From 692795e25d39017574a76fe39d5da58fa72f26ba Mon Sep 17 00:00:00 2001 From: KristienN Date: Thu, 5 Dec 2024 20:16:14 +0000 Subject: [PATCH] feat: Fix Deploy step and use docker-compose instead of docker --- .github/workflows/{main-ci.yml => main.yml} | 9 ++---- .github/workflows/{pr-ci.yml => pr.yml} | 0 cluster-config/docker-compose.prod.yaml | 26 +++++++++++++++++ main.tf | 12 ++++++++ scripts/install.sh | 30 ++++++++++++++------ tfplan | Bin 6161 -> 7106 bytes variables.tf | 2 +- 7 files changed, 63 insertions(+), 16 deletions(-) rename .github/workflows/{main-ci.yml => main.yml} (76%) rename .github/workflows/{pr-ci.yml => pr.yml} (100%) create mode 100644 cluster-config/docker-compose.prod.yaml diff --git a/.github/workflows/main-ci.yml b/.github/workflows/main.yml similarity index 76% rename from .github/workflows/main-ci.yml rename to .github/workflows/main.yml index a84a4f8..1aea331 100644 --- a/.github/workflows/main-ci.yml +++ b/.github/workflows/main.yml @@ -16,7 +16,7 @@ jobs: PRIVATE_KEY: ${{ secrets.TF_SSH_PRIVATE_KEY }} run: | echo "$PRIVATE_KEY" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa + chmod 700 ~/.ssh/id_rsa - name: "Set up Terraform" uses: hashicorp/setup-terraform@v3 @@ -29,9 +29,4 @@ jobs: terraform plan -var digitalocean_access_token=$DIGITALOCEAN_ACCESS_TOKEN -out=tfplan terraform apply tfplan -var digitalocean_access_token=$DIGITALOCEAN_ACCESS_TOKEN -auto-approve env: - DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} - - name: "Post-deployment testing" - run: | - terraform output -raw droplet_ip > droplet_ip.txt - DROPLET_IP=$(cat droplet_ip.txt) - curl -I http://DROPLET_IP \ No newline at end of file + DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/pr-ci.yml b/.github/workflows/pr.yml similarity index 100% rename from .github/workflows/pr-ci.yml rename to .github/workflows/pr.yml diff --git a/cluster-config/docker-compose.prod.yaml b/cluster-config/docker-compose.prod.yaml new file mode 100644 index 0000000..c8dcfb5 --- /dev/null +++ b/cluster-config/docker-compose.prod.yaml @@ -0,0 +1,26 @@ +services: + + app: + container_name: portfolio-1 + image: "registry.digitalocean.com/kristien-docr/portfolio-v2:latest" + ports: + - "8001:80" + restart: on-failure + + replica-app: + container_name: portfolio-2 + image: "registry.digitalocean.com/kristien-docr/portfolio-v2:latest" + ports: + - "8002:80" + restart: on-failure + + ngx-reverse-proxy-lb: + container_name: