From 22bd212c119e723d6e286c33752ac154644957fa Mon Sep 17 00:00:00 2001 From: Marc Mintel Date: Wed, 21 Jan 2026 13:14:42 +0100 Subject: [PATCH] deploy --- .gitea/workflows/deploy.yml | 63 +++++++++++++++---------------------- 1 file changed, 25 insertions(+), 38 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index e19db830..399bad72 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -1,4 +1,4 @@ -name: Build & Deploy +name: Build & Deploy KLZ Cables on: push: @@ -10,30 +10,21 @@ jobs: runs-on: docker steps: - # --- Checkout --- - name: Checkout repo uses: actions/checkout@v3 - # --- Tools --- - name: Install tools run: | apt-get update - apt-get install -y \ - docker.io \ - openssh-client \ - rsync + apt-get install -y docker.io openssh-client - # --- Docker registry login --- - name: Login to registry env: REGISTRY_USER: ${{ secrets.REGISTRY_USER }} REGISTRY_PASS: ${{ secrets.REGISTRY_PASS }} run: | - echo "$REGISTRY_PASS" | docker login registry.infra.mintel.me \ - -u "$REGISTRY_USER" \ - --password-stdin + echo "$REGISTRY_PASS" | docker login registry.infra.mintel.me -u "$REGISTRY_USER" --password-stdin - # --- Build image --- - name: Build image run: | docker build \ @@ -43,12 +34,9 @@ jobs: --build-arg NEXT_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }} \ -t registry.infra.mintel.me/mintel/klz-cables.com:latest . - # --- Push image --- - name: Push image - run: | - docker push registry.infra.mintel.me/mintel/klz-cables.com:latest + run: docker push registry.infra.mintel.me/mintel/klz-cables.com:latest - # --- SSH setup --- - name: Setup SSH run: | mkdir -p ~/.ssh @@ -56,41 +44,40 @@ jobs: chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts - # --- Sync files --- - name: Sync files to server run: | - # Use tar to bundle files and send them via SSH in a single connection - tar czf - docker-compose.yml $([ -d ./varnish ] && echo varnish) | \ - ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no -o IPQoS=0x00 deploy@alpha.mintel.me \ - "mkdir -p /home/deploy/sites/klz-cables.com/ && tar xzf - -C /home/deploy/sites/klz-cables.com/" + ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no deploy@alpha.mintel.me \ + "mkdir -p /home/deploy/sites/klz-cables.com && chmod 775 /home/deploy/sites/klz-cables.com" + + scp -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no \ + docker-compose.yml \ + deploy@alpha.mintel.me:/home/deploy/sites/klz-cables.com/docker-compose.yml + + # varnish optional + if [ -d "./varnish" ]; then + scp -r -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no \ + varnish/ deploy@alpha.mintel.me:/home/deploy/sites/klz-cables.com/ + fi + + # Rechte-Check + Nachweis im Log + ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no deploy@alpha.mintel.me \ + "chmod 664 /home/deploy/sites/klz-cables.com/docker-compose.yml && \ + ls -la /home/deploy/sites/klz-cables.com/ && \ + stat /home/deploy/sites/klz-cables.com/docker-compose.yml" - # --- Deploy --- - name: Deploy on server env: REGISTRY_USER: ${{ secrets.REGISTRY_USER }} REGISTRY_PASS: ${{ secrets.REGISTRY_PASS }} run: | - ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no -o IPQoS=0x00 deploy@alpha.mintel.me " + ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no deploy@alpha.mintel.me " set -e - - echo 'Logging in to registry on server...' echo '$REGISTRY_PASS' | docker login registry.infra.mintel.me -u '$REGISTRY_USER' --password-stdin - cd /home/deploy/sites/klz-cables.com - - echo 'Creating .env if needed...' echo 'SENTRY_DSN=${{ secrets.SENTRY_DSN }}' > .env - - echo 'Pulling latest image...' - docker compose pull app || echo 'Pull failed - continuing anyway...' - - echo 'Force recreating and restarting app container...' - docker compose up -d --force-recreate --no-deps app - - echo 'Pruning old images (keep last 24h)...' + docker compose pull app + docker compose up -d --force-recreate app docker image prune -f --filter 'until=24h' - - echo 'Deployment finished. Checking status...' docker compose ps app docker compose logs --tail=20 app " \ No newline at end of file