simple deploy

2026-01-25 17:10:47 +01:00
parent 831c8be588
commit 97b1a94012
2 changed files with 30 additions and 146 deletions
--- a/.env
+++ b/.env
@@ -9,7 +9,6 @@ NEXT_PUBLIC_UMAMI_SCRIPT_URL=https://analytics.infra.mintel.me/script.js
 # GlitchTip (Sentry protocol)
 SENTRY_DSN=https://c10957d0182245b1a2a806ac2d34a197@errors.infra.mintel.me/1
 NEXT_PUBLIC_SENTRY_DSN=https://c10957d0182245b1a2a806ac2d34a197@klz-cables.com/errors/1
 # SMTP Configuration
 MAIL_HOST=smtp.eu.mailgun.org
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -28,21 +28,18 @@ jobs:
        run: |
          echo "$REGISTRY_PASS" | DOCKER_API_VERSION=1.44 docker login registry.infra.mintel.me -u "$REGISTRY_USER" --password-stdin
      - name: Set up Docker Buildx
        run: |
          docker buildx create --use
          docker buildx inspect --bootstrap
      - name: Build and push image
        run: |
-          DOCKER_API_VERSION=1.44 docker buildx build \
+          # Simple build for ARM64 (server platform)
          DOCKER_API_VERSION=1.44 docker build \
            --platform linux/arm64 \
            --pull \
            --build-arg NEXT_PUBLIC_UMAMI_WEBSITE_ID=${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }} \
            --build-arg NEXT_PUBLIC_UMAMI_SCRIPT_URL=${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }} \
            --build-arg NEXT_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }} \
-            -t registry.infra.mintel.me/mintel/klz-cables.com:latest \
+            -t registry.infra.mintel.me/mintel/klz-cables.com:latest .
-            --push .
+          
          DOCKER_API_VERSION=1.44 docker push registry.infra.mintel.me/mintel/klz-cables.com:latest
      - name: Setup SSH
        run: |
@@ -51,144 +48,32 @@ jobs:
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts
-      - name: Prepare and Deploy
+      - name: Deploy on server
        env:
          REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
          REGISTRY_PASS: ${{ secrets.REGISTRY_PASS }}
          NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
          NEXT_PUBLIC_UMAMI_SCRIPT_URL: ${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }}
          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
          REDIS_URL: ${{ secrets.REDIS_URL }}
          REDIS_KEY_PREFIX: ${{ secrets.REDIS_KEY_PREFIX }}
        run: |
-          echo "Preparing deployment files..."
+          # Bundle files and secrets, then run deployment in ONE connection
          tar czf - docker-compose.yml varnish 2>/dev/null | \
          ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no -o IPQoS=0x00 deploy@alpha.mintel.me "
            set -e
            mkdir -p /home/deploy/sites/klz-cables.com/
            tar xzf - -C /home/deploy/sites/klz-cables.com/
            cd /home/deploy/sites/klz-cables.com/
-          COMPOSE_FILE=""
+            echo '=== Creating .env ==='
-          if [ -f "docker-compose.yml" ]; then
+            cat > .env << EOF
-            COMPOSE_FILE="docker-compose.yml"
+            NEXT_PUBLIC_UMAMI_WEBSITE_ID=${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
-          elif [ -f "docker-compose.yaml" ]; then
+            NEXT_PUBLIC_UMAMI_SCRIPT_URL=${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }}
-            COMPOSE_FILE="docker-compose.yaml"
+            SENTRY_DSN=${{ secrets.SENTRY_DSN }}
-          else
+            REDIS_URL=${{ secrets.REDIS_URL }}
-            echo "ERROR: No docker-compose file found!"
