Merge pull request 'Changed network' (#1) from changed-network into main

Reviewed-on: #1
2025-11-11 11:49:28 +01:00
parent fd28eccdf4 bfa8d525a2
commit f1384a8197
5 changed files with 81 additions and 11 deletions
--- a/.gitea/workflows/workflow.yaml
+++ b/.gitea/workflows/workflow.yaml
@@ -15,6 +15,8 @@ env:
  # Set the absolute path for your production deployment on the remote server.
  REMOTE_PROD_PATH: /var/app/traefik/prod

+  REMOTE_STAGING_PATH: /var/app/traefik/staging
+
  SSH_HOST: ${{ secrets.SSH_HOST }}
  SSH_USER: ${{ secrets.SSH_USER }}
  SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
@@ -90,13 +92,23 @@ jobs:
          source: "./"
          target: "${{ needs.prepare_deployment_vars.outputs.deploy_path }}"

-  run_docker_compose:
-    name: Run docker-compose remotely
+      - name: Sync file via scp (staging)
+        if: github.ref == 'refs/heads/main'
+        uses: appleboy/scp-action@master
+        with:
+          host: ${{ env.SSH_HOST }}
+          username: ${{ env.SSH_USER }}
+          key: ${{ env.SSH_PRIVATE_KEY }}
+          port: ${{ env.SSH_PORT }}
+          source: "./"
+          target: ${{ env.REMOTE_STAGING_PATH }}
+
+  run_docker_compose_dev:
+    name: Run docker-compose remotely (Dev)
    runs-on: ubuntu-latest
    needs: [sync_repo_files, prepare_deployment_vars]
    if: |
      (github.event_name == 'pull_request' && github.event.action != 'closed' && github.event.pull_request.merged == false)
-      || github.ref == 'refs/heads/main'
    steps:
      - name: Setup SSH
        uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
@@ -114,7 +126,57 @@ jobs:
          chmod 644 ~/.ssh/known_hosts

      - name: Run docker-compose on remote host
-        run: ssh -p "$SSH_PORT" $SSH_USER@$SSH_HOST "cd '${{ needs.prepare_deployment_vars.outputs.deploy_path }}' && docker-compose up -d --build"
+        run: ssh -p "$SSH_PORT" $SSH_USER@$SSH_HOST "cd '${{ needs.prepare_deployment_vars.outputs.deploy_path }}' && docker-compose --env-file dev.env -f docker-compose.yaml up -d --build"
+
+  run_docker_compose_staging:
+    name: Run docker-compose remotely (Staging)
+    runs-on: ubuntu-latest
+    needs: [sync_repo_files, prepare_deployment_vars]
+    if: |
+      (github.ref == 'refs/heads/main')
+    steps:
+      - name: Setup SSH
+        uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+        with:
+          ssh-private-key: ${{ env.SSH_PRIVATE_KEY }}
+
+      - name: Add host to known_hosts
+        run: |
+          mkdir -p ~/.ssh
+          chmod 700 ~/.ssh
+          ssh-keyscan -p "$SSH_PORT" -T 10 -H "$SSH_HOST" >> ~/.ssh/known_hosts 2>/dev/null || {
+            echo "::error::Failed to ssh-keyscan $SSH_HOST:$SSH_PORT"
+            exit 1
+          }
+          chmod 644 ~/.ssh/known_hosts
+
+      - name: Run docker-compose on remote host
+        run: ssh -p "$SSH_PORT" $SSH_USER@$SSH_HOST "cd '${REMOTE_STAGING_PATH}' && docker-compose --env-file staging.env -f docker-compose.yaml up -d --build"
+
+  run_docker_compose_prod:
+    name: Run docker-compose remotely (Prod)
+    runs-on: ubuntu-latest
+    needs: [sync_repo_files, prepare_deployment_vars]
+    if: |
+      (github.ref == 'refs/heads/main')
+    steps:
+      - name: Setup SSH
+        uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+        with:
+          ssh-private-key: ${{ env.SSH_PRIVATE_KEY }}
+
+      - name: Add host to known_hosts
+        run: |
+          mkdir -p ~/.ssh
+          chmod 700 ~/.ssh
+          ssh-keyscan -p "$SSH_PORT" -T 10 -H "$SSH_HOST" >> ~/.ssh/known_hosts 2>/dev/null || {
+            echo "::error::Failed to ssh-keyscan $SSH_HOST:$SSH_PORT"
+            exit 1
+          }
+          chmod 644 ~/.ssh/known_hosts
+
+      - name: Run docker-compose on remote host
+        run: ssh -p "$SSH_PORT" $SSH_USER@$SSH_HOST "cd '${{ needs.prepare_deployment_vars.outputs.deploy_path }}' && docker-compose --env-file prod.env -f docker-compose.yaml up -d --build"

  cleanup_mr_environment:
    name: Cleanup MR environment
--- a/dev.env
+++ b/dev.env
@@ -0,0 +1,3 @@
+PORT=898
+ENV=dev
+NETWORK_NAME=proxy
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -11,11 +11,11 @@ services:
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.network=proxy"
-      - "--providers.docker.constraints=Label(`env`, `prod`)"
-      - "--entryPoints.web.address=:82"
+      - "--providers.docker.constraints=Label(`env`, `${ENV}`)"
+      - "--entryPoints.web.address=:80"
    ports:
-      - "82:82"
-      - "8081:8080"
+      - "${PORT}:80"
+      - "8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

@@ -25,10 +25,9 @@ services:
    networks:
      - proxy
    labels:
-      - "env=prod"
+      - "env=${ENV}"
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"
      - "traefik.http.routers.whoami.entrypoints=web"
-
 networks:
-  proxy:
+  proxy:
--- a/prod.env
+++ b/prod.env
@@ -0,0 +1,3 @@
+PORT=81
+ENV=prod
+NETWORK_NAME=proxy
--- a/staging.env
+++ b/staging.env
@@ -0,0 +1,3 @@
+PORT=8080
+ENV=staging
+NETWORK_NAME=proxy