From a443e484c5f7d474986f3702edf2e96329fcf682 Mon Sep 17 00:00:00 2001
From: KristienN <knyamutsaka@outlook.com>
Date: Tue, 3 Dec 2024 00:50:03 +0000
Subject: [PATCH] fix: Flesh out deploy step
---
.github/workflows/main-ci.yml | 9 +++++++-
main.tf | 30 +++++++++++++++++++++------
scripts/install.sh | 38 ++++++++++++++++++++--------------
tfplan | Bin 0 -> 6161 bytes
4 files changed, 54 insertions(+), 23 deletions(-)
create mode 100644 tfplan
diff --git a/.github/workflows/main-ci.yml b/.github/workflows/main-ci.yml
index 7ce1a71..a84a4f8 100644
--- a/.github/workflows/main-ci.yml
+++ b/.github/workflows/main-ci.yml
@@ -11,6 +11,13 @@ jobs:
steps:
- uses: actions/checkout@v4
+ - name: "CONFIGURE SSH Key"
+ env:
+ PRIVATE_KEY: ${{ secrets.TF_SSH_PRIVATE_KEY }}
+ run: |
+ echo "$PRIVATE_KEY" > ~/.ssh/id_rsa
+ chmod 600 ~/.ssh/id_rsa
+
- name: "Set up Terraform"
uses: hashicorp/setup-terraform@v3
with:
@@ -20,7 +27,7 @@ jobs:
run: |
terraform init
terraform plan -var digitalocean_access_token=$DIGITALOCEAN_ACCESS_TOKEN -out=tfplan
- terraform apply -var digitalocean_access_token=$DIGITALOCEAN_ACCESS_TOKEN -auto-approve tfplan
+ terraform apply tfplan -var digitalocean_access_token=$DIGITALOCEAN_ACCESS_TOKEN -auto-approve
env:
DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
- name: "Post-deployment testing"
diff --git a/main.tf b/main.tf
index 1385ac2..0a855a4 100644
--- a/main.tf
+++ b/main.tf
@@ -13,11 +13,6 @@ provider "digitalocean" {
token = var.digitalocean_access_token
}
-resource "digitalocean_ssh_key" "portfolio-v2-server" {
- name = "digitalocean_ssh_key"
- public_key = file("~/.ssh/id_rsa.pub")
-}
-
resource "digitalocean_droplet" "portfolio-v2-server" {
image = "ubuntu-24-10-x64"
name = var.droplet_name
@@ -26,6 +21,18 @@ resource "digitalocean_droplet" "portfolio-v2-server" {
ssh_keys = [var.ssh_fingerprint]
tags = ["portfolio-v2", "server"]
+ provisioner "file" {
+ source = "./scripts/install.sh"
+ destination = "/tmp/install.sh"
+
+ connection {
+ type = "ssh"
+ user = "root"
+ private_key = file("~/.ssh/id_rsa")
+ host = self.ipv4_address
+ }
+ }
+
provisioner "remote-exec" {
connection {
type = "ssh"
@@ -34,7 +41,10 @@ resource "digitalocean_droplet" "portfolio-v2-server" {
host = self.ipv4_address
}
- script = "./scripts/install.sh"
+ inline = [
+ "chmod +x /tmp/install.sh",
+ "/tmp/install.sh ${var.digitalocean_access_token}"
+ ]
}
}
@@ -71,4 +81,12 @@ resource "digitalocean_firewall" "portfolio-v2-server" {
protocol = "icmp"
destination_addresses = ["0.0.0.0/0", "::/0"]
}
+}
+
+resource "digitalocean_record" "portfolio-v2-server" {
+ name = "www"
+ value = digitalocean_droplet.portfolio-v2-server.ipv4_address
+ domain = "kristiennyamutsaka.com"
+ type = "A"
+ ttl = "1800"
}
\ No newline at end of file
diff --git a/scripts/install.sh b/scripts/install.sh
index 550e2b8..156e520 100644
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -1,21 +1,27 @@
-#!/usr/bin/env bash
+#!/bin/sh
-# Add Docker's official GPG key:
-sudo apt-get update -y
-sudo apt-get install ca-certificates curl
-sudo install -m 0755 -d /etc/apt/keyrings
-sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
-sudo chmod a+r /etc/apt/keyrings/docker.asc
+DOCTL_ACCESS_TOKEN=$1
-# Add the repository to Apt sources:
-echo \
- "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
- $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
- sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-sudo apt-get update
+if [ -z "$DOCTL_ACCESS_TOKEN" ]; then
+ echo "Error: DOCTL_ACCESS_TOKEN is not set"
+ exit 1
+fi
-# Install latest version
-sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+echo "Updating package list and installing dependencies..."
