\/CD stands for Continuous Integration and Continuous Delivery\/Deployment. CI automates building and testing on every commit. CD automates packaging and releasing to your environments. Running CI\/CD on your own Linux server gives you control, compliance, speed, and cost-efficiency\u2014especially when paired with Docker and a lean reverse proxy like Nginx.<\/p>\n\n\n\n

CI vs. CD vs. Deployment<\/strong><\/h3>\n\n\n\n

– CI: compile, lint, unit\/integration test.<\/p>\n\n\n\n

– CD: package artifact (Docker image, zip), prepare release, run migrations.<\/p>\n\n\n\n

– Deployment: push to production, swap traffic, verify health, and roll back if needed.<\/p>\n\n\n\n

Prerequisites and Architecture Options<\/strong><\/h2>\n\n\n\n

Primary keyword focus: how to set up CI\/CD on a Linux server. We\u2019ll assume Ubuntu 22.04+, SSH access<\/a>, a domain, and sudo privileges. Your code lives on GitHub or GitLab. Choose one of three common patterns:<\/p>\n\n\n\n

Option A: GitHub Actions Self-Hosted Runner (Simple and Popular)<\/strong><\/h3>\n\n\n\n

Install a GitHub Actions runner directly on your Linux server. Your workflows run locally (\u201cruns-on: self-hosted\u201d), which makes deployments as easy as running Docker or systemd commands. Great for small to mid-size teams.<\/p>\n\n\n\n

Option B: GitLab Runner (Shell or Docker Executor)<\/strong><\/h3>\n\n\n\n

If your repos are on GitLab, install a GitLab Runner with the shell or Docker executor. The runner pulls your project and executes your .gitlab-ci.yml stages for build, test, and deploy.<\/p>\n\n\n\n

Option C: Jenkins (Maximum Flexibility)<\/strong><\/h3>\n\n\n\n

Jenkins gives deep customization, plugins, and agent-based scaling. It takes more setup and maintenance but is ideal for complex pipelines and on-prem standards.<\/p>\n\n\n\n

Step-by-Step: Set Up CI\/CD on a Linux Server (Ubuntu)<\/strong><\/h2>\n\n\n\n

1) Create a Non-Root Deploy User, SSH Keys, and Basic Firewall<\/strong><\/h3>\n\n\n\n

Always run CI\/CD tasks as a non-root user and restrict SSH. Set up UFW for basic protection.<\/p>\n\n\n\n