+            REDIS_KEY_PREFIX=${{ secrets.REDIS_KEY_PREFIX }}
-            exit 1
+            EOF
          fi
-          # Create a temporary directory for all files to sync
+            echo '=== Login & Pull ==='
-          mkdir -p /tmp/klz-deploy
+            echo '${{ secrets.REGISTRY_PASS }}' | docker login registry.infra.mintel.me -u '${{ secrets.REGISTRY_USER }}' --password-stdin
-          cp "$COMPOSE_FILE" /tmp/klz-deploy/docker-compose.yml
+            docker pull registry.infra.mintel.me/mintel/klz-cables.com:latest
          if [ -d "varnish" ]; then
            cp -r varnish /tmp/klz-deploy/
          fi
-          # Create environment file
+            echo '=== Run ==='
-          cat > /tmp/klz-deploy/deploy.env << EOF
+            # Force recreate ensures the new image is used
-          export REGISTRY_USER='${REGISTRY_USER}'
+            docker compose up -d --force-recreate --remove-orphans
-          export REGISTRY_PASS='${REGISTRY_PASS}'
+            
-          export NEXT_PUBLIC_UMAMI_WEBSITE_ID='${NEXT_PUBLIC_UMAMI_WEBSITE_ID}'
+            echo '=== Done ==='
-          export NEXT_PUBLIC_UMAMI_SCRIPT_URL='${NEXT_PUBLIC_UMAMI_SCRIPT_URL}'
+          "
          export SENTRY_DSN='${SENTRY_DSN}'
          export REDIS_URL='${REDIS_URL}'
          export REDIS_KEY_PREFIX='${REDIS_KEY_PREFIX}'
          EOF
          # Create deployment script
          cat > /tmp/klz-deploy/deploy.sh << 'DEPLOY_EOF'
          #!/bin/bash
          set -e
          # Load environment variables
          if [ -f ./deploy.env ]; then
            source ./deploy.env
          else
            echo "ERROR: deploy.env not found in $(pwd)"
            ls -la
            exit 1
          fi
          echo "=== Starting deployment at $(date) ==="
          echo '=== Creating .env ==='
          cat > .env << EOF
          NEXT_PUBLIC_UMAMI_WEBSITE_ID=${NEXT_PUBLIC_UMAMI_WEBSITE_ID}
          NEXT_PUBLIC_UMAMI_SCRIPT_URL=${NEXT_PUBLIC_UMAMI_SCRIPT_URL}
          SENTRY_DSN=${SENTRY_DSN}
          REDIS_URL=${REDIS_URL}
          REDIS_KEY_PREFIX=${REDIS_KEY_PREFIX}
          EOF
          echo '=== Logging into Docker registry ==='
          if ! echo "${REGISTRY_PASS}" | docker login registry.infra.mintel.me -u "${REGISTRY_USER}" --password-stdin; then
            echo "ERROR: Docker login failed"
            exit 1
          fi
          echo '=== Checking if infra network exists ==='
          if ! docker network inspect infra >/dev/null 2>&1; then
            echo 'Creating infra network...'
            docker network create infra || true
          fi
          echo '=== Pulling latest image ==='
          # Explicitly pull the image to ensure we get the latest version
          echo "Pulling registry.infra.mintel.me/mintel/klz-cables.com:latest..."
          if ! docker pull registry.infra.mintel.me/mintel/klz-cables.com:latest; then
            echo "ERROR: docker pull failed"
            exit 1
          fi
          # Check if we should use 'docker compose' or 'docker-compose'
          COMPOSE_CMD="docker compose"
          if ! $COMPOSE_CMD version >/dev/null 2>&1; then
            COMPOSE_CMD="docker-compose"
          fi
          echo "Using compose command: $COMPOSE_CMD"
          echo "Pulling via compose..."
          $COMPOSE_CMD pull
          echo '=== Restarting containers ==='
          # Use --force-recreate to ensure containers are updated even if compose thinks they are up to date
          echo "Running $COMPOSE_CMD up..."
          if ! $COMPOSE_CMD up -d --force-recreate --remove-orphans; then
            echo "ERROR: docker compose up failed"
            exit 1
          fi
          echo '=== Verifying images ==='
          docker images registry.infra.mintel.me/mintel/klz-cables.com:latest
          echo '=== Waiting for containers (30s) ==='
          sleep 30
          echo '=== Verifying health ==='
          if curl -f -s http://localhost:80/health > /dev/null 2>&1; then
            echo '✓ Application health check passed'
          else
            echo '✗ Application health check failed'
            docker compose logs --tail=50 app
            exit 1
          fi
          echo '=== Cleaning up ==='
          docker image prune -f --filter 'until=24h'
          echo '=== Deployment completed successfully ==='
          DEPLOY_EOF
          chmod +x /tmp/klz-deploy/deploy.sh
          echo "Syncing and executing on server..."
          # Use a single SSH connection to sync and execute
          # We use tar to bundle everything and pipe it to SSH
          # We use the same SSH options that worked in the previous Sync step
          # Added -v to ssh for more debug info if it fails
          # Added set -x to the remote command to see exactly what's happening
          tar czf - -C /tmp/klz-deploy . | \
          ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no -o IPQoS=0x00 deploy@alpha.mintel.me \
          "set -x; mkdir -p /home/deploy/sites/klz-cables.com/ && tar xzf - -C /home/deploy/sites/klz-cables.com/ && cd /home/deploy/sites/klz-cables.com/ && ls -la && bash -x ./deploy.sh"
          if [ $? -ne 0 ]; then
            echo "ERROR: Remote deployment failed!"
            exit 1
          fi
          echo "Deployment process finished"