+sudo apt-get update -y || { echo "Failed to update package list"; exit 1; }
+sudo apt install apt-transport-https ca-certificates curl -y
+curl -fsSL https://get.docker.com -o get-docker.sh
+sudo sh get-docker.sh
-sudo docker --version
+sudo snap install doctl
+sudo snap connect doctl:dot-docker
+sudo mkdir /root/.config
+
+echo "Logging into Digital Ocean Services"
+sudo doctl auth init --access-token $DOCTL_ACCESS_TOKEN
+sudo doctl registry login
+
+echo "Pulling latest image"
+sudo docker pull registry.digitalocean.com/kristien-docr/portfolio-v2:local || { echo "Failed to pull image"; exit 1; }
+sudo docker run --name portfolio-v2 -d -p 80:80 registry.digitalocean.com/kristien-docr/portfolio-v2:local
\ No newline at end of file
diff --git a/tfplan b/tfplan
new file mode 100644
index 0000000000000000000000000000000000000000..3acab46a96e39a4a616fae0a37886aaef53ef81d
GIT binary patch
literal 6161
zcmaKwbySqy7RKpDx<MMG8wRAiq`SMD0TGap7#e8_>265{lty6)Vd!p<k{;;`_ulU_
z*1g}Jb^bVO*4gizGyC_v`#fq&@Cf)YDEFT^*bse~UjhjR6$WVI=49@ot%V2!8}LlU
zc3kIKG+951OYa)V=$jtizDUsPWro*S^CAlqRku;7bZO!)TnxyduT0u0g>?qT`{fS(
zb?Hj%46j3YF5u(jXydnN)2A&#>)1U2(0Xkxa_6eZ-qQ5$Sfb6m0eH`6h`qH+33`=U
zp1t)l+qa_JmN(C&t3iQYnV5z%mReFeLa&Zrp>e5nO5oOTB5a-4d50q~QlIeo{(BR~
zUOXWfM0NzeoDR+)lyDc!P=tb(Xt?zs>@WyFh(o_(ee96<ik$i^tEFUSM{rO-6`Q1_
zR;mHK16A4;9wJV|OjWZ122-Pa$E|*;YrI*gpkHpkb1}9o(WPP7TFH*;3$jZacTMwX
z?W%2k0>*6Bp9-i7P>Rr*&$UlFjDcu5h-ucOeygH>3P)FGwtks_Cmlx+cJ{@Ch9$yZ
z?D*}M&o~|hU*nA!(K>eSCQPq+*D95`R@x`feI$=RF`;hNcKUoSbgD9%|A2M#yj`eL
zC#`WyX$MjipZr~<Txxun$Gss05S+M7JRoHTJ5?KO9=r=9O%*}zW*JmwXF4m!PUV!S
