From 0aa0228c632243ce935c2d17eda751ad569bc033 Mon Sep 17 00:00:00 2001 From: Haelnorr Date: Sun, 16 Feb 2025 23:55:02 +1100 Subject: [PATCH] Added deploy scripts for master/production --- .github/workflows/deploy_production.yaml | 55 ++++++++++++++ deploy/caddy/Caddyfile | 12 +++ deploy/deploy_production.sh | 94 ++++++++++++++++++++++++ deploy/systemd/production.service | 29 -------- deploy/systemd/production@.service | 2 - deploy/systemd/staging.service | 29 -------- 6 files changed, 161 insertions(+), 60 deletions(-) create mode 100644 .github/workflows/deploy_production.yaml create mode 100644 deploy/caddy/Caddyfile create mode 100644 deploy/deploy_production.sh delete mode 100644 deploy/systemd/production.service delete mode 100644 deploy/systemd/staging.service diff --git a/.github/workflows/deploy_production.yaml b/.github/workflows/deploy_production.yaml new file mode 100644 index 0000000..576ee4d --- /dev/null +++ b/.github/workflows/deploy_production.yaml @@ -0,0 +1,55 @@ +name: Deploy Staging to Server + +on: + push: + branches: + - master + +jobs: + build-and-deploy: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: '1.24.x' + + - name: Install Templ + run: go install github.com/a-h/templ/cmd/templ@latest + + - name: Install tailwindcsscli + run: | + curl -fsSL -o tailwindcss https://github.com/tailwindlabs/tailwindcss/releases/latest/download/tailwindcss-linux-x64 + chmod +x tailwindcss + sudo mv tailwindcss /usr/local/bin/ + + - name: Run tests + run: make test + + - name: Build the binary + run: make build SUFFIX=-production-$GITHUB_SHA + + - name: Deploy to Server + env: + USER: deploy + HOST: projectreshoot.com + DIR: /home/deploy/releases/production + DEPLOY_SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }} + run: | + mkdir -p ~/.ssh + echo "$DEPLOY_SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + echo "Host *" > ~/.ssh/config + echo " StrictHostKeyChecking no" >> ~/.ssh/config + echo " UserKnownHostsFile /dev/null" >> ~/.ssh/config + + ssh -i ~/.ssh/id_ed25519 $USER@$HOST mkdir -p $DIR + + scp -i ~/.ssh/id_ed25519 projectreshoot-production-${GITHUB_SHA} $USER@$HOST:$DIR + + ssh -i ~/.ssh/id_ed25519 $USER@$HOST 'bash -s' < ./deploy/deploy_production.sh $GITHUB_SHA diff --git a/deploy/caddy/Caddyfile b/deploy/caddy/Caddyfile new file mode 100644 index 0000000..7f29089 --- /dev/null +++ b/deploy/caddy/Caddyfile @@ -0,0 +1,12 @@ +projectreshoot.com { + reverse_proxy localhost:3000 localhost:3001 localhost:3002 { + health_uri /healthz + fail_duration 30s + } +} +staging.projectreshoot.com { + reverse_proxy localhost:3005 localhost:3006 localhost:3007 { + health_uri /healthz + fail_duration 30s + } +} diff --git a/deploy/deploy_production.sh b/deploy/deploy_production.sh new file mode 100644 index 0000000..bc47915 --- /dev/null +++ b/deploy/deploy_production.sh @@ -0,0 +1,94 @@ +#!/bin/bash + +# Exit on error +set -e + +# Check if commit hash is passed as an argument +if [ -z "$1" ]; then + echo "Usage: $0 " + exit 1 +fi + +COMMIT_HASH=$1 +RELEASES_DIR="/home/deploy/releases/production" +DEPLOY_BIN="/home/deploy/production/projectreshoot" +SERVICE_NAME="projectreshoot" +BINARY_NAME="projectreshoot-production-${COMMIT_HASH}" +declare -a PORTS=("3000" "3001" "3002") + +# Check if the binary exists +if [ ! -f "${RELEASES_DIR}/${BINARY_NAME}" ]; then + echo "Binary ${BINARY_NAME} not found in ${RELEASES_DIR}" + exit 1 +fi + +# Keep a reference to the previous binary from the symlink +if [ -L "${DEPLOY_BIN}" ]; then + PREVIOUS=$(readlink -f $DEPLOY_BIN) + echo "Current binary is ${PREVIOUS}, saved for rollback." +else + echo "No symbolic link found, no previous binary to backup." + PREVIOUS="" +fi + +rollback_deployment() { + if [ -n "$PREVIOUS" ]; then + echo "Rolling back to previous binary: ${PREVIOUS}" + ln -sfn "${PREVIOUS}" "${DEPLOY_BIN}" + else + echo "No previous binary to roll back to." + fi + + # wait to restart the services + sleep 10 + + # Restart all services with the previous binary + for port in "${PORTS[@]}"; do + SERVICE="${SERVICE_NAME}@${port}.service" + echo "Restarting $SERVICE..." + sudo systemctl restart $SERVICE + done + + echo "Rollback completed." +} + +# Copy the binary to the deployment directory +echo "Promoting ${BINARY_NAME} to ${DEPLOY_BIN}..." +ln -sf "${RELEASES_DIR}/${BINARY_NAME}" "${DEPLOY_BIN}" + +WAIT_TIME=5 +restart_service() { + local port=$1 + local SERVICE="${SERVICE_NAME}@${port}.service" + echo "Restarting ${SERVICE}..." + + # Restart the service + if ! sudo systemctl restart "$SERVICE"; then + echo "Error: Failed to restart ${SERVICE}. Rolling back deployment." + + # Call the rollback function + rollback_deployment + exit 1 + fi + + # Wait a few seconds to allow the service to fully start + echo "Waiting for ${SERVICE} to fully start..." + sleep $WAIT_TIME + + # Check the status of the service + if ! systemctl is-active --quiet "${SERVICE}"; then + echo "Error: ${SERVICE} failed to start correctly. Rolling back deployment." + + # Call the rollback function + rollback_deployment + exit 1 + fi + + echo "${SERVICE}.service restarted successfully." +} + +for port in "${PORTS[@]}"; do + restart_service $port +done + +echo "Deployment completed successfully." diff --git a/deploy/systemd/production.service b/deploy/systemd/production.service deleted file mode 100644 index 616dc37..0000000 --- a/deploy/systemd/production.service +++ /dev/null @@ -1,29 +0,0 @@ -[Unit] -Description=Project Reshoot -After=network.target - -[Service] -ExecStart=/home/deploy/production/projectreshoot -WorkingDirectory=/home/deploy/production -User=deploy -Group=deploy -EnvironmentFile=/etc/env/projectreshoot.env -Environment="HOST=127.0.0.1" -Environment="PORT=3000" -Environment="TRUSTED_HOST=projectreshoot.com" -Environment="SSL=true" -Environment="GZIP=true" -Environment="LOG_LEVEL=info" -Environment="LOG_OUTPUT=file" -Environment="LOG_DIR=/home/deploy/production/logs" -LimitNOFILE=65536 -Restart=on-failure -TimeoutSec=30 -PrivateTmp=true -NoNewPrivilages=true -AmbientCapabilites=CAP_NET_BIND_SERVICE -StandardOutput=journal -StandardError=journal - -[Install] -WantedBy=multi-user.target diff --git a/deploy/systemd/production@.service b/deploy/systemd/production@.service index 84e3f2d..7a49b82 100644 --- a/deploy/systemd/production@.service +++ b/deploy/systemd/production@.service @@ -20,8 +20,6 @@ LimitNOFILE=65536 Restart=on-failure TimeoutSec=30 PrivateTmp=true -NoNewPrivilages=true -AmbientCapabilites=CAP_NET_BIND_SERVICE StandardOutput=journal StandardError=journal diff --git a/deploy/systemd/staging.service b/deploy/systemd/staging.service deleted file mode 100644 index 566aa56..0000000 --- a/deploy/systemd/staging.service +++ /dev/null @@ -1,29 +0,0 @@ -[Unit] -Description=Project Reshoot Staging -After=network.target - -[Service] -ExecStart=/home/deploy/staging/projectreshoot -WorkingDirectory=/home/deploy/staging -User=deploy -Group=deploy -EnvironmentFile=/etc/env/staging.projectreshoot.env -Environment="HOST=127.0.0.1" -Environment="PORT=3005" -Environment="TRUSTED_HOST=staging.projectreshoot.com" -Environment="SSL=true" -Environment="GZIP=true" -Environment="LOG_LEVEL=debug" -Environment="LOG_OUTPUT=both" -Environment="LOG_DIR=/home/deploy/staging/logs" -LimitNOFILE=65536 -Restart=on-failure -TimeoutSec=30 -PrivateTmp=true -NoNewPrivilages=true -AmbientCapabilites=CAP_NET_BIND_SERVICE -StandardOutput=journal -StandardError=journal - -[Install] -WantedBy=multi-user.target