Compare commits
9 Commits
3ed4611e9e
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 66ee081c80 | |||
| a2fc1ed141 | |||
| 3a0e3d419c | |||
| 77ba40f657 | |||
| 5f86776b83 | |||
| bd292c4e84 | |||
| db7d350df5 | |||
| 8f860d5fe0 | |||
| 0e278211ca |
@@ -0,0 +1,3 @@
|
|||||||
|
BESZEL_HUB_URL=http://mon.localhost
|
||||||
|
NEXTCLOUD_DOMAIN=cld.localhost
|
||||||
|
GITEA_URL=http://git:3000
|
||||||
@@ -1,26 +0,0 @@
|
|||||||
name: '🧼 Telegram message escape'
|
|
||||||
description: 'Automatically escapes dots, dashes, and exclamation marks for Telegram MarkdownV2'
|
|
||||||
|
|
||||||
inputs:
|
|
||||||
message:
|
|
||||||
description: 'The raw text string to escape'
|
|
||||||
required: true
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
escaped_message:
|
|
||||||
description: 'The safely escaped string ready for Telegram'
|
|
||||||
value: ${{ steps.escape.outputs.result }}
|
|
||||||
|
|
||||||
runs:
|
|
||||||
using: 'composite'
|
|
||||||
steps:
|
|
||||||
- id: escape
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
RAW_MESSAGE="${{ inputs.message }}"
|
|
||||||
|
|
||||||
ESCAPED_MESSAGE=$(echo "$RAW_MESSAGE" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g" | sed "s/!/\\\\!/g")
|
|
||||||
|
|
||||||
echo "result<<EOF" >> $GITHUB_OUTPUT
|
|
||||||
echo "$ESCAPED_MESSAGE" >> $GITHUB_OUTPUT
|
|
||||||
echo "EOF" >> $GITHUB_OUTPUT
|
|
||||||
@@ -1,19 +0,0 @@
|
|||||||
name: Gitea Actions Demo
|
|
||||||
run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
|
|
||||||
on: [push]
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
Explore-Gitea-Actions:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event."
|
|
||||||
- run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!"
|
|
||||||
- run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}."
|
|
||||||
- name: Check out repository code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
- run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
|
|
||||||
- run: echo "🖥️ The workflow is now ready to test your code on the runner."
|
|
||||||
- name: List files in the repository
|
|
||||||
run: |
|
|
||||||
ls ${{ gitea.workspace }}
|
|
||||||
- run: echo "🍏 This job's status is ${{ job.status }}."
|
|
||||||
@@ -1,5 +1,5 @@
|
|||||||
name: Deploy
|
name: 🚀 Deploy
|
||||||
run-name: Deploy
|
run-name: '🚀 Deploy: ${{ gitea.ref_name }} by @${{ gitea.actor }}'
|
||||||
on:
|
on:
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
|
|
||||||
@@ -17,18 +17,47 @@ jobs:
|
|||||||
echo "Clean ref name: $CLEAN_REF_NAME"
|
echo "Clean ref name: $CLEAN_REF_NAME"
|
||||||
echo "CLEAN_REF_NAME=$CLEAN_REF_NAME" >> $GITEA_ENV
|
echo "CLEAN_REF_NAME=$CLEAN_REF_NAME" >> $GITEA_ENV
|
||||||
|
|
||||||
- name: ⚙️ Configure SSH Client
|
- name: ⚙️ Configure ssh client
|
||||||
|
uses: ./.gitea/actions/configure-ssh-client
|
||||||
|
with:
|
||||||
|
ssh_host: ${{ secrets.SSH_HOST }}
|
||||||
|
|
||||||
|
- name: 📦 Create backup of data/ folder
|
||||||
|
if: ${{ vars.DEPLOY_BACKUP_ENABLED == 'true' }}
|
||||||
|
env:
|
||||||
|
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
||||||
|
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
||||||
|
SSH_HOST: ${{ secrets.SSH_HOST }}
|
||||||
|
DEPLOY_DIRECTORY: ${{ vars.DEPLOY_DIRECTORY }}
|
||||||
|
REF_NAME: ${{ env.CLEAN_REF_NAME }}
|
||||||
run: |
|
run: |
|
||||||
sudo apt-get update && sudo apt-get install -y sshpass
|
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
||||||
mkdir -p ~/.ssh
|
set -e
|
||||||
ssh-keyscan -p 22 "${{ secrets.SSH_HOST }}" >> ~/.ssh/known_hosts
|
cd "$DEPLOY_DIRECTORY"
|
||||||
|
|
||||||
|
mkdir -p backups
|
||||||
|
|
||||||
|
BACKUP_DATE=\$(date +%Y-%m-%d_%H-%M-%S)
|
||||||
|
BACKUP_FILE="backups/backup-${REF_NAME}-\${BACKUP_DATE}.tar.gz"
|
||||||
|
|
||||||
|
echo "Creating backup of data/ into \${BACKUP_FILE}..."