z6?Z$jj-4Qz-IJf9H0b+nR4R(HH5=1^$>SB<Z16LW*Hb52o3dPG*7N7{A{kx_#1?~*
z*jG)qnJPmKB2yS2yFHkP0sE2)-cH~Kwvh&9&RqSer_2n8adINW3>b~5qNLvPprczq
zr2!RCkyc%Phg^u{uFUFzbrub7v)*vhEiJgAk_vcU()mcqn&lgZSUPotCXHWAv;C|;
zSC){4MX<378gh?}y9q|rRNduV*s1dvQDA^$3P@5iJ(^lN(Ys%~t9W{vC5c!?!AWVB
znl;U$A^qeOyWXx?4M@|qW`zCN^2v%_g*XHAQ{&Wi3S3Rr1J~y~_*;U#9Dy*eNP8Nw
ziDBkaSGo-BLS44Wyr!Nzg$k2h#+|Q_oQ3eXat`aMGw_qJ43x!i>m)+}R+UfCoz+>P
zEfjrG+&t1p{Ea<&7v!l=^aeke-+y(jR(VV>luz|iQ6Pq3gKs}tu}vee@(JT*Jc0FD
zR(bh^WyIzDRHOMu_2ZI4qNKURZoLLOx%h(}%^lxDqV+Qt-%h>wQ(W7ZH&H6$AJw50
zU@8>J?xsjvgjgz0@~NXNq2q+;N{gnlw9_v~mAWGY6iK1@<~8JlJlB`gXJ<>gF1L0E
zPU(W9M!C?P&neG$i#|HY;O$h2VRG$?XNbCbGSku9&w}0>p-qP~SiG&0h0C<ywVUq>
zd!o6es{DRt_Y4WKcGSC%X-(@~E)$nuE>nX6uk4ECVt1sug|i>M9m_A2-_QfNze>Y3
zIpuom7AM3Q;okQ80<zP}C8k%V)389`<+l-kLSY8=*;2jXqi>ai2!S=pPlTz-px$WG
zTp;@-VFa_MYs%a`iO(YI;5$9yz8twQSgg5vqbSdzE6+7d2DM_bqDy-t<l7BlW)Fs^
z5q`XLB6QsH>e8f%d=q-dht7zx`u-8#oBMyaO@4n^qqnccRJIv4X`N?Tq-n6<b%<1Y
zG~)~rCIhfBlNEtEpn%2DFACnM=(^ol<WUYSWJ*pha_##ua$L&&H82e?NAfDi!v%Id
z#3SHUtJY^^Mj3Lo@%~SB0LsZM!4K_^#XYlbL};0c?RjLYXhZ}Nx3FRapfQvqXEBzJ
zY&)ba)#Z$*-20M^`EPaG^;?GG2sSoV$Lmq0I7dGfm|S;Lh1BuQattdbbXu6Ii5eJp
z7Q&uLAJ;dLWOTl**eNsgewXW8?N9L@esOgPypwo|8TFi*NQM2wuopPWNuXR%;8wS+
z&9uxP7Y63;PE83JMJN_!N*NIbCKm$+M(zI!G4j8K*b`_DwEkO(W3<68a{&B>Ef$0-
zmRRYJtZ>G_G5!b~#y2!P6eVm3QH9R4$xjaRdLA8rhgWoAEmPq_Cu11-P}A*Klfyy&
z*||(hd7K@%`ux1IEZL6UN;?Z%;M6m4)BAmXBK3hJ<Nig~1b$VSwTwczeVt<4lYSbk
zV8Ho+aDSUe3IzW(P<yrTIZcd9j1D_6+q4B;A%zoH)9-A*%bk4d!<9FAGj8FDNginx
z(>HQp(4qi^_;iMS4`OjCdjvja$z@Nu`oud@>N7<*hBiW<sDac0yt0IR>(GHXpX;0b
zR+euWOl;8GiYKCYff#GCkCqlF8Ph6tNGH0Z!nM8dixT(=pYvHXJ|3U!_K{-Y^$B-F
