Support my work ♥

Trigger Plesk Webhook Handler with Curl or Wget and an OAuth2 Token and a private Gitlab Repo

When deploying a small PHP application on a shared hoster that uses plesk, I recommend using git.

Then the final deployment workflow goes like this:

  1. A developer sends commits with git push to the gitlab instance
  2. The gitlab instance then sends a POST request to the Plesk instance
  3. The Plesk instance now starts pulling the repo onto a machine
  4. If auto deploy is activated Plesk will then unpack the contents into the webspace

Setup oauth 2.0 token on Gitlab

Generating the token in Gitlab is very clean. Go to Settings -> Access Tokens and create it with the Developerrole as well as the read_api and read_repository permissions. This is also the time to set yourself a reminder for next year when the token will expire, sadly there are no infinite tokens anymore.

What is missing is the docs on what user you have to use when using the token with HTTP Basic Auth instead of a HTTP header.

The answer is: oauth2

Setup the Domain & Git Deploy

Follow the normal workflow in Plesk to add a domain, let's go with

Then under Git paste the HTTPS Clone Url of your private repo and add the HTTP Basic Auth params:

https://oauth2:{enter the token here}

This step will let you test the token until it works.

Now Plesk pulled the repo you then select the branch and save the settings.

Getting the Webhook

First, go back out to the Websites & Domains in Plesk. Second, go back into the domain settings and find the Git deploy.

Now there is a new icon in the bottom that looks like three sliders or a little cog wheel (depending on your version) that opens the advanced settings.

Now in there is the actual hook URI that looks something like this, with the management port for example 8443:

You can test it with a command like this:

curl -x POST ${HOOK_URI}

Updating the oauth2 token next year

In this menu change the password to the new token you will generate next year.

Adding the Hook to Gitlab

Now add the hook to the repo under Settings -> Webhooks.

After pasting the HOOK_URI select Push events and then All branches, you can be more specific for bigger repos. On the bottom enable SSL verification, test and then save.

Alternative integrate with CI

Make sure you have wget or curl then execute a POST request to the HOOK_URI. It looks like because Plesk does not parse the contents of the request it can be empty as well.

I recommend going with the hook variant as it is faster and does not require any runners unless you are already running a job for other checks, lints or tests.