dokril/vpn-proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Add gateway deploy workflow
Some checks failed
Build and Deploy Gateway / build-and-deploy (push) Failing after 39s
Details

Browse Source
This commit is contained in:
Dmitriy Petrov
2026-05-08 16:36:41 +03:00
parent 88eef527d5
commit 03885d2e09
2 changed files with 71 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
.gitea/workflows/gateway-build.yml
View File

@@ -1,4 +1,4 @@
name: Build Gateway Image name: Build and Deploy Gateway
on: on:
push: push:
@@ -9,19 +9,24 @@ env:
DEPLOY_PATH: /opt/vpn-proxy DEPLOY_PATH: /opt/vpn-proxy
jobs: jobs:
build: build-and-deploy:
runs-on: ubuntu-latest runs-on: lxc-111
steps: steps:
- name: Clone repository - name: Clone repository
env: env:
GIT_TOKEN: ${{ secrets.REGISTRY_TOKEN }} GIT_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
run: | run: |
set -euo pipefail
SERVER_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||') SERVER_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
git clone --depth 2 "http://${{ gitea.actor }}:${GIT_TOKEN}@${SERVER_HOST}/${{ gitea.repository }}.git" . rm -rf repo
git clone --depth 2 "http://${{ gitea.actor }}:${GIT_TOKEN}@${SERVER_HOST}/${{ gitea.repository }}.git" repo
cd repo
git checkout ${{ gitea.sha }} git checkout ${{ gitea.sha }}
- name: Build and push gateway image - name: Build and push gateway image
run: | run: |
set -euo pipefail
cd repo
REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||') REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway" IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway"
@@ -30,71 +35,10 @@ jobs:
docker push "${IMAGE}:latest" docker push "${IMAGE}:latest"
docker push "${IMAGE}:${{ gitea.sha }}" docker push "${IMAGE}:${{ gitea.sha }}"
deploy:
needs: build
runs-on: lxc-111
steps:
- name: Deploy gateway to LXC 111 - name: Deploy gateway to LXC 111
run: | run: |
set -euo pipefail set -euo pipefail
cd repo
REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||') REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway" IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway"
DEPLOY_PATH="${{ env.DEPLOY_PATH }}" GATEWAY_IMAGE="${IMAGE}:latest" bash scripts/deploy-gateway.sh
echo "Logging into registry..."
echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "$REGISTRY_HOST" -u "${{ gitea.actor }}" --password-stdin
echo "Preparing deploy directory: ${{ env.DEPLOY_PATH }}"
mkdir -p "${{ env.DEPLOY_PATH }}"
cat > "${{ env.DEPLOY_PATH }}/docker-compose.server.yml" <<EOF
services:
vpn-proxy-gateway:
image: ${IMAGE}:latest
container_name: vpn-proxy-gateway
network_mode: host
cap_add:
- NET_ADMIN
- NET_RAW
env_file:
- .env
environment:
DATA_DIR: /var/lib/vpn-proxy
SING_BOX_CONFIG: /etc/sing-box/config.json
SING_BOX_CACHE: /var/lib/sing-box/cache.db
volumes:
- vpn-proxy-data:/var/lib/vpn-proxy
- sing-box-cache:/var/lib/sing-box
restart: unless-stopped
volumes:
vpn-proxy-data:
sing-box-cache:
EOF
if [ ! -f "${{ env.DEPLOY_PATH }}/.env" ]; then
cat > "${{ env.DEPLOY_PATH }}/.env" <<'EOF'
PORT=3456
PROXY_PORT=8080
TPROXY_PORT=7895
TPROXY_MARK=1
TPROXY_TABLE=100
TPROXY_CHAIN=VPN_PROXY_TPROXY
ROUTING_RU_DIRECT=true
LOG_LEVEL=info
EOF
echo "Created default .env. Existing deployments can edit ${{ env.DEPLOY_PATH }}/.env and it will be preserved."
else
echo "Preserving existing .env"
fi
cd "${{ env.DEPLOY_PATH }}"
echo "Pulling latest image..."
docker compose -f docker-compose.server.yml pull
echo "Starting gateway..."
docker compose -f docker-compose.server.yml up -d
echo "Current container:"
docker ps --filter "name=vpn-proxy-gateway"

60
scripts/deploy-gateway.sh Normal file
View File

@@ -0,0 +1,60 @@
#!/usr/bin/env bash
set -euo pipefail
DEPLOY_PATH="${DEPLOY_PATH:-/opt/vpn-proxy}"
GATEWAY_IMAGE="${GATEWAY_IMAGE:?GATEWAY_IMAGE is required}"
echo "Preparing deploy directory: ${DEPLOY_PATH}"
mkdir -p "${DEPLOY_PATH}"
cat > "${DEPLOY_PATH}/docker-compose.server.yml" <<EOF
services:
vpn-proxy-gateway:
image: ${GATEWAY_IMAGE}
container_name: vpn-proxy-gateway
network_mode: host
cap_add:
- NET_ADMIN
- NET_RAW
env_file:
- .env
environment:
DATA_DIR: /var/lib/vpn-proxy
SING_BOX_CONFIG: /etc/sing-box/config.json
SING_BOX_CACHE: /var/lib/sing-box/cache.db
volumes:
- vpn-proxy-data:/var/lib/vpn-proxy
- sing-box-cache:/var/lib/sing-box
restart: unless-stopped
volumes:
vpn-proxy-data:
sing-box-cache:
EOF
if [ ! -f "${DEPLOY_PATH}/.env" ]; then
cat > "${DEPLOY_PATH}/.env" <<'EOF'
PORT=3456
PROXY_PORT=8080
TPROXY_PORT=7895
TPROXY_MARK=1
TPROXY_TABLE=100
TPROXY_CHAIN=VPN_PROXY_TPROXY
ROUTING_RU_DIRECT=true
LOG_LEVEL=info
EOF
echo "Created default .env. Edit ${DEPLOY_PATH}/.env if this server needs different ports."
else
echo "Preserving existing .env"
fi
cd "${DEPLOY_PATH}"
echo "Pulling image: ${GATEWAY_IMAGE}"
docker compose -f docker-compose.server.yml pull
echo "Starting gateway..."
docker compose -f docker-compose.server.yml up -d
echo "Current container:"
docker ps --filter "name=vpn-proxy-gateway"