Skip to content
Build and Deploy

require https #20

Sign in to view logs

require https

require https #20

Workflow file for this run

.github/workflows/build-deploy.yml at 220d6e0
name: Build and Deploy
on:
push:
branches: [main]
# TODO
# - nginx reverse proxy
# - cron job for backup
# - move off droplet
# - setup rdp client
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
deploy:
needs: build-and-push
runs-on: ubuntu-latest
steps:
- name: Deploy to server
env:
PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
HOST: ${{ secrets.SERVER_HOST }}
USER: ${{ secrets.SERVER_USER }}
PORT: ${{ secrets.SERVER_PORT }}
run: |
echo "$PRIVATE_KEY" > deploy_key
chmod 600 deploy_key
ssh -i deploy_key -o StrictHostKeyChecking=no -p $PORT $USER@$HOST "\
export PATH=$PATH:/usr/local/bin
docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest && \
docker stop sprt-dev || true && \
docker rm sprt-dev || true && \
docker run --platform linux/amd64 -d \
--network my-net \
--name sprt-dev \
--restart unless-stopped \
-e DB_FILE='${{ secrets.DB_FILE }}' \
-e GOOGLE_API_KEY='${{ secrets.GOOGLE_API_KEY }}' \
-e AWS_ACCESS_KEY_ID='${{ secrets.AWS_ACCESS_KEY_ID }}' \
-e AWS_SECRET_ACCESS_KEY='${{ secrets.AWS_SECRET_ACCESS_KEY }}' \
-e PORT=7778 \
-p 7778:7778 \
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"