From 2e459820fa09707b195d9d600dce69ec3cfcb204 Mon Sep 17 00:00:00 2001 From: leoBitto Date: Sat, 12 Oct 2024 17:57:07 +0200 Subject: [PATCH] added first version of deploy --- .github/workflows/deploy.yml | 119 +++++++++++++++++++++++++++++++++++ docker-compose.dev.yml | 4 +- 2 files changed, 121 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..b672eff --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,119 @@ +name: 03.Deploy Application to Server + +on: + workflow_dispatch: + inputs: + image_name: + description: "Docker image name" + required: true + +env: + REGISTRY: ghcr.io + +jobs: + deploy: + runs-on: ubuntu-latest + + steps: + # Step 1: Checkout del repository + - name: Checkout the repo + uses: actions/checkout@v4 + with: + submodules: recursive + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Create main config file (django.cfg) + run: | + echo "DEBUG=${{ secrets.DEBUG }}" >> opt/config/django.cfg + echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> opt/config/django.cfg + echo "DJANGO_ALLOWED_HOSTS=${{ secrets.DJANGO_ALLOWED_HOSTS }}" >> opt/config/django.cfg + echo "SQL_ENGINE=${{ secrets.SQL_ENGINE }}" >> opt/config/django.cfg + echo "DATABASE=${{ secrets.DATABASE }}" >> opt/config/django.cfg + echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> opt/config/django.cfg + echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> opt/config/django.cfg + echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> opt/config/django.cfg + echo "SQL_HOST=${{ secrets.SQL_HOST }}" >> opt/config/django.cfg + echo "SQL_PORT=${{ secrets.SQL_PORT }}" >> opt/config/django.cfg + echo "GOLD_POSTGRES_DB=${{ secrets.GOLD_POSTGRES_DB }}" >> opt/config/django.cfg + echo "GOLD_POSTGRES_USER=${{ secrets.GOLD_POSTGRES_USER }}" >> opt/config/django.cfg + echo "GOLD_POSTGRES_PASSWORD=${{ secrets.GOLD_POSTGRES_PASSWORD }}" >> opt/config/django.cfg + echo "GOLD_SQL_HOST=${{ secrets.GOLD_SQL_HOST }}" >> opt/config/django.cfg + echo "GOLD_SQL_PORT=${{ secrets.GOLD_SQL_PORT }}" >> opt/config/django.cfg + echo "EMAIL=${{ secrets.EMAIL }}" >> opt/config/django.cfg + echo "DOMAIN=${{ secrets.DOMAIN }}" >> opt/config/django.cfg + + + - name: Creation of config file for Postgres (db.cfg) + run: | + echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> opt/config/db.cfg + echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> opt/config/db.cfg + echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> opt/config/db.cfg + echo "SQL_HOST=${{ secrets.SQL_HOST }}" >> opt/config/db.cfg + echo "SQL_PORT=${{ secrets.SQL_PORT }}" >> opt/config/db.cfg + + + - name: Creation of config file for Gold Postgres (gold.cfg) + run: | + echo "GOLD_POSTGRES_DB=${{ secrets.GOLD_POSTGRES_DB }}" >> opt/config/gold.cfg + echo "GOLD_POSTGRES_USER=${{ secrets.GOLD_POSTGRES_USER }}" >> opt/config/gold.cfg + echo "GOLD_POSTGRES_PASSWORD=${{ secrets.GOLD_POSTGRES_PASSWORD }}" >> opt/config/gold.cfg + echo "GOLD_SQL_HOST=${{ secrets.GOLD_SQL_HOST }}" >> opt/config/gold.cfg + echo "GOLD_SQL_PORT=${{ secrets.GOLD_SQL_PORT }}" >> opt/config/gold.cfg + + # Step 3: SCP Docker Compose file al server + - name: SCP Docker Compose file + uses: appleboy/scp-action@v0.1.7 + with: + host: ${{ secrets.HOST }} + username: ${{ secrets.USERNAME }} + key: ${{ secrets.PRIVATE_KEY }} + source: "./docker-compose.prod.yml" + target: "/opt/${{ github.repository }}/" + + # Step 4: Pull dei container da GHCR + - name: Pull containers from GHCR + uses: appleboy/ssh-action@v0.1.3 + with: + host: ${{ secrets.HOST }} + username: ${{ secrets.USERNAME }} + key: ${{ secrets.PRIVATE_KEY }} + script: | + echo ${{ secrets.GHCR_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin + docker-compose -f /opt/${{ github.repository }}/docker-compose.prod.yml pull + docker-compose -f /opt/${{ github.repository }}/docker-compose.prod.yml up -d --force-recreate + + # Step 5: Configurazione di Nginx + - name: SCP Nginx configuration + uses: appleboy/scp-action@v0.1.7 + with: + host: ${{ secrets.HOST }} + username: ${{ secrets.USERNAME }} + key: ${{ secrets.PRIVATE_KEY }} + source: "nginx/" + target: "/etc/nginx/sites-available/" + strip_components: 1 + + - name: Update Nginx configuration + uses: appleboy/ssh-action@v0.1.3 + with: + host: ${{ secrets.HOST }} + username: ${{ secrets.USERNAME }} + key: ${{ secrets.PRIVATE_KEY }} + script: | + sed -i "s/localhost/${{ secrets.DOMAIN }}/g" /etc/nginx/sites-available/nginx.conf + ln -s /etc/nginx/sites-available/nginx.conf /etc/nginx/sites-enabled + nginx -t && sudo systemctl restart nginx + + # Step 6: Certbot per SSL + - name: Setup Certbot for SSL + uses: appleboy/ssh-action@v0.1.3 + with: + host: ${{ secrets.HOST }} + username: ${{ secrets.USERNAME }} + key: ${{ secrets.PRIVATE_KEY }} + script: | + sudo apt-get remove certbot + sudo snap install --classic certbot + sudo ln -s /snap/bin/certbot /usr/bin/certbot + sudo certbot --nginx --non-interactive --agree-tos --email ${{ secrets.EMAIL }} --domains ${{ secrets.DOMAIN }} + sudo certbot renew --dry-run diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index eb73588..339c74d 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -12,7 +12,7 @@ services: expose: - 8000 env_file: - - ./config/.cfg + - ./config/django.cfg depends_on: - db - db_gold @@ -33,7 +33,7 @@ services: expose: - 8000 env_file: - - ./config/.cfg + - ./config/django.cfg depends_on: - db - db_gold