ngx-reverse-proxy-lb + image: "registry.digitalocean.com/kristien-docr/portfolio-v2-nlb-proxy:latest" + ports: + - "80:80" + - "443:443" + depends_on: + - app + - replica-app + restart: on-failure diff --git a/main.tf b/main.tf index 0a855a4..c7d2698 100644 --- a/main.tf +++ b/main.tf @@ -21,6 +21,18 @@ resource "digitalocean_droplet" "portfolio-v2-server" { ssh_keys = [var.ssh_fingerprint] tags = ["portfolio-v2", "server"] + provisioner "file" { + source = "./cluster-config/docker-compose.prod.yaml" + destination = "/var/local/docker-compose.prod.yaml" + + connection { + type = "ssh" + user = "root" + private_key = file("~/.ssh/id_rsa") + host = self.ipv4_address + } + } + provisioner "file" { source = "./scripts/install.sh" destination = "/tmp/install.sh" diff --git a/scripts/install.sh b/scripts/install.sh index 156e520..cecea18 100644 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -9,19 +9,33 @@ fi echo "Updating package list and installing dependencies..." sudo apt-get update -y || { echo "Failed to update package list"; exit 1; } -sudo apt install apt-transport-https ca-certificates curl -y -curl -fsSL https://get.docker.com -o get-docker.sh -sudo sh get-docker.sh +sudo apt install apt-transport-https ca-certificates curl software-properties-common -y +echo "Installing Docker..." +sudo install -m 0755 -d /etc/apt/keyrings +sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc +sudo chmod a+r /etc/apt/keyrings/docker.asc +echo \ + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ + $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ + sudo tee /etc/apt/sources.list.d/docker.list > /dev/null +sudo apt-get update -y + + +sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin +docker-compose --version + +echo "Installing DigitalOcean CLI..." sudo snap install doctl sudo snap connect doctl:dot-docker -sudo mkdir /root/.config +sudo mkdir -p /root/.config -echo "Logging into Digital Ocean Services" +echo "Logging into DigitalOcean Services..." sudo doctl auth init --access-token $DOCTL_ACCESS_TOKEN sudo doctl registry login -echo "Pulling latest image" -sudo docker pull registry.digitalocean.com/kristien-docr/portfolio-v2:local || { echo "Failed to pull image"; exit 1; } -sudo docker run --name portfolio-v2 -d -p 80:80 registry.digitalocean.com/kristien-docr/portfolio-v2:local \ No newline at end of file +echo "Running docker-compose command..." + +sudo apt install docker-compose +sudo docker-compose -f /var/local/docker-compose.prod.yaml up --build -d diff --git a/tfplan b/tfplan index 3acab46a96e39a4a616fae0a37886aaef53ef81d..110518af9f7e485f84c755d078f4817c0f86e53c 100644 GIT binary patch delta 5353 zcmZvgby!qg*N2Dh6l4gg0RgEY1cZ?