This commit is contained in:
Torsten Schulz (local)
@@ -10,10 +10,9 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
env:
|
env:
|
||||||
SSH_HOST: ${{ vars.PROD_HOST }}
|
SSH_HOST: ${{ vars.SSH_HOST }}
|
||||||
SSH_PORT: ${{ vars.PROD_PORT }}
|
SSH_PORT: ${{ vars.SSH_PORT }}
|
||||||
SSH_USER: ${{ vars.PROD_USER }}
|
SSH_USER: ${{ vars.SSH_USER }}
|
||||||
DEPLOY_SCRIPT: ${{ vars.PROD_DEPLOY_SCRIPT }}
|
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Show resolved non-secret config
|
- name: Show resolved non-secret config
|
||||||
@@ -21,7 +20,10 @@ jobs:
|
|||||||
echo "SSH_HOST=$SSH_HOST"
|
echo "SSH_HOST=$SSH_HOST"
|
||||||
echo "SSH_PORT=$SSH_PORT"
|
echo "SSH_PORT=$SSH_PORT"
|
||||||
echo "SSH_USER=$SSH_USER"
|
echo "SSH_USER=$SSH_USER"
|
||||||
echo "DEPLOY_SCRIPT=${DEPLOY_SCRIPT:-/usr/local/bin/actualize-singlechat.sh}"
|
test -n "$SSH_HOST"
|
||||||
|
test -n "$SSH_PORT"
|
||||||
|
test -n "$SSH_USER"
|
||||||
|
echo "DEPLOY_SCRIPT=/usr/local/bin/actualize-singlechat.sh"
|
||||||
|
|
||||||
- name: Prepare SSH
|
- name: Prepare SSH
|
||||||
run: |
|
run: |
|
||||||
@@ -29,7 +31,6 @@ jobs:
|
|||||||
mkdir -p ~/.ssh
|
mkdir -p ~/.ssh
|
||||||
printf '%s' "${{ secrets.PROD_SSH_KEY_B64 }}" | base64 -d > ~/.ssh/id_deploy
|
printf '%s' "${{ secrets.PROD_SSH_KEY_B64 }}" | base64 -d > ~/.ssh/id_deploy
|
||||||
chmod 600 ~/.ssh/id_deploy
|
chmod 600 ~/.ssh/id_deploy
|
||||||
ssh-keygen -l -f ~/.ssh/id_deploy
|
|
||||||
ssh-keyscan -p "$SSH_PORT" "$SSH_HOST" >> ~/.ssh/known_hosts
|
ssh-keyscan -p "$SSH_PORT" "$SSH_HOST" >> ~/.ssh/known_hosts
|
||||||
|
|
||||||
- name: Test SSH connection
|
- name: Test SSH connection
|
||||||
@@ -46,11 +47,10 @@ jobs:
|
|||||||
- name: Run deployment script
|
- name: Run deployment script
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
script="${DEPLOY_SCRIPT:-/usr/local/bin/actualize-singlechat.sh}"
|
|
||||||
ssh -i ~/.ssh/id_deploy \
|
ssh -i ~/.ssh/id_deploy \
|
||||||
-o StrictHostKeyChecking=no \
|
-o StrictHostKeyChecking=no \
|
||||||
-o BatchMode=yes \
|
-o BatchMode=yes \
|
||||||
-o ConnectTimeout=10 \
|
-o ConnectTimeout=10 \
|
||||||
-p "$SSH_PORT" \
|
-p "$SSH_PORT" \
|
||||||
"$SSH_USER@$SSH_HOST" \
|
"$SSH_USER@$SSH_HOST" \
|
||||||
"$script"
|
"/usr/local/bin/actualize-singlechat.sh"
|
||||||
|
|||||||
@@ -59,8 +59,7 @@ Der Workflow `.gitea/workflows/deploy.yml` startet bei Push auf `main` per SSH d
|
|||||||
|
|
||||||
Gitea-Konfiguration:
|
Gitea-Konfiguration:
|
||||||
|
|
||||||
- Variables: `PROD_HOST`, `PROD_PORT`, `PROD_USER`
|
- Variables: `SSH_HOST`, `SSH_PORT`, `SSH_USER`
|
||||||
- Optional: `PROD_DEPLOY_SCRIPT`, falls der Skriptpfad abweicht
|
|
||||||
- Secret: `PROD_SSH_KEY_B64` mit dem base64-kodierten privaten Deploy-Key
|
- Secret: `PROD_SSH_KEY_B64` mit dem base64-kodierten privaten Deploy-Key
|
||||||
|
|
||||||
Server-Skript installieren:
|
Server-Skript installieren:
|
||||||
|
|||||||
@@ -106,10 +106,9 @@ Der Workflow `.gitea/workflows/deploy.yml` deployt bei jedem Push auf `main` per
|
|||||||
In Gitea müssen dafür gesetzt sein:
|
In Gitea müssen dafür gesetzt sein:
|
||||||
|
|
||||||
- Repository Variables:
|
- Repository Variables:
|
||||||
- `PROD_HOST`: Produktionsserver, z.B. `tsschulz.de`
|
- `SSH_HOST`: Produktionsserver, z.B. `rv2756.1blu.de`
|
||||||
- `PROD_PORT`: SSH-Port, z.B. `2222`
|
- `SSH_PORT`: SSH-Port, z.B. `22`
|
||||||
- `PROD_USER`: SSH-User für den Deploy
|
- `SSH_USER`: SSH-User für den Deploy
|
||||||
- `PROD_DEPLOY_SCRIPT`: optional, Standard ist `/usr/local/bin/actualize-singlechat.sh`
|
|
||||||
- Repository Secret:
|
- Repository Secret:
|
||||||
- `PROD_SSH_KEY_B64`: privater SSH-Key base64-kodiert
|
- `PROD_SSH_KEY_B64`: privater SSH-Key base64-kodiert
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user