Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 domrichardson
|
a0813b6e84 |
@@ -1,50 +1,51 @@
|
|||||||
name: Server Deploy
|
name: Server Deploy
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- main
|
- main
|
||||||
paths:
|
paths:
|
||||||
- "server/**"
|
- "server/**"
|
||||||
- "web/**"
|
- "web/**"
|
||||||
- "proto/**"
|
- "proto/**"
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
deploy:
|
deploy:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-docker
|
||||||
steps:
|
container: node:26
|
||||||
- name: Checkout
|
steps:
|
||||||
uses: actions/checkout@v4
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Log in to registry
|
- name: Log in to registry
|
||||||
run: |
|
run: |
|
||||||
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
||||||
docker login ${{ vars.GITEA_HOST }} \
|
docker login ${{ vars.GITEA_HOST }} \
|
||||||
-u "${{ secrets.REGISTRY_USER }}" --password-stdin
|
-u "${{ secrets.REGISTRY_USER }}" --password-stdin
|
||||||
|
|
||||||
- name: Build and push server image
|
- name: Build and push server image
|
||||||
run: |
|
run: |
|
||||||
IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/server:latest"
|
IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/server:latest"
|
||||||
docker build -t "$IMAGE" -f server/Dockerfile server/
|
docker build -t "$IMAGE" -f server/Dockerfile server/
|
||||||
docker push "$IMAGE"
|
docker push "$IMAGE"
|
||||||
|
|
||||||
- name: Build and push web image
|
- name: Build and push web image
|
||||||
run: |
|
run: |
|
||||||
IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/web:latest"
|
IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/web:latest"
|
||||||
docker build \
|
docker build \
|
||||||
--build-arg NEXT_PUBLIC_API_URL="https://${{ vars.GITEA_HOST }}" \
|
--build-arg NEXT_PUBLIC_API_URL="https://${{ vars.GITEA_HOST }}" \
|
||||||
-t "$IMAGE" \
|
-t "$IMAGE" \
|
||||||
-f web/Dockerfile web/
|
-f web/Dockerfile web/
|
||||||
docker push "$IMAGE"
|
docker push "$IMAGE"
|
||||||
|
|
||||||
- name: Deploy via SSH
|
- name: Deploy via SSH
|
||||||
uses: https://github.com/appleboy/ssh-action@v1
|
uses: https://github.com/appleboy/ssh-action@v1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.DEPLOY_HOST }}
|
host: ${{ secrets.DEPLOY_HOST }}
|
||||||
username: ${{ secrets.DEPLOY_USER }}
|
username: ${{ secrets.DEPLOY_USER }}
|
||||||
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
||||||
script: |
|
script: |
|
||||||
cd /opt/keymanager
|
cd /opt/keymanager
|
||||||
docker compose pull
|
docker compose pull
|
||||||
docker compose up -d --remove-orphans
|
docker compose up -d --remove-orphans
|
||||||
docker image prune -f
|
docker image prune -f
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ package grpcclient
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/mrhid6/keymanager/agent/internal/grpc/pb"
|
"github.com/mrhid6/keymanager/agent/internal/grpc/pb"
|
||||||
@@ -22,6 +23,9 @@ type Client struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func New(serverURL string, useTLS bool) (*Client, error) {
|
func New(serverURL string, useTLS bool) (*Client, error) {
|
||||||
|
serverURL = strings.TrimPrefix(serverURL, "https://")
|
||||||
|
serverURL = strings.TrimPrefix(serverURL, "http://")
|
||||||
|
|
||||||
var dialOpts []grpc.DialOption
|
var dialOpts []grpc.DialOption
|
||||||
|
|
||||||
if useTLS {
|
if useTLS {
|
||||||
|
|||||||
@@ -66,11 +66,11 @@ func newServer(c *gin.Context) {
|
|||||||
}
|
}
|
||||||
host := os.Getenv("PUBLIC_HOST")
|
host := os.Getenv("PUBLIC_HOST")
|
||||||
if host == "" {
|
if host == "" {
|
||||||
host = "keymanager.example.com"
|
host = "https://keymanager.example.com"
|
||||||
}
|
}
|
||||||
|
|
||||||
installCmd := fmt.Sprintf(
|
installCmd := fmt.Sprintf(
|
||||||
`curl -fsSL "https://%s/install?server_id=%s&token=%s" | bash`,
|
`curl -fsSL "%s/install?server_id=%s&token=%s" | bash`,
|
||||||
host, s.ServerID, token,
|
host, s.ServerID, token,
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -218,6 +218,8 @@ SERVER_ID="%s"
|
|||||||
TOKEN="%s"
|
TOKEN="%s"
|
||||||
GITEA_HOST="%s"
|
GITEA_HOST="%s"
|
||||||
KM_HOST="%s"
|
KM_HOST="%s"
|
||||||
|
KM_HOST="${KM_HOST#https://}"
|
||||||
|
KM_HOST="${KM_HOST#http://}"
|
||||||
|
|
||||||
ARCH=$(uname -m)
|
ARCH=$(uname -m)
|
||||||
case "$ARCH" in
|
case "$ARCH" in
|
||||||
@@ -236,8 +238,9 @@ if [ -z "$LATEST" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
VERSION="${LATEST#agent/}"
|
VERSION="${LATEST#agent/}"
|
||||||
BINARY_URL="https://${GITEA_HOST}/mrhid6/keymanager/releases/download/${LATEST}/keymanager-agent-linux-${ARCH}"
|
LATEST_ENCODED="${LATEST/\//%%2F}"
|
||||||
CHECKSUM_URL="https://${GITEA_HOST}/mrhid6/keymanager/releases/download/${LATEST}/checksums.txt"
|
BINARY_URL="https://${GITEA_HOST}/mrhid6/keymanager/releases/download/${LATEST_ENCODED}/keymanager-agent-linux-${ARCH}"
|
||||||
|
CHECKSUM_URL="https://${GITEA_HOST}/mrhid6/keymanager/releases/download/${LATEST_ENCODED}/checksums.txt"
|
||||||
|
|
||||||
echo "Installing keymanager-agent ${VERSION} (${ARCH})..."
|
echo "Installing keymanager-agent ${VERSION} (${ARCH})..."
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user