diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..69293b9
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,3 @@
+BESZEL_HUB_URL=http://mon.localhost
+NEXTCLOUD_DOMAIN=cld.localhost
+GITEA_URL=http://git:3000
diff --git a/.gitea/workflows/demo.yaml b/.gitea/workflows/demo.yaml
deleted file mode 100644
index 394c807..0000000
--- a/.gitea/workflows/demo.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-name: Gitea Actions Demo
-run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
-on: [push]
-
-jobs:
- Explore-Gitea-Actions:
- runs-on: ubuntu-latest
- steps:
- - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event."
- - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!"
- - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}."
- - name: Check out repository code
- uses: actions/checkout@v4
- - run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
- - run: echo "🖥️ The workflow is now ready to test your code on the runner."
- - name: List files in the repository
- run: |
- ls ${{ gitea.workspace }}
- - run: echo "🍏 This job's status is ${{ job.status }}."
\ No newline at end of file
diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml
index 7af81d5..bdabbe0 100644
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -1,5 +1,5 @@
-name: Deploy
-run-name: Deploy
+name: 🚀 Deploy
+run-name: '🚀 Deploy: ${{ gitea.ref_name }} by @${{ gitea.actor }}'
on:
workflow_dispatch:
@@ -17,11 +17,39 @@ jobs:
echo "Clean ref name: $CLEAN_REF_NAME"
echo "CLEAN_REF_NAME=$CLEAN_REF_NAME" >> $GITEA_ENV
- - name: ⚙️ Configure SSH Client
+ - name: ⚙️ Configure ssh client
+ uses: ./.gitea/actions/configure-ssh-client
+ with:
+ ssh_host: ${{ secrets.SSH_HOST }}
+
+ - name: 📦 Create backup of data/ folder
+ env:
+ SSHPASS: ${{ secrets.SSH_PASSWORD }}
+ SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
+ SSH_HOST: ${{ secrets.SSH_HOST }}
+ DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }}
+ REF_NAME: ${{ env.CLEAN_REF_NAME }}
run: |
- sudo apt-get update && sudo apt-get install -y sshpass
- mkdir -p ~/.ssh
- ssh-keyscan -p 22 "${{ secrets.SSH_HOST }}" >> ~/.ssh/known_hosts
+ sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
+ set -e
+ cd "$DEPLOY_DIRECTORY"
+
+ mkdir -p backups
+
+ BACKUP_DATE=\$(date +%Y-%m-%d_%H-%M-%S)
+ BACKUP_FILE="backups/backup-${REF_NAME}-\${BACKUP_DATE}.tar.gz"
+
+ echo "Creating backup of data/ into \${BACKUP_FILE}..."
+
+ if [ -d "data" ]; then
+ tar -czf "\${BACKUP_FILE}" data
+ echo "✅ Backup created successfully!"
+ else
+ echo "⚡️ No data/ folder, backup creation skipped."
+ fi
+
+ find backups/ -type f -name "backup-*.tar.gz" -mtime +7 -delete
+ EOT
- name: 🏗️ Create docker-compose file
env:
@@ -38,7 +66,7 @@ jobs:
cat > \"docker-compose-$REF_NAME.yml\"" \
< docker-compose.yml
- - name: 🔐 Create secrets
+ - name: 🔐 Create secrets and envs
env:
SSHPASS: ${{ secrets.SSH_PASSWORD }}
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
@@ -46,12 +74,22 @@ jobs:
DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }}
BESZEL_AGENT_KEY: ${{ secrets.BESZEL_AGENT_KEY }}
BESZEL_AGENT_TOKEN: ${{ secrets.BESZEL_AGENT_TOKEN }}
- GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}
+ BESZEL_HUB_URL: ${{ vars.BESZEL_HUB_URL }}
+ GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets.RUNNER_REGISTRATION_TOKEN }}
+ GITEA_URL: ${{ vars.GIT_URL }}
VAULTWARDEN_ADMIN_TOKEN: ${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}
+ NEXTCLOUD_DOMAIN: ${{ vars.NEXTCLOUD_DOMAIN }}
run: |
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
set -e
cd "$DEPLOY_DIRECTORY"
+
+ cat << 'EOF_ENV' > .env
+ BESZEL_HUB_URL=$BESZEL_HUB_URL
+ NEXTCLOUD_DOMAIN=$NEXTCLOUD_DOMAIN
+ GITEA_URL=$GITEA_URL
+ EOF_ENV
+
mkdir -p secrets
cat << 'EOF_SECRET' > secrets/beszel_agent_key.txt
@@ -81,12 +119,16 @@ jobs:
SSH_HOST: ${{ secrets.SSH_HOST }}
DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }}
REF_NAME: ${{ env.CLEAN_REF_NAME }}
- TELEGRAM_TOKEN: ${{ secrets.DEPLOY_TELEGRAM_BOT_TOKEN }}
- TELEGRAM_CHAT: ${{ secrets.DEPLOY_TELEGRAM_CHAT_ID }}
- PROXY_HOST: ${{ secrets.PROXY_HOST }}
- PROXY_PORT: ${{ secrets.PROXY_PORT }}
- PROXY_USER: ${{ secrets.PROXY_USER }}
- PROXY_PASSWORD: ${{ secrets.PROXY_PASSWORD }}
+ TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_DEPLOY_BOT_TOKEN }}
+ TELEGRAM_CHAT: ${{ secrets.TELEGRAM_DEPLOY_CHAT_ID }}
+ PROXY_URL: ${{ secrets.PROXY_URL }}
+ SUCCESS_MESSAGE: |-
+ ✅ Успешный деплой!
