Switch to a containerized Wireguard approach #34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy | |
on: | |
push: | |
branches: ["master"] | |
pull_request: | |
branches: ["master"] | |
env: | |
NODE_ENV: production | |
GO_VERSION: "1.21.3" | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache-dependency-path: | | |
apps/client/go.sum | |
- uses: oven-sh/setup-bun@v1 | |
with: | |
bun-version: latest | |
- name: Install dependencies | |
run: bun install | |
- name: Build API | |
run: bun run build:api | |
- name: Build Navigator | |
run: bun run build:navigator | |
- name: Build Client | |
run: cd apps/client && ./build.sh | |
- name: Create .env | |
run: | | |
touch .env | |
echo MULLVAD_COUNTRIES=${{ vars.MULLVAD_COUNTRIES }} >> .env | |
echo OUTPUT_PATH=${{ vars.OUTPUT_PATH }} >> .env | |
echo PUBLIC_URL=${{ vars.PUBLIC_URL }} >> .env | |
echo JELLYFIN_API_KEY=${{ secrets.JELLYFIN_API_KEY }} >> .env | |
echo JWT_SECRET=${{ secrets.JWT_SECRET }} >> .env | |
echo MULLVAD_ACCOUNT=${{ secrets.MULLVAD_ACCOUNT }} >> .env | |
- name: Setup SSH | |
run: | | |
mkdir -p ~/.ssh/ | |
echo "${{ secrets.PRIV_KEY }}" > ~/.ssh/id_rsa | |
echo "${{ secrets.PUB_KEY }}" > ~/.ssh/id_rsa.pub | |
chmod 600 ~/.ssh/id_rsa | |
chmod 600 ~/.ssh/id_rsa.pub | |
ssh-keyscan -H ${{ secrets.IP }} >> ~/.ssh/known_hosts | |
- name: Copy builds to server | |
run: | | |
ssh root@${{ secrets.IP }} "mkdir -p /root/freeflix" | |
rsync -vrm ./dist/* root@${{ secrets.IP }}:/root/freeflix/dist --delete | |
ssh root@${{ secrets.IP }} "cd /root/freeflix && docker-compose --profile serve down; exit 0" | |
scp ./docker-compose.yml root@${{ secrets.IP }}:/root/freeflix/docker-compose.yml | |
scp ./.env root@${{ secrets.IP }}:/root/freeflix/.env | |
scp ./Caddyfile root@${{ secrets.IP }}:/root/freeflix/Caddyfile | |
- name: Start server | |
run: | | |
ssh root@${{ secrets.IP }} "cd /root/freeflix && docker-compose --profile serve up -d --build" |