182 lines
6.2 KiB
YAML
182 lines
6.2 KiB
YAML
name: Deploy Production (merchbay.com)
|
||
|
||
on:
|
||
push:
|
||
branches:
|
||
- main
|
||
- master
|
||
workflow_dispatch:
|
||
|
||
jobs:
|
||
deploy:
|
||
runs-on: ubuntu-latest
|
||
container:
|
||
image: catthehacker/ubuntu:act-latest
|
||
|
||
steps:
|
||
# 1️⃣ Checkout code
|
||
- name: Checkout code
|
||
shell: sh
|
||
run: |
|
||
git clone $GITHUB_SERVER_URL/$GITHUB_REPOSITORY.git /workspace/repo
|
||
cd /workspace/repo
|
||
git checkout $GITHUB_REF_NAME
|
||
|
||
# 2️⃣ Build image
|
||
- name: Build Docker image
|
||
shell: sh
|
||
run: |
|
||
cd /workspace/repo
|
||
docker build -t merchbay:latest .
|
||
docker save merchbay:latest | gzip > merchbay.tar.gz
|
||
|
||
# 3️⃣ Setup SSH
|
||
- name: Setup SSH
|
||
shell: sh
|
||
env:
|
||
DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
|
||
DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
|
||
run: |
|
||
mkdir -p ~/.ssh
|
||
chmod 700 ~/.ssh
|
||
echo "$DEPLOY_SSH_KEY" > ~/.ssh/id_ed25519
|
||
chmod 600 ~/.ssh/id_ed25519
|
||
ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts
|
||
|
||
# 4️⃣ Upload artifacts
|
||
- name: Upload image and compose
|
||
shell: sh
|
||
env:
|
||
DEPLOY_USER: ${{ secrets.DEPLOY_USER }}
|
||
DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
|
||
run: |
|
||
scp -i ~/.ssh/id_ed25519 \
|
||
/workspace/repo/merchbay.tar.gz \
|
||
/workspace/repo/docker-compose.prod.yml \
|
||
${DEPLOY_USER}@${DEPLOY_HOST}:/tmp/
|
||
|
||
# 5️⃣ Deploy on server
|
||
- name: Deploy on server
|
||
shell: sh
|
||
env:
|
||
DEPLOY_USER: ${{ secrets.DEPLOY_USER }}
|
||
DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
|
||
|
||
run: |
|
||
ssh -i ~/.ssh/id_ed25519 $DEPLOY_USER@$DEPLOY_HOST << 'EOF'
|
||
set -e
|
||
|
||
DEPLOY_DIR="/var/www/apps/merchbay"
|
||
sudo mkdir -p "$DEPLOY_DIR"
|
||
sudo chown $USER:$USER "$DEPLOY_DIR"
|
||
|
||
echo "<22> Stopping dev environment"
|
||
DEV_DIR="/var/www/apps/merchbay_dev"
|
||
if [ -d "$DEV_DIR" ]; then
|
||
cd "$DEV_DIR"
|
||
docker compose down || true
|
||
cd -
|
||
echo "✅ Dev environment stopped"
|
||
echo "📋 Copying .env from dev to production"
|
||
if [ -f "$DEV_DIR/.env" ]; then
|
||
cp "$DEV_DIR/.env" "$DEPLOY_DIR/.env"
|
||
echo "✅ .env file copied from dev to production"
|
||
else
|
||
echo "⚠️ No .env file found in dev directory"
|
||
fi else
|
||
echo "ℹ️ No dev environment found"
|
||
fi
|
||
|
||
echo "📦 Loading image"
|
||
docker load < /tmp/merchbay.tar.gz
|
||
|
||
echo "🧹 Removing dev images and old merchbay images"
|
||
docker images | grep "merchbay:dev" | awk '{print $3}' | xargs -r docker rmi -f || true
|
||
docker images | grep merchbay | grep -v "$(docker images merchbay:latest -q)" | awk '{print $3}' | xargs -r docker rmi -f || true
|
||
|
||
echo "📄 Updating compose file"
|
||
cp /tmp/docker-compose.prod.yml "$DEPLOY_DIR/docker-compose.yml"
|
||
|
||
cd "$DEPLOY_DIR"
|
||
|
||
echo "🔍 Checking .env file"
|
||
if [ ! -f .env ]; then
|
||
echo "❌ .env file not found at $DEPLOY_DIR/.env"
|
||
echo "Please create it first with required variables:"
|
||
echo " - DB_*, PROD_PRIVATE, IMAGES_URL, UPLOAD_URL"
|
||
echo " - MAIL_*, CAPTCHA_*, ANALYTICS_*"
|
||
exit 1
|
||
fi
|
||
|
||
echo "🔧 Fixing .env permissions"
|
||
sudo chown $USER:$USER .env
|
||
sudo chmod 600 .env
|
||
|
||
echo "🌐 Ensure networks"
|
||
docker network inspect traefik-public >/dev/null 2>&1 || \
|
||
docker network create traefik-public
|
||
docker network inspect crew-app-net >/dev/null 2>&1 || \
|
||
docker network create crew-app-net
|
||
|
||
echo "🚀 Starting containers (env vars from .env file)"
|
||
docker compose up -d
|
||
|
||
echo "⏳ Waiting for app container"
|
||
sleep 15
|
||
|
||
if docker ps --format '{{.Names}}' | grep -q merchbay_app; then
|
||
echo "🧹 Clearing and rebuilding config cache"
|
||
docker compose exec -T app php artisan config:clear
|
||
docker compose exec -T app php artisan config:cache
|
||
else
|
||
echo "❌ App container not running"
|
||
docker compose logs
|
||
exit 1
|
||
fi
|
||
|
||
echo "🧹 Cleanup"
|
||
rm -f /tmp/merchbay.tar.gz /tmp/docker-compose.prod.yml
|
||
|
||
echo "🧹 Aggressive Docker cleanup to reclaim space"
|
||
docker image prune -af --filter "until=24h" || true
|
||
docker container prune -f || true
|
||
docker volume prune -f || true
|
||
docker builder prune -af --filter "until=48h" || true
|
||
echo "📊 Docker space usage:"
|
||
docker system df
|
||
|
||
echo "✅ Production deployment completed!"
|
||
echo "🌐 Application available at: https://merchbay.com"
|
||
EOF
|
||
|
||
# 6️⃣ Health check
|
||
- name: Health check
|
||
shell: sh
|
||
run: |
|
||
echo "⏳ Waiting for app to be ready..."
|
||
sleep 20
|
||
|
||
echo "🔍 Testing health check..."
|
||
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" --max-time 30 https://merchbay.com || echo "000")
|
||
|
||
if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "302" ] || [ "$HTTP_CODE" = "301" ]; then
|
||
echo "✅ Health check passed! (HTTP $HTTP_CODE)"
|
||
echo "🎉 Production deployment successful!"
|
||
else
|
||
echo "❌ Health check failed! (HTTP $HTTP_CODE)"
|
||
echo ""
|
||
echo "💡 Troubleshooting:"
|
||
echo " 1. Check if container is running:"
|
||
echo " docker ps | grep merchbay_app"
|
||
echo ""
|
||
echo " 2. Check app logs:"
|
||
echo " docker logs merchbay_app"
|
||
echo ""
|
||
echo " 3. Check Traefik logs:"
|
||
echo " docker logs traefik"
|
||
echo ""
|
||
echo " 4. Test manually:"
|
||
echo " curl -Ik https://merchbay.com"
|
||
exit 1
|
||
fi
|