From 97b1a940126037d4c2a6dd2ec7285658fed36bf0 Mon Sep 17 00:00:00 2001 From: Marc Mintel Date: Sun, 25 Jan 2026 17:10:47 +0100 Subject: [PATCH] simple deploy --- .env | 1 - .gitea/workflows/deploy.yml | 175 +++++++----------------------------- 2 files changed, 30 insertions(+), 146 deletions(-) diff --git a/.env b/.env index fe3f39ed..fce9ada5 100644 --- a/.env +++ b/.env @@ -9,7 +9,6 @@ NEXT_PUBLIC_UMAMI_SCRIPT_URL=https://analytics.infra.mintel.me/script.js # GlitchTip (Sentry protocol) SENTRY_DSN=https://c10957d0182245b1a2a806ac2d34a197@errors.infra.mintel.me/1 -NEXT_PUBLIC_SENTRY_DSN=https://c10957d0182245b1a2a806ac2d34a197@klz-cables.com/errors/1 # SMTP Configuration MAIL_HOST=smtp.eu.mailgun.org diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index c2ac3270..d459b1e2 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -28,21 +28,18 @@ jobs: run: | echo "$REGISTRY_PASS" | DOCKER_API_VERSION=1.44 docker login registry.infra.mintel.me -u "$REGISTRY_USER" --password-stdin - - name: Set up Docker Buildx - run: | - docker buildx create --use - docker buildx inspect --bootstrap - - name: Build and push image run: | - DOCKER_API_VERSION=1.44 docker buildx build \ + # Simple build for ARM64 (server platform) + DOCKER_API_VERSION=1.44 docker build \ --platform linux/arm64 \ --pull \ --build-arg NEXT_PUBLIC_UMAMI_WEBSITE_ID=${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }} \ --build-arg NEXT_PUBLIC_UMAMI_SCRIPT_URL=${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }} \ --build-arg NEXT_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }} \ - -t registry.infra.mintel.me/mintel/klz-cables.com:latest \ - --push . + -t registry.infra.mintel.me/mintel/klz-cables.com:latest . + + DOCKER_API_VERSION=1.44 docker push registry.infra.mintel.me/mintel/klz-cables.com:latest - name: Setup SSH run: | @@ -51,144 +48,32 @@ jobs: chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts - - name: Prepare and Deploy - env: - REGISTRY_USER: ${{ secrets.REGISTRY_USER }} - REGISTRY_PASS: ${{ secrets.REGISTRY_PASS }} - NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }} - NEXT_PUBLIC_UMAMI_SCRIPT_URL: ${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }} - SENTRY_DSN: ${{ secrets.SENTRY_DSN }} - REDIS_URL: ${{ secrets.REDIS_URL }} - REDIS_KEY_PREFIX: ${{ secrets.REDIS_KEY_PREFIX }} + - name: Deploy on server run: | - echo "Preparing deployment files..." + # Bundle files and secrets, then run deployment in ONE connection + tar czf - docker-compose.yml varnish 2>/dev/null | \ + ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no -o IPQoS=0x00 deploy@alpha.mintel.me " + set -e + mkdir -p /home/deploy/sites/klz-cables.com/ + tar xzf - -C /home/deploy/sites/klz-cables.com/ + cd /home/deploy/sites/klz-cables.com/ - COMPOSE_FILE="" - if [ -f "docker-compose.yml" ]; then - COMPOSE_FILE="docker-compose.yml" - elif [ -f "docker-compose.yaml" ]; then - COMPOSE_FILE="docker-compose.yaml" - else - echo "ERROR: No docker-compose file found!" - exit 1 - fi + echo '=== Creating .env ===' + cat > .env << EOF + NEXT_PUBLIC_UMAMI_WEBSITE_ID=${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }} + NEXT_PUBLIC_UMAMI_SCRIPT_URL=${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }} + SENTRY_DSN=${{ secrets.SENTRY_DSN }} + REDIS_URL=${{ secrets.REDIS_URL }} + REDIS_KEY_PREFIX=${{ secrets.REDIS_KEY_PREFIX }} + EOF - # Create a temporary directory for all files to sync - mkdir -p /tmp/klz-deploy - cp "$COMPOSE_FILE" /tmp/klz-deploy/docker-compose.yml - - if [ -d "varnish" ]; then - cp -r varnish /tmp/klz-deploy/ - fi + echo '=== Login & Pull ===' + echo '${{ secrets.REGISTRY_PASS }}' | docker login registry.infra.mintel.me -u '${{ secrets.REGISTRY_USER }}' --password-stdin + docker pull registry.infra.mintel.me/mintel/klz-cables.com:latest - # Create environment file - cat > /tmp/klz-deploy/deploy.env << EOF - export REGISTRY_USER='${REGISTRY_USER}' - export REGISTRY_PASS='${REGISTRY_PASS}' - export NEXT_PUBLIC_UMAMI_WEBSITE_ID='${NEXT_PUBLIC_UMAMI_WEBSITE_ID}' - export NEXT_PUBLIC_UMAMI_SCRIPT_URL='${NEXT_PUBLIC_UMAMI_SCRIPT_URL}' - export SENTRY_DSN='${SENTRY_DSN}' - export REDIS_URL='${REDIS_URL}' - export REDIS_KEY_PREFIX='${REDIS_KEY_PREFIX}' - EOF - - # Create deployment script - cat > /tmp/klz-deploy/deploy.sh << 'DEPLOY_EOF' - #!