^Nf}ByhHmLTf;5cMLkWtAN;`B5hzJNnr*uo# zfaHfh@AE$Kz586}kG1z+>)L0Zv+uKhD<0Y+N%2Sp51$T1e0eRu3X7*;0rrUCHtQ(0 z7cBP~+xntW`*gG*b!_iI2O=E5>t*(2^2`$_Ee@zxT4)$nq&1y`#YHi|seo za2mQW#gt?f+n3y${+O+656EoopfQ%*z8_wejA2aA0w;6~cF|jnO?N>d~|ER6Y#k?lzBO6I%(;`c*7`5F>t>8kk$InN=q;spjc!|n4iN_gU-kYvch-$ zzN$24+=gq-T~qpbU~!)>Jd##wTvo$3+rfyq#Wf9~mmkMNPtGMTS8w$TOSTTR0_EQ23_@%>2b%_&Y{xW zr_MbPAsL-`5cm-5inrv2EwERROb1a|{S|OylR!gCCrF6BT(DMy$s3`}YQM>{8m;YkMN9G0r2CwSyHlgcS8CnLa@iWDbkg zjWoDR2-g9QYGB-F*#~HuZZngIvMuS?o_-=yXr~I0njHe(yIY2@WMciC42VU|_HCst zl{mbojH@Waa~2Fzhh);h?7B3r1qqp@0fvL^MNGs@!brX`wK`dt7cb7gN-b-1xP;FH&&23y9;hyKSS_R&#G5Q)C(lHw`* z^wg}>(UAb)>z$$@$C8xAYd3m1@2{9JIS)p6WLh9?Mv$UI(%`5ZR&=J8rxl(+0(oFH0Xk1E3v9V#G|E@g9q=w39e~^ z(+r1|1-^Mu%|WXQ384kCUmNtJPR6ng zhZ{~Yf)0CyP7@niQJeh}WCO$e&L-$5Jto7n%k~*m#{1F!7L#|2MYc>_kqCww3e4sv z0jk-#BqKDqo%jnYsBr#mgZM!U?|P_lLR=)ib@`PPBRa2;lO{4DD+00Zm(~d5KBAM& z&2ymCb5%vk747OZoYSLC?U%f5p9JvND8Vo;N zP2D-K%xc*FmT$SfX>vT5;Moxw=kaz=?j>+y+cWK7+pu(sXg#0!@ zQGs3*EoaK4f|0yf@ej`Ynkp^oWFRfQX%OSS0?$D(n`83|H6hL&kV0r>&VJF|Lm)4| zE~Zjp(h6;v{$YM;S|FV)*lwzgK!_yK*GW;5fuoF}M0{vtHs^@iR}%N)$b~7WjTUk`#35wMVpuV`bnVA37|QO4fT7N)<250h z4CbT*S7Y0sblYNb4X5>IUx{SJUI$kCrd5-(%{O62*RVWNw`~J|;Gq`qgIDI*42lj7 ziU1-I=;Gp$3K22m+mGXA1R&5XH3;+%#Os6p)`&nPAP;MI4|5MI9c=;-&L#T+oAt+r zE)&(XL6{Qgz7Zc6xBk^&*nTd9_C?(3r)fvQGy-HbH)N* zA7eO)soff9$(J+8lCyadqskU*>6E2?XzSk(hdZdHC@*)I%*hL5t+l*Aq|1qnF;I(|0?2Mhq%t zZs`^3ev9Jb@1fMNwBRQ1pj*6iy~x`?iOUyxBS}IfnPky9-q5XK(U0l|P(Duj#goGE z;{3R~FMwP5jZ1@Z?(Ns=by&X`m!8A3c*T_Pubar)s(g;O9A9+Z+Nn9zmYtEQ#lGs& z-&?X$!Ef%`QwYnz%F#)^NWmM;36|VI9}3Gg#I9P|Fr+QaJe@c-|kXK{4^G6|oCWL{kKgyAICX25z z-MpQo7q84EDXHwj)E--@)Ra$Ze+w;qY~<1Wq!C#xzi6*79;D%R=t z((%Zt>6-y#82AY}F(v0Zrj*Jx(_#hzZPg5gu-zvg0JYOl2EdfmH7-tidy5T7Zd!Cj zJO`thJabe!;=_|v?zH<;| z8G&C}5O8qZjw%SN38*6$!Zc4t=(&sEXBc7YWf9mkiB{2%4g=x^&o4y$y^A(wjhgDy zn#M00<(ftVex5=QE*CsPB@9Z8xh`_W%wsH`R(pCEQPbI`-vxW6RpgrV(We7~cgG~? zxAL}%O@Ww20Mmoj3#xW>?@mdUlL|&D?lC7=UBuGBGC#h$zo{jLjpzGeit}`qT**V~ zE}Mz^eAuA6Jgp$42akdJYMsJYMbx*JUW&l*mQ+PzEiY(-WqzS$R3#&uodSd#t{HF3 znUNMv$*k2Hsi|#sfERWZ5x3Nbh3?