+ Релиз: ${{ gitea.ref_name }}
+ FAILURE_MESSAGE: |-
+ ❌ Ошибка деплоя!
+ Релиз: ${{ gitea.ref_name }}
+ DEPLOY_LOG_FILE: /tmp/deploy-${{ env.CLEAN_REF_NAME }}.log
run: |
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
set -e
@@ -95,30 +137,24 @@ jobs:
nohup bash -c '
sleep 5
- if docker compose -f "docker-compose-${REF_NAME}.yml" up -d --remove-orphans > /tmp/docker_deploy.log 2>&1; then
- ESCAPED_REF=\$(echo "${REF_NAME}" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g")
- TEXT="🚀 *Деплой успешен\!* %0AСервер применил релиз: \`\$ESCAPED_REF\`"
-
- # ИСПРАВЛЕНО: Восстановлен верный URL api.telegram.org/bot\$TELEGRAM_TOKEN/
- curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \
- --proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \
+ if docker compose --dry-run -f "docker-compose-${REF_NAME}.yml" up -d --remove-orphans > ${DEPLOY_LOG_FILE} 2>&1; then
+ curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
+ --proxy "${PROXY_URL}" \
-d "chat_id=${TELEGRAM_CHAT}" \
- -d "parse_mode=MarkdownV2" \
- -d "text=\$TEXT" > /dev/null
+ -d "parse_mode=HTML" \
+ --data-urlencode "text=${SUCCESS_MESSAGE}" > /dev/null
else
- ERROR_LOG=\$(tail -n 10 /tmp/docker_deploy.log)
- ESCAPED_LOG=\$(echo "\$ERROR_LOG" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g" | sed "s/!/\\\\!/g")
- TEXT="❌ *Ошибка деплоя релиза ${REF_NAME}\!* %0A%0A\`\`\`%0A\$ESCAPED_LOG%0A\`\`\`"
-
- # ИСПРАВЛЕНО: Здесь URL тоже приведен к стандарту Telegram API
- curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \
- --proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \
+ curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
+ --proxy "${PROXY_URL}" \
-d "chat_id=${TELEGRAM_CHAT}" \
- -d "parse_mode=MarkdownV2" \
- -d "text=\$TEXT" > /dev/null
+ -d "parse_mode=HTML" \
+ --data-urlencode "text=${FAILURE_MESSAGE}" > /dev/null
fi
-
- rm -f /tmp/docker_deploy.log
+
+ curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendDocument" \
+ --proxy "${PROXY_URL}" \
+ -F "chat_id=${TELEGRAM_CHAT}" \
+ -F "document=@${DEPLOY_LOG_FILE}" > /dev/null && rm -f ${DEPLOY_LOG_FILE}
' > /dev/null 2>&1 &
EOT
diff --git a/.gitea/workflows/test_telegram_deploy_bot.yaml b/.gitea/workflows/test_telegram_deploy_bot.yaml
index bb4bfb3..a4e49ca 100644
--- a/.gitea/workflows/test_telegram_deploy_bot.yaml
+++ b/.gitea/workflows/test_telegram_deploy_bot.yaml
@@ -7,21 +7,15 @@ jobs:
send_test_message:
runs-on: ubuntu-latest
steps:
- - name: Checout repository
+ - name: 📂 Checkout repository
uses: actions/checkout@v4
- - name: Configure ssh client
+ - name: ⚙️ Configure ssh client
uses: ./.gitea/actions/configure-ssh-client
with:
ssh_host: ${{ secrets.SSH_HOST }}
- - name: Prepare message
- id: prepare_message
- uses: ./.gitea/actions/telegram-message-escape
- with:
- message: 💬 Test message
-
- - name: Send message
+ - name: 💬 Send message
env:
SSHPASS: ${{ secrets.SSH_PASSWORD }}
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
@@ -32,9 +26,11 @@ jobs:
MESSAGE: ${{ steps.prepare_message.outputs.escaped_message }}
run: |
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
- curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
+ set -e
+
+ curl -s --connect-timeout 10 -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
--proxy "${PROXY_URL}" \
-d "chat_id=${TELEGRAM_CHAT}" \
- -d "parse_mode=MarkdownV2" \
- -d "text=$MESSAGE" > /dev/null
+ -d "parse_mode=HTML" \
+ --data-urlencode "text=💬 Test message"
EOT
\ No newline at end of file