diff --git a/.github/workflows/build-web.yml b/.github/workflows/build-web.yml index 7db376a..7bc394e 100644 --- a/.github/workflows/build-web.yml +++ b/.github/workflows/build-web.yml @@ -1,10 +1,10 @@ -name: docker build Thaliak.Web +name: 'build & deploy: web' on: + workflow_dispatch: push: branches: - 'main' paths: - - '.github/workflows/**' - 'Thaliak.Web/**' jobs: @@ -12,27 +12,36 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: submodules: recursive - name: Log in to GitHub Container Registry - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ github.token }} - name: Build and push - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v5 with: context: . file: ./Thaliak.Web/Dockerfile push: true tags: ghcr.io/crystallinetools/thaliak-web:latest + - name: Set up WireGuard + uses: egor-tensin/setup-wireguard@v1.2.0 + with: + endpoint: '${{ secrets.WG_ENDPOINT }}' + endpoint_public_key: '${{ secrets.WG_ENDPOINT_PUBKEY }}' + ips: '${{ secrets.WG_ADDRESS }}' + allowed_ips: '${{ secrets.WG_ALLOWED_IPS }}' + private_key: '${{ secrets.WG_PRIVKEY }}' + preshared_key: '${{ secrets.WG_SHAREDKEY }}' - name: Deploy to production server - uses: appleboy/ssh-action@v0.1.4 + uses: appleboy/ssh-action@v1.0.3 with: - host: ${{ secrets.REMOTE_HOST }} - port: ${{ secrets.REMOTE_PORT }} - username: ${{ secrets.REMOTE_USER }} - key: ${{ secrets.REMOTE_SSH_KEY }} - script: ~/gha-deploy.sh web + host: '${{ secrets.REMOTE_HOST }}' + port: 22 + username: '${{ secrets.REMOTE_USER }}' + key: '${{ secrets.REMOTE_SSH_KEY }}' + script: deploy poller