+VuV`xq1HP`(d#{Mp`$`2X!1$mRYDlccv$0Yp zs`R;B#QAEqS3Glun_$iCBF&5{O-e3T0sH|E);BDIWIJ$FIs68OwqGz?Xa$47_c_4u zfqC%ewYInBURANCOxZ?A+gb`f*5C8*LhkevKa72}E1a9>a6lYXyFLHlhdm2MThHM> zF!H$aP@X(%e);ov*Y~p_@9cG(su>54PHH}`$7M|UjS7$nrNtG5 z7V|^iXr!H0!R`1KGk2azc0GP0yXijDcj$dXE_t=9tSpN!VyDww=mWUpWgo!mi=Y~M zK0dYBT=z4VB1LH=)0wtgC1XQ&LVZ&sh?DG3gtC5G=|9E?fxcY%7eW)2NI3sUlmAId z!T(9h=s!ux#b3$AALadVv`r|QUHKE=&ug=oEN5Og3Q|fV@7RSe0#`;^|`~Z&nz9Q~1Bur@2)irbq#1{{T z?1-nn0&!A*0uR~@g8U5!cl()MrJPxe|x&@ zRs?DR9crDC+^sx196~37dE+Dfi!l1aM$_p! zH3hBZ%Eg#G8gtE%fY0pPO0?WTwAVjohwXsj(!pG;RhKw)@-a%j#Nqg=(_|!e{-mtR znIhb3D6Mcq?>{))haMU$8x*L6>UDq7&@IJuVb8%&QYOOf`BdSQX#;S+vuN)uJl)gU z$Tr69T>wd2#RroSYbePwy_4y~Wrj83Y~TSF3(W2M zO`#NyvGex)8LulHu|MQGPWEEzZW(l}?`05l$xXt!B-4B(eZ9{N1kU}vDw}p&t*S;G zAOC!I#fO8ui35Hv2HbN6zJyTLXmpR>&s#Yn1(Cl4=d|)2Z@V!GC6#y-kif?k)MkL%eM4joX z>S4G7H_h$tStcu9_r&nSRG)60>GtdSro?&uELQ+nA?)t~^=2p|I6DMjAbRQ9v`;8A zr~q;JG(I+M=p2jE<+TXY1vqXx72Mw*2xq$wH=Os$8#j=t4M#U<(PD<4z4CnmZGFL8 zZ#oFe@r2#%1CDOFo@I`})|>9Qtt|B=&&4dcy*42^U%Uyrs`>6`T) zZii!DZosbLWwQ83LixcKVljP5!`FY%ko2#jLE<7M-)|fa>N>fML#fYAK3p`TvE~EO zSKzvuT-P_ewRzn(@B~<7WMp0!<}?MOUqTgSDm@b`Kd?n_wPD;bFR5VcyKmc~VJ0Tj zA=@>Y#OT7lN@d(yOP)LV$-72|IN#%ZUARAw5fV^~^6X1-$;kG~Rug!1h6fz)$J05w zb?*W_HB=W^6a(JX)+3QRD=j}?nm2wSN{`bced~hbhTJUMHxtNkdXoF5jYE5rq1Eq` zY#k`FXblYaRSJ@?RkVG@seF1ZHvi~G^3-?9FOqL8M46V~L}WY^=-ehHUbV|T=`>Tl zSq!&oPNQsIA4Iv_nx#fM8#|jVf6e@Ux6Tj+s95Pfy?JAv;iF|^^f`{P-(A~wpZHuP znn3NDo66f@Y|%RNLr$1gS}$_%Da5=RULQH2`W)D-}i7%36eAAb^K9$^RSWhYe!k6a|M3jeN(y@kMyY^ zKA->m%`W_7tFRNpT4D z^8UOCm5Y+H%o{&``PwpITzG>Ai;JrTp#3*GzfXMmO3O?USYls3MOrWb^4IiE4vSG< zu%@@8C%DaeWa9Tg#yY^Tbf-HBsh>rkSZWmw6Skh$7s;?n*u5`ou{FCZ<1P5)l5{!C&=E>C2bu#`w$nKaVlaBme*a delta 4391 zcmZvg1yodB*T;vF96-7|q+^JoL%NYJDN#mghY*kvK?aZ>LP9`NVh~9QrBS-ObC8lo z`W=1zzW05e_1wGeI_uoC{%4`eg)S+P$hDEa~tAv|ZNN83syq}P~wiQbdnvY3sx7kAG)CyBeDH+_A64Gs_chN2X+2v43U22+A zjndv6$&XF^Ay<5Nv>yiYtO@}KCoIx*-?hV-C=a#|-U6twgfnnm_5VI}HMl3p3X-DzJDE{ z-K_`DH?GKORu56$QeED4%3vd_HSb4Uv-eb$vOrG?TZpxt_`VA%q_Tz^u?0lcLZ$;n zGNc_Gf^GB&aNAWq?-NB%RGiPeI&vMRh6O!If-5VhzGhWP@aa-)Ets6-L(u4Hx@b?c z@~1ddr5+xUR>GVM44`bSE7qh;j(3)vOBA_yWo(jH8Oe(M78}|8B<{%HDV^A&AiH4J$84~XwyHBdi9vkzr{TEi0skxt4KY?&xWUr zJuG<2Z8Z^(u%lUo87B5Kqz~d>mparGr5t_RFEtyWWJH8g*neQ?1zny`9v?55xm`Q& zx}-`C!K|}SH@_zNZsmV|tV+I#Q~-)>DW=K0Kjr1%giOQVS`$o$aXGw2s$r%(h&j); zzPe+C(%1PkwRL<8r+mn#lV`>FL_M8MLOuN+7kSYI?b+5qZM|?8VG~I}sDzalbZ41O zWPHN?+9O7qJKVD|?rdbUK}5m4$h2yX(mP-+7Iw&Jcj|}IzY^zcP#=-*F=9BBWu-s$ zAy5&4LlCmqb}}nEqU{N~5fxZ1UNPVH-MAc9+WY5knj_#_+aNa_W?6| z!&0a|-?&gcL3y_tu|>QIy%8tmCR+YPO#TM_fg3e;`tNmg*4wJp;v-f;i*hx+UG9B! zFqNUSV;n#lcx@^p9N4W%!qp|;vsTi2y*3Zh3C-h4Ow4!h{5f#&UUU$aLY}33k>%xv zu^QqP^s>SDD=xPxgTZLmmkKcRc!pG66O-c8j4L^Io&pF+4ap`ag@YoAl01!K9ypG2 zd?K((S6^1leI&Z0T%GgQtjVIjFNSgrwyr-~iGNpk=u7VX%Qlvf3h`;7ey#Wx2U`Pq zOPiKFj6;=!