zpsk{3i9MjfxDkpoq-o=cMbwF4xpaxKP)H~)6rb%wf{ply?F0KB8Riv9Oh?GmcT~#z
zM%zJFzDpIxxqMYs^|NlGd6o2CKx>~oep$RDz4iorTK;qZrbH^@s8a@PMcgwRMNP-G
znJoD4OtFE~{LV&Hl62Z{8_Y>B)mK6Gdt2YWf03cpj|LLaVO(>{-*h0`vW_(~+sy)r
zUpNdPE~+1gyUVapL(dc7u~oU$dD!SGrd)~davqCmko9x2@ps9)6d(p*4<2u`mf<!o
z0xM5-=b5#~wZzaq?BYSjluznTARO52J8l_Kg;5lC?t4`{n}kh$1L%hH#2iLxnv{yp
zQ4|aDpuLC{Y&bM{gf$FV9%4jJ4s+~IGo*S98=OIu9<D(iVmUXY`GlKz``jsg8NK>c
z6}(Zqm;8|{Ny<)_)(%VC%?W%JrQ2y6=||jkkTevZESVphC?qo060c>qMD!ykfZ%Dr
z&Sx^{vMrazGmV(+G2cK$gSgU(<UT>6!9)dg&||<z8~1QN_8PCWK5yljb=!em)ti(i
zV&|rJ`I;|t7`Hl?x@HgPt4i>`x*PO7TQU&4vh8|7BG$jmi`zl5htZOABEwgcYUr<L
z6z-2I>gsYJCL%J=akenQ{izk>Q8Oix8SLhqVJ%832y3re$BAU<;&_SU+Lz@~^Bh)u
zbbQIk(1t(s@GLT^qJ3t;Td-Hs|I8X<iO$(WNO?Et%Dx4npFTX^-6ANvow4kgOEfN-
znp1T;o4SIQBnA@BrP-?*C$KN7wXx7?hqpH^^@4i?VgG`4O{uir6&?mg0Og-x#rO#;
zo12HV_b<d6yA}ZOUw*F<7sg^GhU**?9&F;#E-0ReYk8VE9P`@pX-{P57s>{OiMvnS
zR-|T$4wSgPqFVu3yMC@F?Dxo)YAI{oBa8K4WYZ~e1WtJZcbfi-tX+JTHa@|4qL2}>
zF<F(-c3WE$Q6jTBUGe$ORoEI}Sm|mX;KC&DsGpBUklgUdK>Yg-AyuUrse3R}xd)BR
zP?=~QvsP23f&53@EYup<?EJdCWBKwTJL0@L`o{r*cPokpoJAYMfskFEBRR3f<-_iq
z7r=hzBJ~N~aoq`xWZ7B0`H2YamXfNFqm0y2-4!>Odn^q}7i71uyvUzN9!`!E>QPs3
zgQ%nEWik@U?a9axsLmyq5tm_MP>MO>;t#&O;%xNFgJ)Q~s-6{OwzGb#9e#pS^cn?{
zvhu-z>{*Yd7Xy>56Sq6=D_+d}Zvc3m$E06apB2U0dOm8~qPvaN6L611NziI6!c6)a
z&k*pYCm^*=ZrHJ(v~Z5fd>JIMiYy8+Psq|#6HpL4o=!$@D_W0nS5TsU{(xmXmpa!y
zmQg%?cO{>(#tpcYPZ~KB=j?(h5g@EW3d}M^Q*1036wN6EEaf?&^WKs6_I)pAF1~rg
z6KMlfWHfrudBsjAQ9aQOEjPk2t7C}>!SAq&CNEMC!lk@B+)!Y{U|+eT6)?rXy<vO6
z5)Fc1jH8TtkEO;vmT2?AHzV%3%@0_H$Kj2Z0@9`L6lD1qvKw4aU95%_nOm%1ShU4B
z?J6M%57G!fm6TOa$15DQS8eKXXtUn?xLjN)NL%&E-TPUrr)A3uA_SEt3FALlDr{Q2
