From 908b90f549e22557e71e21f6015523d96ea6344e Mon Sep 17 00:00:00 2001 From: theoleuthardt Date: Sat, 22 Feb 2025 23:51:27 +0100 Subject: [PATCH 1/7] fix: run workflow anyway --- .github/workflows/deploy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 8b33032..6ff62b9 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -18,7 +18,6 @@ on: jobs: build-push-deploy: - if: github.event.pull_request.merged == true runs-on: ubuntu-latest steps: From b7e98ddf9a37ed3e81235c761995960d0f38b229 Mon Sep 17 00:00:00 2001 From: theoleuthardt Date: Sat, 22 Feb 2025 23:56:04 +0100 Subject: [PATCH 2/7] fix: renaming --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 6ff62b9..1415e47 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,4 +1,4 @@ -name: Build, Push and Deploy +name: Deploy Werkzeugkiste! on: pull_request: @@ -17,7 +17,7 @@ on: - 'FR FR' jobs: - build-push-deploy: + docker-build-push: runs-on: ubuntu-latest steps: From 6337080ac02eaa73d1cc995e9e08dd4edee6bfae Mon Sep 17 00:00:00 2001 From: theoleuthardt Date: Sun, 23 Feb 2025 00:20:20 +0100 Subject: [PATCH 3/7] fix: SSH connections for docker deployment on server --- .github/workflows/deploy.yml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 1415e47..683dd99 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -45,4 +45,18 @@ jobs: with: context: ./backend push: true - tags: ${{ secrets.DOCKERHUB_USERNAME }}/werkzeugkiste-backend:latest \ No newline at end of file + tags: ${{ secrets.DOCKERHUB_USERNAME }}/werkzeugkiste-backend:latest + + deploy-on-server: + runs-on: ubuntu-latest + + steps: + - name: Deploy on Server + uses: appleboy/ssh-action@v1.0.0 + with: + host: ${{ secrets.SSH_HOST }} + username: ${{ secrets.SSH_USERNAME }} + key: ${{ secrets.SSH_PRIVATE_KEY }} + script: | + cd /home/theo/docker/werkzeugkiste + docker compose up -d --pull always \ No newline at end of file From 5079fdb97cba92532230060ebbffe622decdb0e0 Mon Sep 17 00:00:00 2001 From: theoleuthardt Date: Sun, 23 Feb 2025 00:34:07 +0100 Subject: [PATCH 4/7] fix: vpn connection to home --- .github/workflows/deploy.yml | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 683dd99..a18a32e 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -48,15 +48,28 @@ jobs: tags: ${{ secrets.DOCKERHUB_USERNAME }}/werkzeugkiste-backend:latest deploy-on-server: + needs: docker-build-push runs-on: ubuntu-latest steps: + - name: Install OpenVPN + run: | + sudo apt-get update + sudo apt-get install -y openvpn + + - name: Connect to VPN + run: | + echo "${{ secrets.VPN_CONFIG }}" > config.ovpn + sudo openvpn --config config.ovpn --daemon + sleep 10 + - name: Deploy on Server - uses: appleboy/ssh-action@v1.0.0 + uses: appleboy/ssh-action@v1.2.1 with: host: ${{ secrets.SSH_HOST }} username: ${{ secrets.SSH_USERNAME }} - key: ${{ secrets.SSH_PRIVATE_KEY }} + password: ${{ secrets.SSH_PASSWORD }} + port: ${{ secrets.PORT }} script: | - cd /home/theo/docker/werkzeugkiste + cd "${{ secrets.HOMELAB_PATH }}" docker compose up -d --pull always \ No newline at end of file From 13325e4339667ea99a48868f7f0f7c766bdd1b9e Mon Sep 17 00:00:00 2001 From: theoleuthardt Date: Sun, 23 Feb 2025 00:57:16 +0100 Subject: [PATCH 5/7] fix: connect to server with ssh key instead of password (safety first) --- .github/workflows/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a18a32e..24a4658 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -68,7 +68,8 @@ jobs: with: host: ${{ secrets.SSH_HOST }} username: ${{ secrets.SSH_USERNAME }} - password: ${{ secrets.SSH_PASSWORD }} + key: ${{ secrets.SSH_KEY }} + passphrase: ${{ secrets.SSH_PASSPHRASE }} port: ${{ secrets.PORT }} script: | cd "${{ secrets.HOMELAB_PATH }}" From e2dd186339c348480bad8f0853ee10e12aad78d7 Mon Sep 17 00:00:00 2001 From: theoleuthardt Date: Sun, 23 Feb 2025 01:09:20 +0100 Subject: [PATCH 6/7] fix: permission denied dodge --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 24a4658..fdba931 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -73,4 +73,4 @@ jobs: port: ${{ secrets.PORT }} script: | cd "${{ secrets.HOMELAB_PATH }}" - docker compose up -d --pull always \ No newline at end of file + sudo docker compose up -d --pull always \ No newline at end of file From cc3e0e63b260bda0bce5581ee3432e0f25ba32ff Mon Sep 17 00:00:00 2001 From: theoleuthardt Date: Sun, 23 Feb 2025 01:22:07 +0100 Subject: [PATCH 7/7] fix: wireguard on top --- .github/workflows/deploy.yml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index fdba931..0d5ae71 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -52,16 +52,23 @@ jobs: runs-on: ubuntu-latest steps: - - name: Install OpenVPN + - name: Install Wireguard run: | sudo apt-get update - sudo apt-get install -y openvpn + sudo apt-get install -y wireguard-tools - - name: Connect to VPN + - name: Setup Wireguard Configuration run: | - echo "${{ secrets.VPN_CONFIG }}" > config.ovpn - sudo openvpn --config config.ovpn --daemon + sudo mkdir -p /etc/wireguard + echo "${{ secrets.VPN_CONFIG }}" | sudo tee /etc/wireguard/wg0.conf > /dev/null + sudo chmod 600 /etc/wireguard/wg0.conf + + - name: Connect to Wireguard + run: | + sudo wg-quick up wg0 sleep 10 + sudo wg show + - name: Deploy on Server uses: appleboy/ssh-action@v1.2.1