${O0VmbWFFMOHo^v;E5g89!moFE8|LCY%E!eR-+%1nc^}dm>#Vi=`y5 z&59arivr02fSVfwZCpI*XuJs>8~`Aj2mtuo(Q5(t>q6k%qWpaZN161v&44N9P<+@( zzG#)t{FpY-VTthD+;7-GjD-T&k$JAuiFfwiwG$uwz|wN#FVYhsq~{u_`_LBfAxnti zt80<5&Zr=C+4rQhDAAeofk_6bMnd3YRU2r@4ur% z@_c82zL=L}RGdtMwBr=K7YwHW7M`~k8;*UXV?EaL;A*7ui|kJBCNGN5aSH8@@w>d* zY2f>w#v^cgU2;dB97ePfO}sG2%$-tdN;lRP8D`=QqsWh!pz;-WsAd`+Z}Yp$C*~LC zfz6KOABf64~v0`fkMdO%;^PRgzIcUZgx^u&2IAk03{l_;|c8k|gY7U}HVU4S1+(-PwwY<*L zP?~3tyK&|X55hcE`B+a+;;~5eMGQd#93>O(G&fmH3is%{gass8HQaJ>f=GK0Hu#Ik zs^_7lM`p9UCZom*1a({FBf~m}6^A22q=K6su(Zg$NJeMRZ6s)&s;0A>&}x=O$U4P{ zS<5w&aV{3V9lk`0Nq~jDLZk+w!4Vd+CvCC2RY~;lb}wGLNH2&+-Q(75{8cO@d%{B1 zyfRsje8~B^M8pz8$K~AV@xn%Jym-m`jg+<2ebI`M6g*;P)alm^zo^^Z-22DB7Pxx+11xAy#_q)VS-6 ze3Mi|<684E$LM($H>zc!b$XW*Sx7$UY1yv3V5xBNsP!4GLf4`gSu^7{QGM2-s`!Uw zt3Y$>ut0oyceh;yIk{P(FAYS*uv%tnJB;-it8%<#ILUUIsS9o2*};O)r9U5W z?F>om>)679zO}&9z2gW(Nz>Gvk5q?p;IY$)BcX6R74uE6yC4eAIk|VRg`zCFo^ouS zNw6uLn9+ARp13$IOn_0%q(Jm-;sxgo8u>U(!kTIpI(j-_82^XpiZ=E8N_Q*(KoajC zj3UGd+5WI;d#qqAUqN4Q9)*Y;O(7B)4EJrd}q!KPt{qrahwN8*`QB*v%Kw z2XuA`kD19j+J+s9`Z8Axg>984w>Hs-HJd1`92`u+kiR>V*Q z4PYdw^QQ1C$*85M&SAB1!i;k;Gxi9-v?i}={)7PE8DniyH(zm9=&Vl!1k(9z>g>A@ z7PSdjPxW5MiI~FCIQ~;YE6250z_Ms+s-BM|`QvA>z8mw@YxVVX#QYm z05#X0Jd^!`|dU+;0ZHO;$x1jles-sY;C3Vc}7Bp)QJb#H`l(!{p?*#)p7!yV$jw(?D276PS0~f0>qo1eHAPEPNvaAF8puYYAhcQJDq8>64 z_gb2IX{AeH8v>r8I??ru5WE2V+z>6*nxa9FT{LG?MN$o->#@-7gsG{P-$0tP2T!!~E-te%!SUlbCpL|by=wod{KW2#jk%J$Y^RU1ElUd}p)AFCw6&qDfqAhR-C zcBGhtdlLQ*>i8Cp11>eSmYgf4(7FwiJ{>k=-w&-m2DbzxUeI1jCXSG}^15RF+!_3~ zT2MnEKi{@LDs;lBPV0B-=LO94$LI+%C`@+9$M?-C)^k&>x>|nku#j2>oXIv3+j)}y z)mCZI@>qU+y}w2+Y19-vYjSto3R3dGPAL7p1^7LO{dl~oVfo!QlH9LVawF-mm--*d z&Js};B7_%4tItHT`d^>PrrT7m1;3r|X9X@7a(FS_RLCw4pe*EHRwH42yM;X|e3!K! zt&a7}shg`x(-oS*PJzl0&8z7XPt1ln!Ql;+vCe_EA2SylHrXx$(7-M?O_>ivZ*UE3 z=Od7d!{fKPzGSoQrR;fLG64Y0e>w8nLs|7_m;k^q?mq*G1ts5aCx%n1{Px*?N}k_N zd`=mPMU3`pi~r_{h$vd--~Mc%je$u4`2SknVnzGEVG0+3|0jR^)kL5ZOz6X>Pa&hB7%+{tB(kPxKGX?@^3ZEc5L^^Y!vCiF-(4gBn`)96VNFN(ucqGSKVjrSoBH)o{!NsA8-RdN m(v$y-DTF6IJtip`B8Hxh?yq5-TWJ07zai4-HMday>iq}x9pB>s diff --git a/variables.tf b/variables.tf index 4bc4b84..7079fd4 100644 --- a/variables.tf +++ b/variables.tf @@ -25,5 +25,5 @@ variable "ssh_fingerprint" { variable "digitalocean_access_token" { description = "DigitalOcean API Token" type = string - sensitive = true + sensitive = false } \ No newline at end of file