lubiana/saufen
1
0
Fork 0
Code Issues Pull requests Releases 7 Activity Actions

deployyyyy
All checks were successful
/ ls (pull_request) Successful in 1m35s
Details

Browse source
This commit is contained in:
lubiana 2025-06-15 01:41:25 +02:00
parent d468d5a6e3
commit d442b2e522
Signed by: lubiana
SSH key fingerprint: SHA256:vW1EA0fRR3Fw+dD/sM0K+x3Il2gSry6YRYHqOeQwrfk
11 changed files with 318 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

37
.forgejo/workflows/pull_request.yml Normal file
View file

@ -0,0 +1,37 @@
on: [pull_request]
jobs:
ls:
runs-on: docker
container:
image: git.php.fail/lubiana/container/php:8.4.8-ci
steps:
- name: Manually checkout
env:
REPO: '${{ github.repository }}'
TOKEN: '${{ secrets.GITHUB_TOKEN }}'
GIT_SERVER: 'git.hannover.ccc.de'
run: |
git clone --branch $GITHUB_HEAD_REF https://${TOKEN}@${GIT_SERVER}/${REPO}.git .
git fetch
git checkout $GITHUB_HEAD_REF
- name: composer install
env:
COMPOSER_CACHE_DIR: /opt/hostedtoolcache/.composer/cache/files
run: |
mkdir -p ${{ env.COMPOSER_CACHE_DIR }}
composer install
- name: lint
run: composer lint
- name: test
run: composer test
- name: GIT commit and push all changed files
env:
CI_COMMIT_MESSAGE: Continuous Integration Fixes
CI_COMMIT_AUTHOR: Continuous Integration
run: |
if [[ -n "$(git status -s)" ]]; then
git config --global user.name "${{ env.CI_COMMIT_AUTHOR }}"
git config --global user.email "gitbot@users.noreply.php.fail"
git commit -am "${{ env.CI_COMMIT_MESSAGE }}"
git push
fi

41
.forgejo/workflows/push.yml Normal file
View file

@ -0,0 +1,41 @@
on:
push:
branches:
- 'main'
jobs:
ls:
runs-on: docker
container:
image: git.php.fail/lubiana/container/php:8.4.8-ci
steps:
- name: Manually checkout
env:
REPO: '${{ github.repository }}'
TOKEN: '${{ secrets.GITHUB_TOKEN }}'
BRANCH: '${{ env.GITHUB_REF_NAME }}'
GIT_SERVER: 'git.hannover.ccc.de'
run: |
git clone --branch $GITHUB_REF_NAME https://${TOKEN}@${GIT_SERVER}/${REPO}.git .
git fetch
git checkout ${{ github.head_ref }}
- name: composer install
env:
COMPOSER_CACHE_DIR: /opt/hostedtoolcache/.composer/cache/files
run: |
mkdir -p ${{ env.COMPOSER_CACHE_DIR }}
composer install
- name: lint
run: composer lint
- name: test
run: composer test
- name: GIT commit and push all changed files
env:
CI_COMMIT_MESSAGE: Continuous Integration Fixes
CI_COMMIT_AUTHOR: Continuous Integration
run: |
if [[ -n "$(git status -s)" ]]; then
git config --global user.name "${{ env.CI_COMMIT_AUTHOR }}"
git config --global user.email "gitbot@users.noreply.php.fail"
git commit -am "${{ env.CI_COMMIT_MESSAGE }}"
git push
fi

