diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c2a339c..ef011ba 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -38,6 +38,56 @@ jobs: # Push the Docker image docker push ghcr.io/ikapiar/backend:${VERSION} docker push ghcr.io/ikapiar/backend:latest + + - name: Populate Env for backend + env: + APP_ENV: production + DB_URI: ${{ secrets.DB_URI }} + JWT_PRIVATE_KEY_BASE64: ${{ secrets.JWT_PRIVATE_KEY_BASE64 }} + JWT_PUBLIC_KEY_BASE64: ${{ secrets.JWT_PUBLIC_KEY_BASE64 }} + PASSWORD_SALT: ${{ secrets.PASSWORD_SALT }} + APP_ENV_FILE_PATH: ./backend/deploy/env + run: | + echo APP_ENV="$APP_ENV" > "$APP_ENV_FILE_PATH" + echo DB_URI="DB_URI" > "$APP_ENV_FILE_PATH" + echo JWT_PRIVATE_KEY_BASE64="JWT_PRIVATE_KEY_BASE64" > "$APP_ENV_FILE_PATH" + echo JWT_PUBLIC_KEY_BASE64="JWT_PUBLIC_KEY_BASE64" > "$APP_ENV_FILE_PATH" + echo PASSWORD_SALT="PASSWORD_SALT" > "$APP_ENV_FILE_PATH" + + - name: Sync Systemd Unit Backend + working-directory: ./backend + env: + HOSTNAME: ${{ secrets.HOSTNAME }} + PORT: ${{ secrets.PORT }} + KEY: ${{ secrets.KEY }} + USERNAME: ${{ secrets.USERNAME }} + run: | + # Save SSH key to a temporary file + echo "$KEY" > /tmp/deploy_key + chmod 600 /tmp/deploy_key + + # Use rsync to deploy static files + rsync -avz -e "ssh -p $PORT -i /tmp/deploy_key -o StrictHostKeyChecking=no" ./deploy "$USERNAME@$HOSTNAME:/apps/ikapiar-backend" + + # Clean up the temporary key + rm -f /tmp/deploy_key + + - name: Restart Systemd Unit Backend + env: + HOSTNAME: ${{ secrets.HOSTNAME }} + PORT: ${{ secrets.PORT }} + KEY: ${{ secrets.KEY }} + USERNAME: ${{ secrets.USERNAME }} + run: | + # Save SSH key to a temporary file + echo "$KEY" > /tmp/deploy_key + chmod 600 /tmp/deploy_key + + ssh -p $PORT -i /tmp/deploy_key -o StrictHostKeyChecking=no $USERNAME@$HOSTNAME "sudo systemctl deamon-reload && sudo systemctl stop container-ikapiar-backend && sudo systemctl enable --now container-ikapiar-backend" + + # Clean up the temporary key + rm -f /tmp/deploy_key + build-and-deploy-frontend: runs-on: ubuntu-latest diff --git a/backend/deploy/container-ikapiar-backend.service b/backend/deploy/container-ikapiar-backend.service new file mode 100644 index 0000000..4c56b11 --- /dev/null +++ b/backend/deploy/container-ikapiar-backend.service @@ -0,0 +1,18 @@ +[Unit] +Description=Podman container-ikapiar-backend.service +Documentation=man:podman-generate-systemd(1) +Wants=network-online.target +After=network-online.target + +[Service] +Environment=PODMAN_SYSTEMD_UNIT=%n +Restart=on-failure +TimeoutStopSec=70 +ExecStartPre=/bin/bash /apps/ikapiar-backend/container-ikapiar-pre.sh +ExecStart=/usr/bin/podman start ikapiar-backend +ExecStop=/usr/bin/podman stop -t 10 ikapiar-backend +ExecStopPost=/usr/bin/podman stop -t 10 ikapiar-backend +Type=forking + +[Install] +WantedBy=default.target \ No newline at end of file diff --git a/backend/deploy/container-ikapiar-pre.sh b/backend/deploy/container-ikapiar-pre.sh new file mode 100644 index 0000000..78c7493 --- /dev/null +++ b/backend/deploy/container-ikapiar-pre.sh @@ -0,0 +1,5 @@ +podman ps -q --filter "name=ikapiar-backend" | grep -q . && \ +podman stop ikapiar-backend && \ +podman rm ikapiar-backend && \ +podman pull ghcr.io/ikapiar/backend:latest && \ +podman create --name ikapiar-backend --restart always --pull always --env-file /apps/ikapiar-backend/env -p 4000:4000 ghcr.io/ikapiar/backend:latest \ No newline at end of file diff --git a/backend/src/common/config/index.ts b/backend/src/common/config/index.ts index d95b8cc..d8b0a9a 100644 --- a/backend/src/common/config/index.ts +++ b/backend/src/common/config/index.ts @@ -56,6 +56,10 @@ export const AppConfigs = [ key: 'DB_URI', defaultValue: 'postgresql://postgres:postgres@postgres:5432/postgres', }, + { + key: 'SUDO_TOKEN', + defaultValue: 'sipalingsudo', + }, { key: 'PORT', defaultValue: '4000',