sudo adduser deploy\nsudo usermod -aG sudo,adm deploy\n\n# SSH hardening (optional but recommended)\nsudo -u deploy mkdir -p \/home\/deploy\/.ssh\nsudo -u deploy chmod 700 \/home\/deploy\/.ssh\nsudo -u deploy ssh-keygen -t ed25519 -C \"ci@server\" -f \/home\/deploy\/.ssh\/id_ed25519\n\n# Firewall\nsudo ufw allow OpenSSH\nsudo ufw allow \"Nginx Full\"\nsudo ufw enable<\/code><\/pre>\n\n\n\n
2) Install Core Dependencies: Git, Docker, Docker Compose, Nginx<\/strong><\/h3>\n\n\n\n
Docker simplifies packaging and rollbacks. Nginx serves as the reverse proxy with SSL.<\/p>\n\n\n\n
sudo apt update && sudo apt upgrade -y\nsudo apt install -y git ca-certificates curl gnupg lsb-release nginx<\/a>\n\n# Docker + Compose v2\ncurl -fsSL https:\/\/get.docker.com | sudo sh\nsudo usermod -aG docker deploy\n# log out\/in to apply docker group\n\ndocker --version\ndocker compose version<\/code><\/pre>\n\n\n\n
3) Install Your CI Engine (Choose One)<\/strong><\/h3>\n\n\n\n
We\u2019ll show GitHub Actions runner in full, with brief notes for GitLab and Jenkins.<\/p>\n\n\n\n
GitHub Actions: Self-Hosted Runner<\/strong><\/h4>\n\n\n\n
In your GitHub repo: Settings \u2192 Actions \u2192 Runners \u2192 New self-hosted runner \u2192 Linux<\/a>. Follow the commands provided by GitHub (similar to below). Run as your deploy user.<\/p>\n\n\n\n
# As 'deploy' user\nmkdir -p ~\/actions-runner && cd ~\/actions-runner\ncurl -o actions-runner.tar.gz -L https:\/\/github.com\/actions\/runner\/releases\/latest\/download\/actions-runner-linux-x64-2.317.0.tar.gz\ntar xzf actions-runner.tar.gz\n\n# Replace URL and TOKEN with values from GitHub\n.\/config.sh --url https:\/\/github.com\/OWNER\/REPO --token YOUR_TOKEN --labels linux,x64,self-hosted\nsudo .\/svc.sh install\nsudo .\/svc.sh start<\/code><\/pre>\n\n\n\n
Create .github\/workflows\/ci-cd.yml in your repo. Use \u201cruns-on: self-hosted\u201d.<\/p>\n\n\n\n
name: CI\/CD on Linux Server<\/a>\n\non:\n  push:\n    branches: [ \"main\" ]\n\njobs:\n  build-test-deploy:\n    runs-on: self-hosted\n    steps:\n      - name: Checkout\n        uses: actions\/checkout@v4\n\n      - name: Set up Node\n        uses: actions\/setup-node@v4\n        with:\n          node-version: \"20\"\n\n      - name: Install & Test\n        run: |\n          npm ci\n          npm test --if-present\n\n      - name: Build Docker image\n        run: |\n          docker build -t myapp:latest .\n\n      - name: Deploy container\n        env:\n          APP_ENV: production\n        run: |\n          docker stop myapp || true\n          docker rm myapp || true\n          docker run -d --name myapp --restart=always \\\n            -e NODE_ENV=$APP_ENV -p 127.0.0.1:3000:3000 myapp:latest\n\n      - name: Health check\n        run: |\n          curl -fsS http:\/\/127.0.0.1:3000\/health || (echo \"Health check failed\" && exit 1)<\/code><\/pre>\n\n\n\n
GitLab Runner (Alternative<\/strong>)<\/h4>\n\n\n\n
Install GitLab Runner and register it to your project with the shell executor, then create .gitlab-ci.yml. The runner executes build, test, and deploy commands on your server.<\/p>\n\n\n\n
curl -L https:\/\/packages.gitlab.com\/install\/repositories\/runner\/gitlab-runner\/script.deb.sh | sudo bash\nsudo apt install -y gitlab-runner\nsudo gitlab-runner register\n# Provide GitLab URL, token, description, tags, and choose 'shell' or 'docker'<\/code><\/pre>\n\n\n\n
Jenkins (Alternative)<\/strong><\/h4>\n\n\n\n
Install Jenkins, then create a Pipeline job with a Jenkinsfile. Use a local agent or Docker for builds.<\/p>\n\n\n\n
wget -q -O - https:\/\/pkg.jenkins.io\/debian-stable\/jenkins.io.key | sudo tee \\\n  \/usr\/share\/keyrings\/jenkins-keyring.asc > \/dev\/null\necho deb [signed-by=\/usr\/share\/keyrings\/jenkins-keyring.asc] \\\n  https:\/\/pkg.jenkins.io\/debian-stable binary\/ | sudo tee \\\n  \/etc\/apt\/sources.list.d\/jenkins.list > \/dev\/null\nsudo apt update && sudo apt install -y openjdk-17-jre jenkins\nsudo systemctl enable --now jenkins<\/code><\/pre>\n\n\n\n
Example Jenkinsfile:<\/p>\n\n\n\n
pipeline {\n  agent any\n  stages {\n    stage('Checkout') { steps { checkout scm } }\n    stage('Build & Test') { steps { sh 'npm ci && npm test --if-present' } }\n    stage('Dockerize') { steps { sh 'docker build -t myapp:latest .' } }\n    stage('Deploy') {\n      steps {\n        sh '''\n          docker stop myapp || true\n          docker rm myapp || true\n          docker run -d --name myapp --restart=always -p 127.0.0.1:3000:3000 myapp:latest\n        '''\n      }\n    }\n  }\n}<\/code><\/pre>\n\n\n\n
4) Secret Management<\/strong><\/h3>\n\n\n\n
Never hardcode secrets in code or Dockerfiles. Use:<\/p>\n\n\n\n