zr}}~cv63-K*hT85ySr`+ql#RHv;MU+;RF;@P;2194I92UhrLL4P%4DVrDgJRLX38J
z_fWyNL;`kxaX7b?Bqy!j<6Y;~h4mMrW$@+s%E`%Ex8#y3$LbZ>EbuuWvM1-<eDI6f
z=|Br;ibb?tAJJXFh5*^S_Bnsw3{wiR=Cu0#wPstD>N^`~W-l@N(b<$2Xh?!G)AS~N
z!DRRxy>=7qYN}IsZ3}{RP2FSoFyn7i(JmSwtawY`lw_}3B~Mhtw78kb+`TmWef4a$
z{r;lzpLeLAY6L**9!uPR#FFseSX#Qe*x1{0IJ0rMdI8<MfS&9?o4)~N9pZWv!if>K
zLJ|2?*cy~)VZA#ROO~7bW>O=R?Q_4z*?~5q>)j&9M5B--_o(uxIwb$gNAg<ymR_mw
zJY5<&=>o#3{M5x(T4+|Fc2sCmc)J6aZr2BrNYgzou<VguO;@SKCnXz_S?4EKu})Ub
z5Z{IK1t`&9`zR#bi}t(URm%PN|Gfb5AN%k&_pmp&aI*ewC&>w_N~hu&pzmP;AWrDx
z%SGs67mcsF`Ny;w`&rCkm2f(?(jN;&f#T-6--fw_`@i>Fol4#k;~24I(HbOOlTi34
zBZ^0phSuRQP6zv)+9DiusGwYhdE?o*l9<1Is)na{Gq!j^J!|khy;mr%XW~bVMlw!s
zO0TVca&L2(nQB(`*7q{TlOv{F)!HC442iE~uX2y6U<sZq<P!)^q&-&r-hSQHA~@KC
zDQGZZ`9(?_`kBSu*Fi{8M3GRj$^5Q+<?%rP@Y*{6O>&HE)-D6Q2}%RlDceRs6hX^5
z#?&3mbSoy-0UmTo+x8#tUuF602uBcPs7~*XF9`0Rju7vUBXl;mclosr2DSGc<~Z?h
zOt+sJ^#nLoCQt~lI8%j)$f3%nxZvU#9#>nH7~AK(l&`A??AMKA@?RDl-Fy|?+A*4=
zP0-UXUpczQ2s(7EK-Hdkz26||!SpEi)WA<&KeDUCA_5LDmna>CSlgYrcNmP>OOXiS
zKds*yQ9GQWAGuoB`~d|9@LO<I=Nyv-3=NN1Oo+Q-fN{B8n~7V5B(6D)(U?X*aBp6P
zp!lH{geb~1m3`$gi=}U`OKD1~egi0cR0bMt)MNa%Z|vy*l*uN^Ui3qIhK#!GI11-i
z`K=V{H@wwJb+47NsP|5rDMePOkrs;QS3^P&=lkBzC9^nB%46EErK#8HeZG!hZ-trU
zF)1GHdl!}--d_a_b9z6pLPOoflP##wa>Neld!ep9?|fOIvE9bs1r<oTXdxjg;<k^K
zAgMTaIl{sWf7~pFk?SQ-EjxMnvX*)QHC}?Bl?waiNOpa$Fr=K0aT=5dw0sLf1XSu6
z2`p6NE8+-2$8>3rLL1KjoqowzB-aAT5G-eAXSg5xU%#vuH=&6xb{~y%oYTvZ_&|L;
zFtdGO!2xO|sTM`3&-2SwTx1$<R!c3G(i<@6a<zH)9Wy_hN-P_kiB4_~H_4`q>j37p
zr6vvSE3C{oGEMXWrF7<#2|DVvQr%bupBqFVnXgo9sxOka^tsTlG}m8n<qSt(2xl7C
zZv?+x9Hz!xEur&xd{-yDJhG)P`l_)ikmaBRoW^q9{Lb)9wU(%(p)ymf17PhhX|HfI
