Setup Server #3

Summary
Jobs
- setup-server
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/server_setup.yml at 47199a8

	name: Setup Server

	on:
	workflow_dispatch: # Trigger manual workflow run


	jobs:
	setup-server:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	submodules: recursive
	token: ${{ secrets.GITHUB_TOKEN }}

	- name: Upgrade server and install Docker & Nginx
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.HOST }}
	username: ${{ secrets.USERNAME }}
	key: ${{ secrets.PRIVATE_KEY }}
	script: \|
	sudo apt update -y
	sudo apt upgrade -y
	# Add Docker's official GPG key:
	sudo apt-get update
	sudo apt-get install ca-certificates curl
	sudo install -m 0755 -d /etc/apt/keyrings
	sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
	sudo chmod a+r /etc/apt/keyrings/docker.asc

	# Add the repository to Apt sources:
	echo \
	"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
	$(. /etc/os-release && echo "$VERSION_CODENAME") stable" \| \
	sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
	sudo apt-get update -y

	sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose docker-compose-plugin -y
	sudo apt install nginx curl -y


	- name: Set ENV variables
	run: \|
	echo "REPO_NAME=${GITHUB_REPOSITORY#$GITHUB_REPOSITORY_OWNER/}" >> $GITHUB_ENV
	echo $GITHUB_ENV


	- name: Create project directory and conf file
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.HOST }}
	username: ${{ secrets.USERNAME }}
	key: ${{ secrets.PRIVATE_KEY }}
	script: \|
	mkdir -p "/opt/${{ env.REPO_NAME }}"
	mkdir -p "/opt/${{ env.REPO_NAME }}/config"
	rm /opt/${{ env.REPO_NAME }}/config/.env
	echo "DEBUG=False" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "SECRET_KEY=foo" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "DJANGO_ALLOWED_HOSTS=localhost 127.0.0.1 [::1] *" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "SQL_ENGINE=django.db.backends.postgresql" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "SQL_HOST=db" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "SQL_PORT=5432" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "DATABASE=postgres" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "EMAIL=${{ secrets.EMAIL }}" >> "/opt/${{ env.REPO_NAME }}/config/.env"
	echo "DOMAIN=${{ secrets.DOMAIN }}" >> "/opt/${{ env.REPO_NAME }}/config/.env"

	cat "/opt/${{ env.REPO_NAME }}/config/.env"


	- name: SCP Docker Compose file
	uses: appleboy/scp-action@master
	with:
	host: ${{ secrets.HOST }}
	username: ${{ secrets.USERNAME }}
	key: ${{ secrets.PRIVATE_KEY }}
	source: "./docker-compose.prod.yml"
	target: "/opt/${{ env.REPO_NAME }}/"

	- name: Update Nginx configuration file
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.HOST }}
	username: ${{ secrets.USERNAME }}
	key: ${{ secrets.PRIVATE_KEY }}
	script: \|
	cd /etc/nginx/sites-available/${{ env.REPO_NAME }}/



	- name: SCP Nginx conf file
	uses: appleboy/scp-action@master
	with:
	host: ${{ secrets.HOST }}
	username: ${{ secrets.USERNAME }}
	key: ${{ secrets.PRIVATE_KEY }}
	source: "./nginx/nginx.conf"
	target: "/etc/nginx/sites-available/${{ env.REPO_NAME }}/"


	- name: Update Nginx configuration file
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.HOST }}
	username: ${{ secrets.USERNAME }}
	key: ${{ secrets.PRIVATE_KEY }}
	script: \|
	sed -i "s/localhost/${{ secrets.DOMAIN }}/g" /etc/nginx/sites-available/${{ env.REPO_NAME }}/nginx.conf
	ln -s /etc/nginx/sites-available/${{ env.REPO_NAME }} /etc/nginx/sites-enabled
	nginx -t
	systemctl restart nginx
	ufw delete allow 8000
	ufw allow 'Nginx Full'


	- name: Request Certbot certificates
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.HOST }}
	username: ${{ secrets.USERNAME }}
	key: ${{ secrets.PRIVATE_KEY }}
	script: \|
	apt-get remove certbot
	snap install --classic certbot
	ln -s /snap/bin/certbot /usr/bin/certbot
	certbot --nginx
	certbot renew --dry-run

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Setup Server #3

Workflow file

Setup Server #3

Jobs

Run details

Workflow file for this run