|
||||||
|
|
||||||
|
if [ -d "data" ]; then
|
||||||
|
echo "$SSHPASS" | sudo -S tar -czf "\${BACKUP_FILE}" data
|
||||||
|
echo "✅ Backup created successfully!"
|
||||||
|
else
|
||||||
|
echo "⚡️ No data/ folder, backup creation skipped."
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "$SSHPASS" | sudo -S find backups/ -type f -name "backup-*.tar.gz" -mtime +7 -delete
|
||||||
|
EOT
|
||||||
|
|
||||||
- name: 🏗️ Create docker-compose file
|
- name: 🏗️ Create docker-compose file
|
||||||
env:
|
env:
|
||||||
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
||||||
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
||||||
SSH_HOST: ${{ secrets.SSH_HOST }}
|
SSH_HOST: ${{ secrets.SSH_HOST }}
|
||||||
DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }}
|
DEPLOY_DIRECTORY: ${{ vars.DEPLOY_DIRECTORY }}
|
||||||
REF_NAME: ${{ env.CLEAN_REF_NAME }}
|
REF_NAME: ${{ env.CLEAN_REF_NAME }}
|
||||||
run: |
|
run: |
|
||||||
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" \
|
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" \
|
||||||
@@ -38,20 +67,30 @@ jobs:
|
|||||||
cat > \"docker-compose-$REF_NAME.yml\"" \
|
cat > \"docker-compose-$REF_NAME.yml\"" \
|
||||||
< docker-compose.yml
|
< docker-compose.yml
|
||||||
|
|
||||||
- name: 🔐 Create secrets
|
- name: 🔐 Create secrets and envs
|
||||||
env:
|
env:
|
||||||
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
||||||
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
||||||
SSH_HOST: ${{ secrets.SSH_HOST }}
|
SSH_HOST: ${{ secrets.SSH_HOST }}
|
||||||
DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }}
|
DEPLOY_DIRECTORY: ${{ vars.DEPLOY_DIRECTORY }}
|
||||||
BESZEL_AGENT_KEY: ${{ secrets.BESZEL_AGENT_KEY }}
|
BESZEL_AGENT_KEY: ${{ secrets.BESZEL_AGENT_KEY }}
|
||||||
BESZEL_AGENT_TOKEN: ${{ secrets.BESZEL_AGENT_TOKEN }}
|
BESZEL_AGENT_TOKEN: ${{ secrets.BESZEL_AGENT_TOKEN }}
|
||||||
GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}
|
BESZEL_HUB_URL: ${{ vars.BESZEL_HUB_URL }}
|
||||||
|
GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets.RUNNER_REGISTRATION_TOKEN }}
|
||||||
|
GITEA_URL: ${{ vars.GIT_URL }}
|
||||||
VAULTWARDEN_ADMIN_TOKEN: ${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}
|
VAULTWARDEN_ADMIN_TOKEN: ${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}
|
||||||
|
NEXTCLOUD_DOMAIN: ${{ vars.NEXTCLOUD_DOMAIN }}
|
||||||
run: |
|
run: |
|
||||||
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
||||||
set -e
|
set -e
|
||||||
cd "$DEPLOY_DIRECTORY"
|
cd "$DEPLOY_DIRECTORY"
|
||||||
|
|
||||||
|
cat << 'EOF_ENV' > .env
|
||||||
|
BESZEL_HUB_URL=$BESZEL_HUB_URL
|
||||||
|
NEXTCLOUD_DOMAIN=$NEXTCLOUD_DOMAIN
