name: Build and Deploy Production on: push: tags: - "v*.*.*" jobs: build-and-push: runs-on: homelab-latest container: image: catthehacker/ubuntu:act-latest env: DOCKER_REGISTRY: git.comprofix.com IMAGE_NAME: mmckinnon/comprofix.com steps: - uses: actions/checkout@v4 - uses: docker/setup-buildx-action@v3 - uses: docker/login-action@v3 with: registry: ${{ env.DOCKER_REGISTRY }} username: ${{ secrets.REGISTRY_USERNAME }} password: ${{ secrets.REGISTRY_TOKEN }} - name: Extract version from tag id: vars run: echo "VERSION=${GITHUB_REF_NAME}" >> $GITHUB_ENV - name: Build and push Docker images uses: docker/build-push-action@v6 with: context: . file: ./Dockerfile push: true tags: | ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} build-args: | HUGO_BASEURL=https://comprofix.com/ deploy: runs-on: homelab-latest needs: build-and-push env: DEPLOY_USER: administrator DEPLOY_HOST: docker.comprofix.xyz DEPLOY_PATH: /opt/comprofix steps: - uses: actions/checkout@v4 - name: Deploy to production server run: | mkdir -p ~/.ssh eval $(ssh-agent -s) ssh-add <(echo "${{ secrets.SSH_PRIVATE_KEY }}") echo "HOST *" > ~/.ssh/config echo "StrictHostKeyChecking no" >> ~/.ssh/config echo "nameserver 10.10.10.1" > /etc/resolv.conf echo "Uploading docker-compose.yml and .env.production..." scp docker-compose.yml $DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH # Replace IMAGE_TAG in .env.production with the current VERSION sed "s/^IMAGE_TAG=.*/IMAGE_TAG=${{ env.VERSION }}/" .env.production > .env.production.new scp .env.production.new $DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH/.env.production echo "Deploying production container..." ssh -o StrictHostKeyChecking=no $DEPLOY_USER@$DEPLOY_HOST " cd $DEPLOY_PATH docker compose --env-file .env.production down --remove-orphans docker compose --env-file .env.production pull --ignore-pull-failures docker compose --env-file .env.production up -d "