-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
121 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
name: 03.Deploy Application to Server | ||
|
||
on: | ||
workflow_dispatch: | ||
inputs: | ||
image_name: | ||
description: "Docker image name" | ||
required: true | ||
|
||
env: | ||
REGISTRY: ghcr.io | ||
|
||
jobs: | ||
deploy: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
# Step 1: Checkout del repository | ||
- name: Checkout the repo | ||
uses: actions/checkout@v4 | ||
with: | ||
submodules: recursive | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Create main config file (django.cfg) | ||
run: | | ||
echo "DEBUG=${{ secrets.DEBUG }}" >> opt/config/django.cfg | ||
echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> opt/config/django.cfg | ||
echo "DJANGO_ALLOWED_HOSTS=${{ secrets.DJANGO_ALLOWED_HOSTS }}" >> opt/config/django.cfg | ||
echo "SQL_ENGINE=${{ secrets.SQL_ENGINE }}" >> opt/config/django.cfg | ||
echo "DATABASE=${{ secrets.DATABASE }}" >> opt/config/django.cfg | ||
echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> opt/config/django.cfg | ||
echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> opt/config/django.cfg | ||
echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> opt/config/django.cfg | ||
echo "SQL_HOST=${{ secrets.SQL_HOST }}" >> opt/config/django.cfg | ||
echo "SQL_PORT=${{ secrets.SQL_PORT }}" >> opt/config/django.cfg | ||
echo "GOLD_POSTGRES_DB=${{ secrets.GOLD_POSTGRES_DB }}" >> opt/config/django.cfg | ||
echo "GOLD_POSTGRES_USER=${{ secrets.GOLD_POSTGRES_USER }}" >> opt/config/django.cfg | ||
echo "GOLD_POSTGRES_PASSWORD=${{ secrets.GOLD_POSTGRES_PASSWORD }}" >> opt/config/django.cfg | ||
echo "GOLD_SQL_HOST=${{ secrets.GOLD_SQL_HOST }}" >> opt/config/django.cfg | ||
echo "GOLD_SQL_PORT=${{ secrets.GOLD_SQL_PORT }}" >> opt/config/django.cfg | ||
echo "EMAIL=${{ secrets.EMAIL }}" >> opt/config/django.cfg | ||
echo "DOMAIN=${{ secrets.DOMAIN }}" >> opt/config/django.cfg | ||
- name: Creation of config file for Postgres (db.cfg) | ||
run: | | ||
echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> opt/config/db.cfg | ||
echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> opt/config/db.cfg | ||
echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> opt/config/db.cfg | ||
echo "SQL_HOST=${{ secrets.SQL_HOST }}" >> opt/config/db.cfg | ||
echo "SQL_PORT=${{ secrets.SQL_PORT }}" >> opt/config/db.cfg | ||
|
||
- name: Creation of config file for Gold Postgres (gold.cfg) | ||
run: | | ||
echo "GOLD_POSTGRES_DB=${{ secrets.GOLD_POSTGRES_DB }}" >> opt/config/gold.cfg | ||
echo "GOLD_POSTGRES_USER=${{ secrets.GOLD_POSTGRES_USER }}" >> opt/config/gold.cfg | ||
echo "GOLD_POSTGRES_PASSWORD=${{ secrets.GOLD_POSTGRES_PASSWORD }}" >> opt/config/gold.cfg | ||
echo "GOLD_SQL_HOST=${{ secrets.GOLD_SQL_HOST }}" >> opt/config/gold.cfg | ||
echo "GOLD_SQL_PORT=${{ secrets.GOLD_SQL_PORT }}" >> opt/config/gold.cfg | ||
# Step 3: SCP Docker Compose file al server | ||
- name: SCP Docker Compose file | ||
uses: appleboy/[email protected] | ||
with: | ||
host: ${{ secrets.HOST }} | ||
username: ${{ secrets.USERNAME }} | ||
key: ${{ secrets.PRIVATE_KEY }} | ||
source: "./docker-compose.prod.yml" | ||
target: "/opt/${{ github.repository }}/" | ||
|
||
# Step 4: Pull dei container da GHCR | ||
- name: Pull containers from GHCR | ||
uses: appleboy/[email protected] | ||
with: | ||
host: ${{ secrets.HOST }} | ||
username: ${{ secrets.USERNAME }} | ||
key: ${{ secrets.PRIVATE_KEY }} | ||
script: | | ||
echo ${{ secrets.GHCR_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin | ||
docker-compose -f /opt/${{ github.repository }}/docker-compose.prod.yml pull | ||
docker-compose -f /opt/${{ github.repository }}/docker-compose.prod.yml up -d --force-recreate | ||
# Step 5: Configurazione di Nginx | ||
- name: SCP Nginx configuration | ||
uses: appleboy/[email protected] | ||
with: | ||
host: ${{ secrets.HOST }} | ||
username: ${{ secrets.USERNAME }} | ||
key: ${{ secrets.PRIVATE_KEY }} | ||
source: "nginx/" | ||
target: "/etc/nginx/sites-available/" | ||
strip_components: 1 | ||
|
||
- name: Update Nginx configuration | ||
uses: appleboy/[email protected] | ||
with: | ||
host: ${{ secrets.HOST }} | ||
username: ${{ secrets.USERNAME }} | ||
key: ${{ secrets.PRIVATE_KEY }} | ||
script: | | ||
sed -i "s/localhost/${{ secrets.DOMAIN }}/g" /etc/nginx/sites-available/nginx.conf | ||
ln -s /etc/nginx/sites-available/nginx.conf /etc/nginx/sites-enabled | ||
nginx -t && sudo systemctl restart nginx | ||
# Step 6: Certbot per SSL | ||
- name: Setup Certbot for SSL | ||
uses: appleboy/[email protected] | ||
with: | ||
host: ${{ secrets.HOST }} | ||
username: ${{ secrets.USERNAME }} | ||
key: ${{ secrets.PRIVATE_KEY }} | ||
script: | | ||
sudo apt-get remove certbot | ||
sudo snap install --classic certbot | ||
sudo ln -s /snap/bin/certbot /usr/bin/certbot | ||
sudo certbot --nginx --non-interactive --agree-tos --email ${{ secrets.EMAIL }} --domains ${{ secrets.DOMAIN }} | ||
sudo certbot renew --dry-run |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters