ci: add prod compose and deploy (#49)

Signed-off-by: Grzegorz Choiński <[email protected]>
Wallted · Jan 27, 2024 · 0f37889 · 0f37889
1 parent 640c5ed
commit 0f37889
Show file tree

Hide file tree

Showing 7 changed files with 89 additions and 47 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -6,8 +6,8 @@ on:
       - 'v*.*.*'
 
 env:
+  TAG: ${{github.ref_name}}
   IMAGE_NAME: ${{ vars.IMAGE_NAME }}
-  IMAGE_NAME_PROXY: ${{ vars.IMAGE_NAME_PROXY }}
   DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }}
   DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
   DOCKER_HUB_PASS: ${{ secrets.DOCKER_HUB_PASS }}
@@ -20,25 +20,38 @@ jobs:
     - uses: actions/checkout@v3
 
     - name: Build the Docker image
-      run: docker build ./Foodie --tag $IMAGE_NAME:${{github.ref_name}}
+      run: docker build ./Foodie --tag $IMAGE_NAME:$TAG
 
     - name: Publish image
       run: |
         docker login -u $DOCKER_HUB_USER -p $DOCKER_HUB_PASS
-        docker tag $IMAGE_NAME:${{github.ref_name}} $DOCKER_REGISTRY/$IMAGE_NAME:${{github.ref_name}}
-        docker push $DOCKER_REGISTRY/$IMAGE_NAME:${{github.ref_name}}
+        docker tag $IMAGE_NAME:$TAG $DOCKER_REGISTRY/$IMAGE_NAME:$TAG
+        docker push $DOCKER_REGISTRY/$IMAGE_NAME:$TAG
 
-  publish-nginx:
+  deploy:
     runs-on: ubuntu-latest
+    needs: [publish-dotnet]
 
     steps:
-    - uses: actions/checkout@v3
-
-    - name: Build the Docker image
-      run: docker build ./nginx -f ./nginx/Nginx.Dockerfile --tag $IMAGE_NAME_PROXY:${{github.ref_name}}
-
-    - name: Publish image
-      run: |
-        docker login -u $DOCKER_HUB_USER -p $DOCKER_HUB_PASS
-        docker tag $IMAGE_NAME_PROXY:${{github.ref_name}} $DOCKER_REGISTRY/$IMAGE_NAME_PROXY:${{github.ref_name}}
-        docker push $DOCKER_REGISTRY/$IMAGE_NAME_PROXY:${{github.ref_name}}
+    - name: setup env and docker compose up
+      uses: appleboy/ssh-action@master
+      env:
+        CERT_KEY_PATH: ${{ secrets.CERT_KEY_PATH }}
+        CERT_PATH: ${{ secrets.CERT_PATH }}
+        PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
+        CERTIFICATE: ${{ secrets.CERTIFICATE }}
+        NGINX_CONF: ${{ secrets.NGINX_CONF }}
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        password: ${{ secrets.PASSWORD }}
+        envs: TAG,IMAGE_NAME,DOCKER_REGISTRY,CERT_KEY_PATH,CERT_PATH,PRIVATE_KEY,CERTIFICATE,NGINX_CONF
+        script: |
+          rm -rf repo
+          git clone https://github.com/${{github.repository}} repo && cd repo
+          git fetch origin $TAG
+          git checkout $TAG
+          chmod +x ./setup_env.sh
+          ./setup_env.sh
+          docker-compose -f docker-compose.prod.yml down
+          docker-compose -f docker-compose.prod.yml up -d
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,5 @@
 .vs/
 .vscode/
+
+.nginx/
+.env
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
@@ -0,0 +1,37 @@
+version: "3.7"
+
+services:
+  kestrel:
+    container_name: foodie
+    image: "${DOCKER_REGISTRY}/${IMAGE_NAME}:${TAG}"
+    depends_on:
+      - db
+    restart: always
+
+  db:
+    container_name: mssql_db
+    user: root
+    image: "mcr.microsoft.com/mssql/server"
+    ports:
+      - "1433:1433"
+    environment:
+      SA_PASSWORD: "Your_password123"
+      ACCEPT_EULA: "Y"
+    volumes:
+      - mssql-data:/var/opt/mssql/data
+
+  reverseproxy:
+    image: nginx
+    depends_on:
+      - kestrel
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ${PWD}/.nginx/fullchain.pem:${CERT_PATH}
+      - ${PWD}/.nginx/privkey.pem:${CERT_KEY_PATH}
+      - ${PWD}/.nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+
+volumes:
+  mssql-data:
+    driver: local
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -29,7 +29,10 @@ services:
     ports:
       - "80:80"
       - "443:443"
-
+    volumes:
+      - ${PWD}/nginx/localhost.key:/etc/ssl/private/localhost.key:ro
+      - ${PWD}/nginx/localhost.crt:/etc/ssl/certs/localhost.crt:ro
+      - ${PWD}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
 volumes:
   mssql-data:
     driver: local
diff --git a/nginx/Nginx.Dockerfile b/nginx/Nginx.Dockerfile
@@ -1,5 +1,4 @@
 FROM nginx:latest
 
-COPY nginx.conf /etc/nginx/nginx.conf
-COPY localhost.crt /etc/ssl/certs/localhost.crt
-COPY localhost.key /etc/ssl/private/localhost.key
+RUN apt-get update
+RUN apt-get install -y certbot python3-certbot-nginx
diff --git a/nginx/localhost.csr b/nginx/localhost.csr
diff --git a/setup_env.sh b/setup_env.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+rm -rf .env
+echo TAG=$TAG >> .env
+echo IMAGE_NAME=$IMAGE_NAME >> .env
+echo DOCKER_REGISTRY=$DOCKER_REGISTRY >> .env
+echo CERT_PATH=$CERT_PATH >> .env
+echo CERT_KEY_PATH=$CERT_KEY_PATH >> .env
+
+rm -rf .nginx
+mkdir .nginx
+cd .nginx
+echo "$PRIVATE_KEY" > privkey.pem
+echo "$CERTIFICATE" > fullchain.pem
+echo "$NGINX_CONF" > nginx.conf