Forem: Aaron Bill Domingo The latest articles on Forem by Aaron Bill Domingo (@aabill). https://forem.com/aabill https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F707339%2F9246c8f6-9754-42fc-82d9-35b6c388eb19.jpeg Forem: Aaron Bill Domingo https://forem.com/aabill en ๐Ÿš€ Auto-Deploying a Slim-PHP App with Docker, GitHub Actions, and Caddy Aaron Bill Domingo Fri, 02 May 2025 01:39:29 +0000 https://forem.com/aabill/how-i-created-a-cicd-pipeline-for-deploying-a-dockerized-slim-php-app-with-caddy-nib https://forem.com/aabill/how-i-created-a-cicd-pipeline-for-deploying-a-dockerized-slim-php-app-with-caddy-nib <p>In this post, Iโ€™ll show you how I set up a CI/CD pipeline for my <a href="https://www.slimframework.com/" rel="noopener noreferrer">Slim-PHP</a> app using Docker, GitHub Actions, and Caddy. The goal: every push to main deploys the app automatically to my DigitalOcean server โ€” with near-zero downtime.</p> <blockquote> <p>โœ… Live at: <a href="http://aabillify.com" rel="noopener noreferrer">aabillify.com</a></p> </blockquote> <h2> ๐Ÿ’ก Why I Built This </h2> <p>Manually deploying updates was slow and error-prone. I wanted an automated flow where every code push:</p> <ul> <li><p>Builds the app,</p></li> <li><p>Pushes a Docker image, and</p></li> <li><p>Deploys it to the server with minimal downtime.</p></li> </ul> <p>I chose:</p> <ul> <li><p><strong>Slim-PHP</strong> for a fast, lightweight backend,</p></li> <li><p><strong>Caddy</strong> for its easy setup and automatic HTTPS,</p></li> <li><p><strong>GitHub Actions</strong> for seamless CI/CD.</p></li> </ul> <h2> ๐Ÿงฑ Project Overview </h2> <p>My app has:</p> <ul> <li><p>A Slim-PHP backend</p></li> <li><p>A FrankenPHP container for local dev</p></li> <li><p>A Caddy container for HTTPS in production</p></li> </ul> <p><strong>Folder Structure:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>#Folder Structure /my-app โ”œโ”€โ”€ public/ โ”œโ”€โ”€ src/ โ”œโ”€โ”€ Dockerfile โ”œโ”€โ”€ docker-compose.yml โ””โ”€โ”€ Caddyfile </code></pre> </div> <h2> ๐Ÿณ Docker Setup </h2> <h3> <code>Dockerfile</code> (uses FrankenPHP) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>FROM dunglas/frankenphp:php8.4.3-alpine # Set working directory WORKDIR /app/public/www # Install composer COPY --from=composer:latest /usr/bin/composer /usr/bin/composer # Install dependencies: Composer and PHP extensions RUN install-php-extensions \ pdo_mysql \ gd \ intl \ zip \ opcache \ curl \ json \ mbstring \ pdo \ openssl \ tokenizer \ fileinfo COPY . . # Install PHP dependencies RUN composer install --no-dev --optimize-autoloader # Set correct permissions for the web server RUN chown -R www-data:www-data /app/public/www # Configure entry point with FrankenPHP CMD ["frankenphp", "run", "--config", "Caddyfile"] </code></pre> </div> <h3> <code>Caddyfile</code> (for local dev) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ debug frankenphp { watch /app/public/www/ } } # handles http :80 { root * /app/public/www/public php_server file_server } </code></pre> </div> <h3> <code>docker-compose.yml</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>services: php: container_name: local-slim-app build: . networks: - slim-net ports: - "${PORT}:80" # HTTP volumes: - ./:/app/public/www - caddy_data:/data - caddy_config:/config tty: true # Volumes needed for Caddy certificates and configuration volumes: caddy_data: caddy_config: # The network slim-net must be created in server networks: slim-net: external: true </code></pre> </div> <h2> โš™๏ธ GitHub Actions Workflow </h2> <p>Each push to main triggers:</p> <ul> <li><p>Dependency install</p></li> <li><p>Vite asset build</p></li> <li><p>Docker image build</p></li> <li><p>Push to GitHub Container Registry (GHCR)</p></li> <li><p>SSH into the server and deploy</p></li> <li><p>Cleanup old images</p></li> </ul> <h3> <code>.github/workflows/deploy.yml</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>name: Deploy Slim-app on: push: branches: - main jobs: build-and-deploy: runs-on: ubuntu-latest steps: - name: ๐Ÿ›Ž๏ธ Checkout code uses: actions/checkout@v3 - name: ๐Ÿ”ง Set up Node.js uses: actions/setup-node@v3 with: node-version: 22 - name: ๐Ÿ“ฆ Install dependencies run: npm ci - name: ๐Ÿ› ๏ธ Build Vite assets run: npm run build - name: ๐Ÿณ Build Docker