49
.forgejo/workflows/release.yml Normal file
View file

@ -0,0 +1,49 @@
on:
release
jobs:
ls:
runs-on: docker
container:
image: git.php.fail/lubiana/container/php:8.4.8-ci
steps:
- name: Manually checkout
env:
REPO: '${{ github.repository }}'
TOKEN: '${{ secrets.GITHUB_TOKEN }}'
BRANCH: '${{ env.GITHUB_REF_NAME }}'
GIT_SERVER: 'hannover.ccc.de/gitlab'
run: |
git clone --branch $GITHUB_REF_NAME https://${TOKEN}@${GIT_SERVER}/${REPO}.git .
git fetch
git checkout ${{ github.head_ref }}
- name: prepare deploy
run: sh ./deploy/prepare-deploy.sh
- name: deploy
env:
HOST: 'web.server.c3h'
USERNAME: 'c3h-futtern'
TARGETDIR: '/home/c3h-futtern/saufen'
HOMEDIR: '/home/c3h-futtern'
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
run: |
mkdir -p ~/.ssh/
# Print the SSH key, replacing newline characters with actual new lines
echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
# Set appropriate permissions for the SSH key
chmod 600 ~/.ssh/id_rsa
# Add the remote host's key to the known_hosts file to avoid authenticity confirmation
ssh-keyscan -H $HOST >> ~/.ssh/known_hosts
# stop services
ssh ${USERNAME}@${HOST} systemctl --user stop pod-saufen
# backup database
ssh ${USERNAME}@${HOST} "cp ${HOMEDIR}/saufen/app/var/data.db ${HOMEDIR}/backup/data-saufen.db-$(date +\"%Y%m%d%H%M%S\")"
# only keep last 10 backupts
ssh ${USERNAME}@${HOST} "find ${HOMEDIR}/backup/ -type f | sort | head -n -10 | xargs rm -f"
# SCP files to the remote host
rsync -avz --delete deploy/ ${USERNAME}@${HOST}:${TARGETDIR} --exclude=var
# run update script
ssh ${USERNAME}@${HOST} /home/c3h-futtern/saufen/update.sh

7
deploy/etc/caddy/Caddyfile Normal file
View file

@ -0,0 +1,7 @@
:8090 {
log
root * /var/www/html/public
php_fastcgi localhost:9001
file_server
encode zstd gzip
}

13
deploy/etc/php84/php-fpm.d/www.conf Normal file
View file

@ -0,0 +1,13 @@
[www]
user = root
group = root
listen = 9001
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
env[APP_ENV]=$APP_ENV
env[APP_SECRET]=$APP_SECRET
catch_workers_output = yes

10
deploy/local-deploy.sh Executable file
View file

@ -0,0 +1,10 @@
#!/usr/bin/env sh
export HOMEDIR='/home/c3h-futtern/'
. ./deploy/prepare-deploy.sh
ssh leitstelle-futtern 'systemctl --user stop pod-futtern'
ssh leitstelle-futtern "cp ${HOMEDIR}/saufen/app/var/data.db ${HOMEDIR}/backup/dat-saufena.db-$(date +\"%Y%m%d%H%M%S\")"
ssh leitstelle-futtern "find ${HOMEDIR}/backup/ -type f | sort | head -n -10 | xargs rm -f"
rsync -avz --delete deploy/ leitstelle-futtern:saufen --exclude=var
ssh leitstelle-futtern '/home/c3h-futtern/saufen/update.sh'

22
deploy/prepare-deploy.sh Executable file
View file

@ -0,0 +1,22 @@
#!/usr/bin/env sh
TARGETDIR='deploy/app'
if [ -d $TARGETDIR ]; then
rm -rf $TARGETDIR
fi
mkdir $TARGETDIR
cd $TARGETDIR || return
pathsToCopy="assets public bin config migrations src templates composer.json composer.lock symfony.lock .env importmap.php"
for path in $pathsToCopy
do
cp -r ../../"$path" ./
done
APP_ENV=prod composer install --no-dev -a
rm -rf ./var/cache
cd -

43
deploy/systemd/container-saufen-caddy.service Normal file
View file

@ -0,0 +1,43 @@
# container-futtern-caddy.service
# autogenerated by Podman 4.3.1
# Sun Jun 23 05:33:51 UTC 2024
[Unit]
Description=Podman container-futtern-caddy.service
Documentation=man:podman-generate-systemd(1)
Wants=network-online.target
After=network-online.target
RequiresMountsFor=%t/containers
BindsTo=pod-saufen.service
After=pod-saufen.service
[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70
ExecStartPre=/bin/rm \
-f %t/%n.ctr-id
ExecStart=/usr/bin/podman run \
--cidfile=%t/%n.ctr-id \
--cgroups=no-conmon \
--rm \
--pod-id-file %t/pod-futtern.pod-id \
--sdnotify=conmon \
--replace \
-d \
--name futtern-caddy \
--volume %h/saufen/etc/caddy/Caddyfile:/etc/caddy/Caddyfile \
--volume %h/saufen/app:/var/www/html \
--volume caddy_data:/data docker.io/caddy/caddy:alpine
ExecStop=/usr/bin/podman stop \
--ignore -t 10 \
--cidfile=%t/%n.ctr-id
ExecStopPost=/usr/bin/podman rm \
-f \
--ignore -t 10 \
--cidfile=%t/%n.ctr-id
Type=notify
NotifyAccess=all
[Install]
WantedBy=default.target

