Add gateway deploy workflow
Some checks failed
Build and Deploy Gateway / build-and-deploy (push) Failing after 39s
Some checks failed
Build and Deploy Gateway / build-and-deploy (push) Failing after 39s
This commit is contained in:
@@ -1,4 +1,4 @@
|
||||
name: Build Gateway Image
|
||||
name: Build and Deploy Gateway
|
||||
|
||||
on:
|
||||
push:
|
||||
@@ -9,19 +9,24 @@ env:
|
||||
DEPLOY_PATH: /opt/vpn-proxy
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
build-and-deploy:
|
||||
runs-on: lxc-111
|
||||
steps:
|
||||
- name: Clone repository
|
||||
env:
|
||||
GIT_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
|
||||
run: |
|
||||
set -euo pipefail
|
||||
SERVER_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
|
||||
git clone --depth 2 "http://${{ gitea.actor }}:${GIT_TOKEN}@${SERVER_HOST}/${{ gitea.repository }}.git" .
|
||||
rm -rf repo
|
||||
git clone --depth 2 "http://${{ gitea.actor }}:${GIT_TOKEN}@${SERVER_HOST}/${{ gitea.repository }}.git" repo
|
||||
cd repo
|
||||
git checkout ${{ gitea.sha }}
|
||||
|
||||
- name: Build and push gateway image
|
||||
run: |
|
||||
set -euo pipefail
|
||||
cd repo
|
||||
REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
|
||||
IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway"
|
||||
|
||||
@@ -30,71 +35,10 @@ jobs:
|
||||
docker push "${IMAGE}:latest"
|
||||
docker push "${IMAGE}:${{ gitea.sha }}"
|
||||
|
||||
deploy:
|
||||
needs: build
|
||||
runs-on: lxc-111
|
||||
steps:
|
||||
- name: Deploy gateway to LXC 111
|
||||
run: |
|
||||
set -euo pipefail
|
||||
|
||||
cd repo
|
||||
REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
|
||||
IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway"
|
||||
|
||||
echo "Logging into registry..."
|
||||
echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "$REGISTRY_HOST" -u "${{ gitea.actor }}" --password-stdin
|
||||
|
||||
echo "Preparing deploy directory: ${{ env.DEPLOY_PATH }}"
|
||||
mkdir -p "${{ env.DEPLOY_PATH }}"
|
||||
|
||||
cat > "${{ env.DEPLOY_PATH }}/docker-compose.server.yml" <<EOF
|
||||
services:
|
||||
vpn-proxy-gateway:
|
||||
image: ${IMAGE}:latest
|
||||
container_name: vpn-proxy-gateway
|
||||
network_mode: host
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
- NET_RAW
|
||||
env_file:
|
||||
- .env
|
||||
environment:
|
||||
DATA_DIR: /var/lib/vpn-proxy
|
||||
SING_BOX_CONFIG: /etc/sing-box/config.json
|
||||
SING_BOX_CACHE: /var/lib/sing-box/cache.db
|
||||
volumes:
|
||||
- vpn-proxy-data:/var/lib/vpn-proxy
|
||||
- sing-box-cache:/var/lib/sing-box
|
||||
restart: unless-stopped
|
||||
|
||||
volumes:
|
||||
vpn-proxy-data:
|
||||
sing-box-cache:
|
||||
EOF
|
||||
|
||||
if [ ! -f "${{ env.DEPLOY_PATH }}/.env" ]; then
|
||||
cat > "${{ env.DEPLOY_PATH }}/.env" <<'EOF'
|
||||
PORT=3456
|
||||
PROXY_PORT=8080
|
||||
TPROXY_PORT=7895
|
||||
TPROXY_MARK=1
|
||||
TPROXY_TABLE=100
|
||||
TPROXY_CHAIN=VPN_PROXY_TPROXY
|
||||
ROUTING_RU_DIRECT=true
|
||||
LOG_LEVEL=info
|
||||
EOF
|
||||
echo "Created default .env. Existing deployments can edit ${{ env.DEPLOY_PATH }}/.env and it will be preserved."
|
||||
else
|
||||
echo "Preserving existing .env"
|
||||
fi
|
||||
|
||||
cd "${{ env.DEPLOY_PATH }}"
|
||||
|
||||
echo "Pulling latest image..."
|
||||
docker compose -f docker-compose.server.yml pull
|
||||
|
||||
echo "Starting gateway..."
|
||||
docker compose -f docker-compose.server.yml up -d
|
||||
|
||||
echo "Current container:"
|
||||
docker ps --filter "name=vpn-proxy-gateway"
|
||||
DEPLOY_PATH="${{ env.DEPLOY_PATH }}" GATEWAY_IMAGE="${IMAGE}:latest" bash scripts/deploy-gateway.sh
|
||||
|
||||
60
scripts/deploy-gateway.sh
Normal file
60
scripts/deploy-gateway.sh
Normal file
@@ -0,0 +1,60 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
DEPLOY_PATH="${DEPLOY_PATH:-/opt/vpn-proxy}"
|
||||
GATEWAY_IMAGE="${GATEWAY_IMAGE:?GATEWAY_IMAGE is required}"
|
||||
|
||||
echo "Preparing deploy directory: ${DEPLOY_PATH}"
|
||||
mkdir -p "${DEPLOY_PATH}"
|
||||
|
||||
cat > "${DEPLOY_PATH}/docker-compose.server.yml" <<EOF
|
||||
services:
|
||||
vpn-proxy-gateway:
|
||||
image: ${GATEWAY_IMAGE}
|
||||
container_name: vpn-proxy-gateway
|
||||
network_mode: host
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
- NET_RAW
|
||||
env_file:
|
||||
- .env
|
||||
environment:
|
||||
DATA_DIR: /var/lib/vpn-proxy
|
||||
SING_BOX_CONFIG: /etc/sing-box/config.json
|
||||
SING_BOX_CACHE: /var/lib/sing-box/cache.db
|
||||
volumes:
|
||||
- vpn-proxy-data:/var/lib/vpn-proxy
|
||||
- sing-box-cache:/var/lib/sing-box
|
||||
restart: unless-stopped
|
||||
|
||||
volumes:
|
||||
vpn-proxy-data:
|
||||
sing-box-cache:
|
||||
EOF
|
||||
|
||||
if [ ! -f "${DEPLOY_PATH}/.env" ]; then
|
||||
cat > "${DEPLOY_PATH}/.env" <<'EOF'
|
||||
PORT=3456
|
||||
PROXY_PORT=8080
|
||||
TPROXY_PORT=7895
|
||||
TPROXY_MARK=1
|
||||
TPROXY_TABLE=100
|
||||
TPROXY_CHAIN=VPN_PROXY_TPROXY
|
||||
ROUTING_RU_DIRECT=true
|
||||
LOG_LEVEL=info
|
||||
EOF
|
||||
echo "Created default .env. Edit ${DEPLOY_PATH}/.env if this server needs different ports."
|
||||
else
|
||||
echo "Preserving existing .env"
|
||||
fi
|
||||
|
||||
cd "${DEPLOY_PATH}"
|
||||
|
||||
echo "Pulling image: ${GATEWAY_IMAGE}"
|
||||
docker compose -f docker-compose.server.yml pull
|
||||
|
||||
echo "Starting gateway..."
|
||||
docker compose -f docker-compose.server.yml up -d
|
||||
|
||||
echo "Current container:"
|
||||
docker ps --filter "name=vpn-proxy-gateway"
|
||||
Reference in New Issue
Block a user