name: Deploy Production (merchbay.com) on: push: branches: - main - master workflow_dispatch: jobs: deploy: runs-on: ubuntu-latest container: image: catthehacker/ubuntu:act-latest steps: # 1️⃣ Checkout code - name: Checkout code shell: sh run: | git clone $GITHUB_SERVER_URL/$GITHUB_REPOSITORY.git /workspace/repo cd /workspace/repo git checkout $GITHUB_REF_NAME # 2️⃣ Build image - name: Build Docker image shell: sh run: | cd /workspace/repo docker build -t merchbay:latest . docker save merchbay:latest | gzip > merchbay.tar.gz # 3️⃣ Setup SSH - name: Setup SSH shell: sh env: DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }} DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} run: | mkdir -p ~/.ssh chmod 700 ~/.ssh echo "$DEPLOY_SSH_KEY" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts # 4️⃣ Upload artifacts - name: Upload image and compose shell: sh env: DEPLOY_USER: ${{ secrets.DEPLOY_USER }} DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} run: | scp -i ~/.ssh/id_ed25519 \ /workspace/repo/merchbay.tar.gz \ /workspace/repo/docker-compose.prod.yml \ ${DEPLOY_USER}@${DEPLOY_HOST}:/tmp/ # 5️⃣ Deploy on server - name: Deploy on server shell: sh env: DEPLOY_USER: ${{ secrets.DEPLOY_USER }} DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} run: | ssh -i ~/.ssh/id_ed25519 $DEPLOY_USER@$DEPLOY_HOST << 'EOF' set -e DEPLOY_DIR="/var/www/apps/merchbay" sudo mkdir -p "$DEPLOY_DIR" sudo chown $USER:$USER "$DEPLOY_DIR" echo "� Stopping dev environment" DEV_DIR="/var/www/apps/merchbay_dev" if [ -d "$DEV_DIR" ]; then cd "$DEV_DIR" docker compose down || true cd - echo "✅ Dev environment stopped" echo "📋 Copying .env from dev to production" if [ -f "$DEV_DIR/.env" ]; then cp "$DEV_DIR/.env" "$DEPLOY_DIR/.env" echo "✅ .env file copied from dev to production" else echo "⚠️ No .env file found in dev directory" fi else echo "ℹ️ No dev environment found" fi echo "📦 Loading image" docker load < /tmp/merchbay.tar.gz echo "🧹 Removing dev images and old merchbay images" docker images | grep "merchbay:dev" | awk '{print $3}' | xargs -r docker rmi -f || true docker images | grep merchbay | grep -v "$(docker images merchbay:latest -q)" | awk '{print $3}' | xargs -r docker rmi -f || true echo "📄 Updating compose file" cp /tmp/docker-compose.prod.yml "$DEPLOY_DIR/docker-compose.yml" cd "$DEPLOY_DIR" echo "🔍 Checking .env file" if [ ! -f .env ]; then echo "❌ .env file not found at $DEPLOY_DIR/.env" echo "Please create it first with required variables:" echo " - DB_*, PROD_PRIVATE, IMAGES_URL, UPLOAD_URL" echo " - MAIL_*, CAPTCHA_*, ANALYTICS_*" exit 1 fi echo "🔧 Fixing .env permissions" sudo chown $USER:$USER .env sudo chmod 600 .env echo "🌐 Ensure networks" docker network inspect traefik-public >/dev/null 2>&1 || \ docker network create traefik-public docker network inspect crew-app-net >/dev/null 2>&1 || \ docker network create crew-app-net echo "🚀 Starting containers (env vars from .env file)" docker compose up -d echo "⏳ Waiting for app container" sleep 15 if docker ps --format '{{.Names}}' | grep -q merchbay_app; then echo "🧹 Clearing and rebuilding config cache" docker compose exec -T app php artisan config:clear docker compose exec -T app php artisan config:cache else echo "❌ App container not running" docker compose logs exit 1 fi echo "🧹 Cleanup" rm -f /tmp/merchbay.tar.gz /tmp/docker-compose.prod.yml echo "🧹 Aggressive Docker cleanup to reclaim space" docker image prune -af --filter "until=24h" || true docker container prune -f || true docker volume prune -f || true docker builder prune -af --filter "until=48h" || true echo "📊 Docker space usage:" docker system df echo "✅ Production deployment completed!" echo "🌐 Application available at: https://merchbay.com" EOF # 6️⃣ Health check - name: Health check shell: sh run: | echo "⏳ Waiting for app to be ready..." sleep 20 echo "🔍 Testing health check..." HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" --max-time 30 https://merchbay.com || echo "000") if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "302" ] || [ "$HTTP_CODE" = "301" ]; then echo "✅ Health check passed! (HTTP $HTTP_CODE)" echo "🎉 Production deployment successful!" else echo "❌ Health check failed! (HTTP $HTTP_CODE)" echo "" echo "💡 Troubleshooting:" echo " 1. Check if container is running:" echo " docker ps | grep merchbay_app" echo "" echo " 2. Check app logs:" echo " docker logs merchbay_app" echo "" echo " 3. Check Traefik logs:" echo " docker logs traefik" echo "" echo " 4. Test manually:" echo " curl -Ik https://merchbay.com" exit 1 fi