b62b61505c
All checks were successful
Deploy tt-tagebuch / deploy (push) Successful in 39s
- Changed the SSH key handling in the Gitea deployment workflow to use a base64 encoded key, improving security and compatibility. - Updated the SSH connection commands to reference the new key file, ensuring successful deployment connections.
53 lines
1.3 KiB
YAML
53 lines
1.3 KiB
YAML
name: Deploy tt-tagebuch
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
|
|
env:
|
|
SSH_HOST: ${{ vars.PROD_HOST }}
|
|
SSH_PORT: ${{ vars.PROD_PORT }}
|
|
SSH_USER: ${{ vars.PROD_USER }}
|
|
|
|
steps:
|
|
- name: Show resolved non-secret config
|
|
run: |
|
|
echo "SSH_HOST=$SSH_HOST"
|
|
echo "SSH_PORT=$SSH_PORT"
|
|
echo "SSH_USER=$SSH_USER"
|
|
|
|
- name: Prepare SSH
|
|
run: |
|
|
set -e
|
|
mkdir -p ~/.ssh
|
|
printf '%s' "${{ secrets.PROD_SSH_KEY_B64 }}" | base64 -d > ~/.ssh/id_deploy
|
|
chmod 600 ~/.ssh/id_deploy
|
|
ssh-keygen -l -f ~/.ssh/id_deploy
|
|
ssh-keyscan -p "$SSH_PORT" "$SSH_HOST" >> ~/.ssh/known_hosts
|
|
|
|
- name: Test SSH connection
|
|
run: |
|
|
set -e
|
|
ssh -i ~/.ssh/id_deploy \
|
|
-o StrictHostKeyChecking=no \
|
|
-o BatchMode=yes \
|
|
-o ConnectTimeout=10 \
|
|
-p "$SSH_PORT" \
|
|
"$SSH_USER@$SSH_HOST" \
|
|
"echo SSH OK"
|
|
|
|
- name: Run deployment script
|
|
run: |
|
|
set -e
|
|
ssh -i ~/.ssh/id_deploy \
|
|
-o StrictHostKeyChecking=no \
|
|
-o BatchMode=yes \
|
|
-o ConnectTimeout=10 \
|
|
-p "$SSH_PORT" \
|
|
"$SSH_USER@$SSH_HOST" \
|
|
"/usr/local/bin/actualize-tagebuch.sh" |