generated from vincent/template-projet
Compare commits
21 Commits
feature/ph
...
dev
| Author | SHA1 | Date | |
|---|---|---|---|
| 88c3088cc1 | |||
| ae32eabc9c | |||
| 69a3e55aa9 | |||
| 001209d12c | |||
| c8088251dd | |||
| 7cc7ba66d8 | |||
| 3c6356b578 | |||
| 87d2f0add3 | |||
| 4eae30c0e5 | |||
| a39ff7b3b1 | |||
| c535d00947 | |||
| 12cfb49c87 | |||
| 046f542f6a | |||
| f733cd7d5b | |||
| 9ac18ecc8d | |||
| b2b1a3a0a0 | |||
| 03b5022016 | |||
| 87ea0515ad | |||
| b967a0d69b | |||
| d25bc84373 | |||
| a0004796ed |
@@ -11,7 +11,7 @@ DEBUG=false
|
||||
# --- Base de données PostgreSQL ---
|
||||
POSTGRES_DB=auditshield
|
||||
POSTGRES_USER=auditshield
|
||||
POSTGRES_PASSWORD=changeme-strong-password
|
||||
POSTGRES_PASSWORD=AuditShield!
|
||||
|
||||
# Construit automatiquement par docker-compose, à définir manuellement en dev local :
|
||||
DATABASE_URL=postgresql://auditshield:changeme-strong-password@localhost:5432/auditshield
|
||||
|
||||
@@ -17,15 +17,45 @@ jobs:
|
||||
id: env
|
||||
run: |
|
||||
if [ "${{ github.ref_name }}" = "main" ]; then
|
||||
echo "ENV=prod" >> $GITHUB_OUTPUT
|
||||
echo "COMPOSE_FILE=docker/docker-compose.prod.yml" >> $GITHUB_OUTPUT
|
||||
echo "PROJECT_PATH=/volume1/docker/auditshield-prod" >> $GITHUB_OUTPUT
|
||||
else
|
||||
echo "ENV=dev" >> $GITHUB_OUTPUT
|
||||
echo "COMPOSE_FILE=docker/docker-compose.yml" >> $GITHUB_OUTPUT
|
||||
echo "PROJECT_PATH=/volume1/docker/auditshield-dev" >> $GITHUB_OUTPUT
|
||||
fi
|
||||
|
||||
- name: Setup SSH key
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
echo "${{ secrets.NAS_SSH_KEY_B64 }}" | base64 -d > ~/.ssh/nas_key
|
||||
chmod 600 ~/.ssh/nas_key
|
||||
ssh-keyscan -p 22 ${{ secrets.NAS_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
|
||||
|
||||
- name: Copy files to NAS
|
||||
run: |
|
||||
ssh -i ~/.ssh/nas_key -o StrictHostKeyChecking=no root@${{ secrets.NAS_HOST }} \
|
||||
"mkdir -p ${{ steps.env.outputs.PROJECT_PATH }}"
|
||||
tar --exclude='.git' --exclude='node_modules' --exclude='.env' -czf - . | \
|
||||
ssh -i ~/.ssh/nas_key -o StrictHostKeyChecking=no root@${{ secrets.NAS_HOST }} \
|
||||
"tar -xzf - -C ${{ steps.env.outputs.PROJECT_PATH }}"
|
||||
|
||||
- name: Setup env file
|
||||
run: |
|
||||
ssh -i ~/.ssh/nas_key -o StrictHostKeyChecking=no root@${{ secrets.NAS_HOST }} \
|
||||
"cat > ${{ steps.env.outputs.PROJECT_PATH }}/.env << 'EOF'
|
||||
SECRET_KEY=${{ secrets.APP_SECRET_KEY }}
|
||||
DEBUG=false
|
||||
POSTGRES_DB=auditshield
|
||||
POSTGRES_USER=auditshield
|
||||
POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}
|
||||
DATABASE_URL=postgresql://auditshield:${{ secrets.POSTGRES_PASSWORD }}@postgres:5432/auditshield
|
||||
REDIS_URL=redis://redis:6379/0
|
||||
NEXT_PUBLIC_API_URL=https://auditshield.rigolet.tech
|
||||
DOMAIN=auditshield.rigolet.tech
|
||||
TAG=latest
|
||||
EOF"
|
||||
|
||||
- name: Deploy
|
||||
run: |
|
||||
docker compose -f ${{ steps.env.outputs.COMPOSE_FILE }} pull
|
||||
docker compose -f ${{ steps.env.outputs.COMPOSE_FILE }} up -d --remove-orphans
|
||||
docker image prune -f
|
||||
ssh -i ~/.ssh/nas_key -o StrictHostKeyChecking=no root@${{ secrets.NAS_HOST }} \
|
||||
"cd ${{ steps.env.outputs.PROJECT_PATH }} && /usr/local/bin/docker compose -f ${{ steps.env.outputs.COMPOSE_FILE }} up -d --build --remove-orphans && /usr/local/bin/docker image prune -f"
|
||||
|
||||
Reference in New Issue
Block a user