zd+rX`y1+iREj`gU(*1qzYTG#1i4ExA@1pRuX7mlRdh=pr)$-UR4#THhn!~h1_v^=h
zmGFj*u-uFL@*P9|rxGUkt%O~zydDI=!PE7pQxmnRp;mf7?&DacN~=yoO=B$B&6qn{
z+(?9;9Wl(HT2K6*l>bQR+agB_ru*5$`2W)LzzsXl+QY-##?`}_-O1I`k=@SH>2Lki
z8dr)Ym%~Lq^b3s2_ZsJplC!ZY7WeyFHztaWv_`})D&1#UJgD5feULy*a#f$%)WJSc
z#myan0DI@(<nP&>oo4jiQhx*-QVoi(1|7;!a(qVqSXm5(s)GFu&eH&IdE-k!)*_W@
zH$w+A$0}IyzU`qkX^tllZp#m1*&JYBz2l=}pQw$akGu540<8;IkfZJ$cZ2hi_r@b>
z5Xg|}`jD^x%I?1J=v6`3<4-?kINA?VH>9$LcaLg~+I7L%E@(>~0nM!5!dV<8yX#wy
zE6_mpz^Q{%f1;_i9Pg=5Hx!@zPdM8AZZF*`uySr8D;2IwpMIQrvn{>6JNn$+TC+5N
zdwkg*?{%}XG;#;Mi?2Dq`!Rq1?SLM}-GPe@gC2=+eO4IcXmfnppB3~HpjT65mGcpY
z7aO)7^<5sCI2RH-AfxQbi|!RVc|Hbnm~br*M`upNMj$6_<@VHWoME}yTIo=3bQw<*
ze+hB$;r1I(D|OnMnK4jYhp3yklsXJDrJ-VkJSVpA`2c({tM9i0gxcbbFG!Q&(g^Pj
z0k3g%dv^*@oXSqw2M9<*%vdbE_ytI^k{Xiv_1+D0&vv+FqKeYej?VCP@M~cPp)M-b
z2leFAk&rebZK6=*J)>c?f*r~;nMSC`f|_U<@oRl{z#xne$DUruBg~_NJ9rjF0LLj&
z)c1ut7QHpH2dGrIuLbXhB#S-S$tSKv;W<tI#Ij*FAAi-LpaorfMMnrpsGcNwv^}?2
zO5M(4x*S5Ds~IlnRza>i=d;sRZETaFvcI><TL}@bHXI0k>(F4P=8=M5FjFTVg~wb!
zMLHU6Mof)9JX>s|<h`|y$;TywS@rex6WCF3vU&xI<UU@M7oDqgNE@SL7y0104aFmB
zPbm@;kcwkueZ3t4kp`P^=G2UVgR=X#MvQGO&km<&%DzR!>7VlEAsRG}nU>4T2+-Ww
z@Hbv()M&lVad76FU)aJ4YxFx&DCWYWI<sF`=a&iWqEVQ&=xLHjYt;*s<-g=VPd&87
z#}9S1Yj(~`dY!47ZbBdt${kU&!dE&h&qY@3qcd^9$0e=wwl`Niy>M>XDwbQZll#Ni
z@*YO|B$_OVo*`4&NBp3;WqxN9%3O)u-ifM#E#sTED`%+O-@q;o^ETMt_dL`0-hrAD
zEF3<}PYd@~PvODB{XPCLbpKrZ>mBF8cK8{Q_m2YF{BA=0x%$^u?BO2tGx+Z(|6Tq2
zt?17bzji?nJ=@P1y7x$cHvibc{h937e&C^T`WY#hzbE^jZPcIXe%0m&G5i_RkA6@0
zXG`&Cre6j3LCb$eCeE*!{+F`<nd{eD`2AO5-}_AeB-m<7h)54lelY)q?%z3`1P`-+
E0mq)dh5!Hn
literal 0
HcmV?d00001