image run: docker build -t ghcr.io/${{secrets.USER}}/slim-app:latest . - name: ๐Ÿ” Log in to GitHub Container Registry run: echo "${{ secrets.GHCR_TOKEN }}" | docker login ghcr.io -u ${{secrets.USER}} --password-stdin - name: ๐Ÿš€ Push Docker image to GitHub Container Registry run: docker push ghcr.io/${{secrets.USER}}/slim-app:latest - name: ๐Ÿช‚ Deploy via SSH uses: appleboy/ssh-action@v1.0.3 with: host: ${{secrets.SERVER_IP}} username: root key: ${{ secrets.SSH_PRIVATE_KEY }} script: | echo "${{ secrets.GHCR_TOKEN }}" | docker login ghcr.io -u ${{secrets.USER}} --password-stdin docker pull ghcr.io/${{secrets.USER}}/slim-app:latest # Run new container on a test port bash /docker/deploy.sh # delete other images docker images --format '{{.Repository}}:{{.Tag}} {{.ID}}' \ | grep 'ghcr.io/${{secrets.USER}}/slim-app' \ | grep -v 'latest' \ | awk '{print $2}' \ | xargs -r docker rmi - name: ๐Ÿงน Cleanup old images run: | sudo apt-get install jq # List all image versions curl -s -H "Authorization: token ${{ secrets.PACKAGE_TOKEN }}" \ https://api.github.com/users/${{secrets.USER}}/packages/container/slim-app/versions \ | jq '.[].id' \ | tail -n +4 \ | xargs -I {} curl -X DELETE -H "Authorization: token ${{ secrets.PACKAGE_TOKEN }}" \ https://api.github.com/users/${{secrets.USER}}/packages/container/slim-app/versions/{} </code></pre> </div> <h2> ๐Ÿ–ฅ๏ธ Server Setup </h2> <p>On the server:</p> <ul> <li>Installed Docker and SSH keys</li> <li>Created Docker network: slim-net</li> <li>Created a deploy.sh script to: <ul> <li>Start a new container on an alternate port</li> <li>Wait for it to become healthy</li> <li>Swap it in Caddyโ€™s config</li> <li>Remove the old container</li> </ul> </li> </ul> <h3> <code>deploy.sh</code> (zero-downtime logic) </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>#!/bin/bash PORT=8085 OTHER_PORT=8086 ... # Determine available port if docker ps | grep ":$PORT-&gt;"; then PORT=$OTHER_PORT USED_PORT=8085 else USED_PORT=$OTHER_PORT fi ... # Run new container with generated compose file envsubst &lt; /docker/slim-app/docker-compose.yml.template &gt; "/docker/slim-app/docker-compose-php$PORT.yml" docker-compose -f "/docker/slim-app/docker-compose-php$PORT.yml" up -d # Wait for health, update Caddy config, and swap ... </code></pre> </div> <h3> ๐Ÿ—‚๏ธ Server Folder Structure </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>/docker โ”œโ”€โ”€ caddy/ โ”œโ”€โ”€ docker-compose.yml โ”œโ”€โ”€ Caddyfile.template โ””โ”€โ”€ Caddyfile โ”œโ”€โ”€ deploy.sh โ”œโ”€โ”€ slim-app/ โ”œโ”€โ”€ docker-compose-phpXXXX.yml โ””โ”€โ”€ docker-compose.yml.template </code></pre> </div> <h3> <code>docker-compose.yml.template</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>#a docker-compose-phpXXXX.yml will be generated by this template in deploy.sh services: ${SERVICE_NAME}: image: ghcr.io/aabill/slim-app:latest container_name: ${CONTAINER_NAME} networks: - slim-net ports: - "${PORT}:80" # HTTP volumes: - ./.env:/app/public/www/.env environment: - SITE_ADDRESS=http://localhost:80 - SUB_SITE_ADDRESS=http://subdomain.localhost:80 - APP_URL="http://localhost:80" networks: slim-net: external: true </code></pre> </div> <h3> <code>caddy/docker-compose.yml</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>## Run the caddy container once: ## `/docker/caddy docker-compose up -d` services: caddy: image: caddy:alpine container_name: caddy restart: unless-stopped ports: - "80:80" - "443:443" volumes: - ./Caddyfile.template:/etc/caddy/Caddyfile.template - ./Caddyfile:/etc/caddy/Caddyfile - caddy_data:/data - caddy_config:/config networks: - slim-net command: ["caddy", "run", "--watch", "--config", "/etc/caddy/Caddyfile"] volumes: caddy_data: caddy_config: networks: slim-net: external: true </code></pre> </div> <h3> <code>Caddyfile.template</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>#a Caddyfile will be generated by this template in deploy.sh yourdomain.com { redir https://www.yourdomain.com{uri} 301 } www.yourdomain.com { reverse_proxy ${CONTAINER_NAME}:80 } </code></pre> </div> <h2> โœ… Final Thoughts </h2> <p>With this setup:</p> <ul> <li>Every push goes live automatically</li> <li>The deployment is resilient and fast</li> <li>You avoid downtime by switching containers smartly</li> </ul> devops docker cicd tutorial