/bin/bash - set -e - - # Load environment variables - if [ -f ./deploy.env ]; then - source ./deploy.env - else - echo "ERROR: deploy.env not found in $(pwd)" - ls -la - exit 1 - fi - - echo "=== Starting deployment at $(date) ===" - - echo '=== Creating .env ===' - cat > .env << EOF - NEXT_PUBLIC_UMAMI_WEBSITE_ID=${NEXT_PUBLIC_UMAMI_WEBSITE_ID} - NEXT_PUBLIC_UMAMI_SCRIPT_URL=${NEXT_PUBLIC_UMAMI_SCRIPT_URL} - SENTRY_DSN=${SENTRY_DSN} - REDIS_URL=${REDIS_URL} - REDIS_KEY_PREFIX=${REDIS_KEY_PREFIX} - EOF - - echo '=== Logging into Docker registry ===' - if ! echo "${REGISTRY_PASS}" | docker login registry.infra.mintel.me -u "${REGISTRY_USER}" --password-stdin; then - echo "ERROR: Docker login failed" - exit 1 - fi - - echo '=== Checking if infra network exists ===' - if ! docker network inspect infra >/dev/null 2>&1; then - echo 'Creating infra network...' - docker network create infra || true - fi - - echo '=== Pulling latest image ===' - # Explicitly pull the image to ensure we get the latest version - echo "Pulling registry.infra.mintel.me/mintel/klz-cables.com:latest..." - if ! docker pull registry.infra.mintel.me/mintel/klz-cables.com:latest; then - echo "ERROR: docker pull failed" - exit 1 - fi - - # Check if we should use 'docker compose' or 'docker-compose' - COMPOSE_CMD="docker compose" - if ! $COMPOSE_CMD version >/dev/null 2>&1; then - COMPOSE_CMD="docker-compose" - fi - echo "Using compose command: $COMPOSE_CMD" - - echo "Pulling via compose..." - $COMPOSE_CMD pull - - echo '=== Restarting containers ===' - # Use --force-recreate to ensure containers are updated even if compose thinks they are up to date - echo "Running $COMPOSE_CMD up..." - if ! $COMPOSE_CMD up -d --force-recreate --remove-orphans; then - echo "ERROR: docker compose up failed" - exit 1 - fi - - echo '=== Verifying images ===' - docker images registry.infra.mintel.me/mintel/klz-cables.com:latest - - echo '=== Waiting for containers (30s) ===' - sleep 30 - - echo '=== Verifying health ===' - if curl -f -s http://localhost:80/health > /dev/null 2>&1; then - echo '✓ Application health check passed' - else - echo '✗ Application health check failed' - docker compose logs --tail=50 app - exit 1 - fi - - echo '=== Cleaning up ===' - docker image prune -f --filter 'until=24h' - echo '=== Deployment completed successfully ===' - DEPLOY_EOF - - chmod +x /tmp/klz-deploy/deploy.sh - - echo "Syncing and executing on server..." - # Use a single SSH connection to sync and execute - # We use tar to bundle everything and pipe it to SSH - # We use the same SSH options that worked in the previous Sync step - # Added -v to ssh for more debug info if it fails - # Added set -x to the remote command to see exactly what's happening - tar czf - -C /tmp/klz-deploy . | \ - ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no -o IPQoS=0x00 deploy@alpha.mintel.me \ - "set -x; mkdir -p /home/deploy/sites/klz-cables.com/ && tar xzf - -C /home/deploy/sites/klz-cables.com/ && cd /home/deploy/sites/klz-cables.com/ && ls -la && bash -x ./deploy.sh" - - if [ $? -ne 0 ]; then - echo "ERROR: Remote deployment failed!" - exit 1 - fi - echo "Deployment process finished" \ No newline at end of file + echo '=== Run ===' + # Force recreate ensures the new image is used + docker compose up -d --force-recreate --remove-orphans + + echo '=== Done ===' + "