-
Notifications
You must be signed in to change notification settings - Fork 18
96 lines (95 loc) · 5.51 KB
/
deploy-billboard.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
name: Staging billboard deploy
on:
push:
branches:
- not
jobs:
messenger-demo-deploy:
environment: devconnect2023
runs-on: ubuntu-latest
if: false
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v3
with:
registry-url: 'https://npm.pkg.github.com'
node-version: 22.0.0
cache: 'yarn'
- name: Declare some variables
shell: bash
run: |
echo "sha_short=$(git rev-parse --short "$GITHUB_SHA")" >> "$GITHUB_ENV"
echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >> "$GITHUB_ENV"
echo "now=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
- name: Prepare SSH
run: |
mkdir ~/.ssh
echo "${{ secrets.HOST_SSH_PUBLIC_KEY }}" > ~/.ssh/known_hosts
echo "${{ secrets.DO_SSH_KEY }}" > ./ssh-key
chmod 600 ./ssh-key
- name: Create .env file
env:
TARGET_HOST: ${{ secrets.HOST_DOMAIN}}
TARGET_IP: ${{ secrets.IP_ADDRESS }}
run: |
echo "REACT_APP_ADDR_ENS_SUBDOMAIN=.addr.dm3.eth" >> ./.env.react
echo "REACT_APP_BACKEND=https://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_DEFAULT_DELIVERY_SERVICE=bb-ds.devconnect.dm3.eth" >> ./.env.react
echo "REACT_APP_DEFAULT_SERVICE=https://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_ETHEREUM_PROVIDER=${{ secrets.REACT_APP_ETHEREUM_PROVIDER }}" >> ./.env.react
echo "REACT_APP_PROFILE_BASE_URL=https://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_RESOLVER_BACKEND=https://${{ secrets.HOST_DOMAIN}}/resolver-handler" >> ./.env.react
echo "REACT_APP_USER_ENS_SUBDOMAIN=.user.dm3.eth" >> ./.env.react
echo "REACT_APP_WALLET_CONNECT_PROJECT_ID=${{ secrets.REACT_APP_WALLET_CONNECT_PROJECT_ID }}" >> ./.env.react
echo "REACT_APP_COMMIT_HASH=${{ env.sha_short }}" >> ./.env.react
echo "REACT_APP_BRANCH=${{ env.branch }}" >> ./.env.react
echo "REACT_APP_BUILD_TIME=${{ env.now }}" >> ./.env.react
echo "REACT_APP_CHAIN_ID=${{ vars.CHAIN_ID }}" >> ./.env.react
cat ./.env.react >> ./.env
echo "BILLBOARD_SIGNER_PRIVATE_KEY=${{ secrets.BILLBOARD_SIGNER_PRIVATE_KEY }}" >> ./.env
echo "RESOLVER_ADDR=0xae6646c22D8eE6479eE0a39Bf63B9bD9e57bAD9d" >> ./.env
echo "SIGNING_PUBLIC_KEY=${{ secrets.SIGNING_PUBLIC_KEY }}" >> ./.env
echo "SIGNING_PRIVATE_KEY=${{ secrets.SIGNING_PRIVATE_KEY }}" >> ./.env
echo "SIGNER_PRIVATE_KEY=${{ secrets.SIGNER_PRIVATE_KEY }}" >> ./.env
echo "SPAM_PROTECTION=${{ secrets.SPAM_PROTECTION }}" >> ./.env
echo "ENCRYPTION_PUBLIC_KEY=${{ secrets.ENCRYPTION_PUBLIC_KEY }}" >> ./.env
echo "ENCRYPTION_PRIVATE_KEY=${{ secrets.ENCRYPTION_PRIVATE_KEY }}" >> ./.env
echo "RPC=${{ secrets.RPC }}" >> ./.env
echo "BILLBOARD_PRIVATE_KEY=${{ secrets.BILLBOARD_PRIVATE_KEY }}" >> ./.env
echo "interceptor=${{ secrets.INTERCEPTOR }}" >> ./.env
echo "DISABLE_SESSION_CHECK='true'" >> ./.env
echo "BILLBOARD_NAMES=${{ secrets.BILLBOARD_NAMES }}" >> ./.env
echo "CERT_MAIL=${{ secrets.CERT_MAIL }}" >> ./.env
echo "URL=${{ secrets.HOST_DOMAIN}}" >> ./.env
envsubst '${TARGET_HOST}' < ./docker/billboard/nginx.conf > ./nginx.conf
cat ./.env
- name: Build docker image
run: |
cp ./.env.react packages/messenger-demo/.env
docker build --progress=plain -t dm3-backend:latest -f ./docker/Dockerfile .
docker save -o ./dm3-backend.tar dm3-backend:latest
- name: Sync files
run: |
rsync -avz -e 'ssh -i ./ssh-key' ./.env app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./dm3-backend.tar app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./nginx.conf app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./docker/billboard/docker-compose.yml app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
- name: Prepare docker
run: |
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker compose down && docker system prune -af"
ssh -i ./ssh-key root@${{ secrets.HOST_DOMAIN}} "\
systemctl restart docker.service"
- name: Load docker image
run: |
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker load -i dm3-backend.tar; \
rm dm3-backend.tar || true"
- name: Firewall config
run: |
ssh -i ./ssh-key root@${{ secrets.HOST_DOMAIN}} "\
ufw allow from 172.18.0.1/16 proto tcp to ${{ secrets.IP_ADDRESS }} port 80"
- name: Start
run: |
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker compose --env-file .env up -d"