I am running an Apache web server and wondered what's the easiest method to deploy changes (from github) to the net server?

/var/www/ at this time is just writable by root.

Must I have my git project directly in /var/www/? (therefore it produces /var/www/.git/?)

However, when I have to run instructions (i.e. sudo git push) wouldn't work (since my ssh secrets aren't under sudo).

Would I be best making /var/www/ writable on my own (and not simply root)? Or must i add ssh secrets towards the root user? Or must i make a move else entirely?

Thanks.

I personally use rsync to sync the items in my local machine using the server, and when you are just implementing to 1 server, then it is really quite simple (and Capistrano is overkill.). I place the following aliases in ~/.bash_profile:

alias eget='rsync -avie ssh matt@example.com:sites/example.com/www/ ~/Projects/example/example.com/www/ --exclude .DS_Store --exclude ".git*" --delete-after'
alias edep='rsync -avuie ssh ~/Projects/example/example.com/www/ matt@example.com:sites/example.com/www/ --exclude .DS_Store --exclude ".git*" --delay-updates --delete-after'

Then, in the git repo on my small local machine. I actually do:

git commit -am 'commit some changes'
git pull --rebase # pull any new changes from remote (--rebase prevents an unnecessary merge commit.)
eget -n # confirm which files I've changed

Whether it looks fishy, I possibly could do eget with no -n after which just perform a git diff -w. Then, I possibly could do git checkout -- path/to/file for that files I wish to keep my changes for. Then, I commit the alterations which were around the server which i did not get yet. This could only happen when the files around the server are altering in different ways than from deployments. Otherwise, you will know the local version is definitely more current compared to files around the server and thus don't need to bother about overwriting things around the server you don't yet dress in the local. Continue...

edep -n # just see what files will be deployed/updated/etc.
edep # looks good. Deploy for real.

Done!

Browse the rsync(1) Mac OS X Manual Page for more information.

An alternative choice is by using the Git post-receive hook. But, you will need to install Git around the server to achieve that. Also, I suggest putting the .git directory outdoors of the public www directory for security &lifier hygiene reasons. This can be done using the Git core.worktree configuration option. For instance, from ~/git/example.com.git, do git init --bare; git config core.worktree ~/sites/example.com/. Which makes ~/git/example.com.git such as the .git dir for ~/sites/example.com/.