Skip to content

03.Deploy Application to Server #44

03.Deploy Application to Server

03.Deploy Application to Server #44

Workflow file for this run

name: 03.Deploy Application to Server
on:
workflow_dispatch:
inputs:
version:
description: "Docker image version"
required: true
default: "latest"
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
deploy:
runs-on: ubuntu-latest
steps:
# Step 1: Checkout del repository
- name: Checkout the repo
uses: actions/checkout@v4
with:
submodules: recursive
token: ${{ secrets.GITHUB_TOKEN }}
- name: Remove old config directory
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
rm -r /opt/config/
# Step 2: Creazione dei file di configurazione
- name: Create config directory
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
mkdir -p /opt/config/
- name: Create main config file (django.cfg)
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
echo "DEBUG=${{ secrets.DEBUG }}" >> /opt/config/django.cfg
echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> /opt/config/django.cfg
echo "DJANGO_ALLOWED_HOSTS=${{ secrets.DJANGO_ALLOWED_HOSTS }}" >> /opt/config/django.cfg
echo "SQL_ENGINE=${{ secrets.SQL_ENGINE }}" >> /opt/config/django.cfg
echo "DATABASE=${{ secrets.DATABASE }}" >> /opt/config/django.cfg
echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> /opt/config/django.cfg
echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> /opt/config/django.cfg
echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> /opt/config/django.cfg
echo "SQL_HOST=${{ secrets.SQL_HOST }}" >> /opt/config/django.cfg
echo "SQL_PORT=${{ secrets.SQL_PORT }}" >> /opt/config/django.cfg
echo "GOLD_POSTGRES_DB=${{ secrets.GOLD_POSTGRES_DB }}" >> /opt/config/django.cfg
echo "GOLD_POSTGRES_USER=${{ secrets.GOLD_POSTGRES_USER }}" >> /opt/config/django.cfg
echo "GOLD_POSTGRES_PASSWORD=${{ secrets.GOLD_POSTGRES_PASSWORD }}" >> /opt/config/django.cfg
echo "GOLD_SQL_HOST=${{ secrets.GOLD_SQL_HOST }}" >> /opt/config/django.cfg
echo "GOLD_SQL_PORT=${{ secrets.GOLD_SQL_PORT }}" >> /opt/config/django.cfg
echo "EMAIL=${{ secrets.EMAIL }}" >> /opt/config/django.cfg
echo "DOMAIN=${{ secrets.DOMAIN }}" >> /opt/config/django.cfg
- name: Creation of config file for Postgres (db.cfg)
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> /opt/config/db.cfg
echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> /opt/config/db.cfg
echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> /opt/config/db.cfg
echo "SQL_HOST=${{ secrets.SQL_HOST }}" >> /opt/config/db.cfg
echo "SQL_PORT=${{ secrets.SQL_PORT }}" >> /opt/config/db.cfg
- name: Creation of config file for Gold Postgres (gold.cfg)
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
echo "GOLD_POSTGRES_DB=${{ secrets.GOLD_POSTGRES_DB }}" >> /opt/config/gold.cfg
echo "GOLD_POSTGRES_USER=${{ secrets.GOLD_POSTGRES_USER }}" >> /opt/config/gold.cfg
echo "GOLD_POSTGRES_PASSWORD=${{ secrets.GOLD_POSTGRES_PASSWORD }}" >> /opt/config/gold.cfg
echo "GOLD_SQL_HOST=${{ secrets.GOLD_SQL_HOST }}" >> /opt/config/gold.cfg
echo "GOLD_SQL_PORT=${{ secrets.GOLD_SQL_PORT }}" >> /opt/config/gold.cfg
# Step 3: SCP Docker Compose file al server
- name: SCP Docker Compose file
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
source: "./docker-compose.prod.yml"
target: "/opt/"
- name: Ensure directories for volumes exist
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
sudo mkdir -p /opt/web/static
sudo mkdir -p /opt/web/media
sudo chown -R $USER:$USER /opt/web/static
sudo chown -R $USER:$USER /opt/web/media
- name: Pull containers from GHCR
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
IMAGE_NAME="${{ env.REGISTRY }}/$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')"
echo ${{ secrets.GHCR_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
docker pull $IMAGE_NAME
- name: Start container
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
docker compose -f /opt/docker-compose.prod.yml down
docker compose -f /opt/docker-compose.prod.yml up -d --force-recreate
# Step 5: Configurazione di Nginx
- name: SCP Nginx configuration
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
source: "nginx/"
target: "/etc/nginx/sites-available/"
strip_components: 1
- name: Update Nginx configuration
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
sed -i "s/localhost/${{ secrets.DOMAIN }}/g" /etc/nginx/sites-available/nginx.conf
ln -s /etc/nginx/sites-available/nginx.conf /etc/nginx/sites-enabled
nginx -t && sudo systemctl restart nginx
# Step 6: Certbot per SSL
- name: Setup Certbot for SSL
uses: appleboy/[email protected]
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
sudo apt-get remove certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --nginx --non-interactive --agree-tos --email ${{ secrets.EMAIL }} --domains ${{ secrets.DOMAIN }}
sudo certbot renew --dry-run