46
deploy/systemd/container-saufen-php.service Normal file
View file

@ -0,0 +1,46 @@
# container-futtern-php.service
# autogenerated by Podman 4.3.1
# Sun Jun 23 05:33:51 UTC 2024
[Unit]
Description=Podman container-futtern-php.service
Documentation=man:podman-generate-systemd(1)
Wants=network-online.target
After=network-online.target
RequiresMountsFor=%t/containers
BindsTo=pod-futtern.service
After=pod-futtern.service
[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70
ExecStartPre=/bin/rm \
-f %t/%n.ctr-id
ExecStart=/usr/bin/podman run \
--cidfile=%t/%n.ctr-id \
--cgroups=no-conmon \
--rm \
--pod-id-file %t/pod-futtern.pod-id \
--sdnotify=conmon \
--replace \
-d \
--name futtern-php \
--volume %h/futtern/etc/php84/php-fpm.d/www.conf:/etc/php84/php-fpm.d/www.conf \
--volume %h/futtern/app:/var/www/html \
--volume %h/futtern/app/var:/var/www/html/var \
--env APP_ENV=prod \
--env APP_SECRET=UwUtHiSisNotSecurePlZcHanGeMe \
git.php.fail/lubiana/container/php:8.4-fpm
ExecStop=/usr/bin/podman stop \
--ignore -t 10 \
--cidfile=%t/%n.ctr-id
ExecStopPost=/usr/bin/podman rm \
-f \
--ignore -t 10 \
--cidfile=%t/%n.ctr-id
Type=notify
NotifyAccess=all
[Install]
WantedBy=default.target

42
deploy/systemd/pod-saufen.service Normal file
View file

@ -0,0 +1,42 @@
# pod-futtern.service
# autogenerated by Podman 4.3.1
# Sun Jun 23 05:33:51 UTC 2024
[Unit]
Description=Podman pod-futtern.service
Documentation=man:podman-generate-systemd(1)
Wants=network-online.target
After=network-online.target
RequiresMountsFor=/run/user/%U/containers
Wants=container-futtern-caddy.service container-futtern-php.service
Before=container-futtern-caddy.service container-futtern-php.service
[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70
ExecStartPre=/bin/rm \
-f %t/pod-futtern.pid %t/pod-futtern.pod-id
ExecStartPre=/usr/bin/podman pod create \
--infra-conmon-pidfile %t/pod-futtern.pid \
--pod-id-file %t/pod-futtern.pod-id \
--exit-policy=stop \
--label io.containers.autoupdate=registry \
--name futtern \
-p 8087:8087 \
--replace
ExecStart=/usr/bin/podman pod start \
--pod-id-file %t/pod-futtern.pod-id
ExecStop=/usr/bin/podman pod stop \
--ignore \
--pod-id-file %t/pod-futtern.pod-id \
-t 10
ExecStopPost=/usr/bin/podman pod rm \
--ignore \
-f \
--pod-id-file %t/pod-futtern.pod-id
PIDFile=%t/pod-futtern.pid
Type=forking
[Install]
WantedBy=default.target

8
deploy/update.sh Executable file
View file

@ -0,0 +1,8 @@
#!/usr/bin/env sh
systemctl --user stop pod-saufen
systemctl --user start pod-saufen
sleep 2
podman exec -it saufen-php /var/www/html/bin/console cache:clear
podman exec -it saufen-php /var/www/html/bin/console cache:warmup
echo 'yes' | podman exec -it saufen-php /var/www/html/bin/console doctrine:migrations:migrate