|
||||||
|
GITEA_URL=$GITEA_URL
|
||||||
|
EOF_ENV
|
||||||
|
|
||||||
mkdir -p secrets
|
mkdir -p secrets
|
||||||
|
|
||||||
cat << 'EOF_SECRET' > secrets/beszel_agent_key.txt
|
cat << 'EOF_SECRET' > secrets/beszel_agent_key.txt
|
||||||
@@ -79,14 +118,19 @@ jobs:
|
|||||||
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
||||||
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
||||||
SSH_HOST: ${{ secrets.SSH_HOST }}
|
SSH_HOST: ${{ secrets.SSH_HOST }}
|
||||||
DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }}
|
DEPLOY_DIRECTORY: ${{ vars.DEPLOY_DIRECTORY }}
|
||||||
|
DEPLOY_LOG_FILE: /tmp/deploy-${{ env.CLEAN_REF_NAME }}.log
|
||||||
|
DRY_RUN_ENABLED: ${{ vars.DEPLOY_DRY_RUN_ENABLED }}
|
||||||
REF_NAME: ${{ env.CLEAN_REF_NAME }}
|
REF_NAME: ${{ env.CLEAN_REF_NAME }}
|
||||||
TELEGRAM_TOKEN: ${{ secrets.DEPLOY_TELEGRAM_BOT_TOKEN }}
|
TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_DEPLOY_BOT_TOKEN }}
|
||||||
TELEGRAM_CHAT: ${{ secrets.DEPLOY_TELEGRAM_CHAT_ID }}
|
TELEGRAM_CHAT: ${{ secrets.TELEGRAM_DEPLOY_CHAT_ID }}
|
||||||
PROXY_HOST: ${{ secrets.PROXY_HOST }}
|
PROXY_URL: ${{ secrets.PROXY_URL }}
|
||||||
PROXY_PORT: ${{ secrets.PROXY_PORT }}
|
SUCCESS_MESSAGE: |-
|
||||||
PROXY_USER: ${{ secrets.PROXY_USER }}
|
✅ <b>Успешный деплой!</b>
|
||||||
PROXY_PASSWORD: ${{ secrets.PROXY_PASSWORD }}
|
Релиз: <code>${{ gitea.ref_name }}</code>
|
||||||
|
FAILURE_MESSAGE: |-
|
||||||
|
❌ <b>Ошибка деплоя!</b>
|
||||||
|
Релиз: <code>${{ gitea.ref_name }}</code>
|
||||||
run: |
|
run: |
|
||||||
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
||||||
set -e
|
set -e
|
||||||
@@ -95,30 +139,30 @@ jobs:
|
|||||||
nohup bash -c '
|
nohup bash -c '
|
||||||
sleep 5
|
sleep 5
|
||||||
|
|
||||||
if docker compose -f "docker-compose-${REF_NAME}.yml" up -d --remove-orphans > /tmp/docker_deploy.log 2>&1; then
|
if [ "${DRY_RUN_ENABLED}" = "true" ]; then
|
||||||
ESCAPED_REF=\$(echo "${REF_NAME}" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g")
|
DRY_RUN_FLAG="--dry-run"
|
||||||
TEXT="🚀 *Деплой успешен\!* %0AСервер применил релиз: \`\$ESCAPED_REF\`"
|
|
||||||
|
|
||||||
# ИСПРАВЛЕНО: Восстановлен верный URL api.telegram.org/bot\$TELEGRAM_TOKEN/
|
|
||||||
curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \
|
|
||||||
--proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \
|
|
||||||
-d "chat_id=${TELEGRAM_CHAT}" \
|
|
||||||
-d "parse_mode=MarkdownV2" \
|
|
||||||
-d "text=\$TEXT" > /dev/null
|
|
||||||
else
|
else
|
||||||
ERROR_LOG=\$(tail -n 10 /tmp/docker_deploy.log)
|
DRY_RUN_FLAG=""
|
||||||
ESCAPED_LOG=\$(echo "\$ERROR_LOG" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g" | sed "s/!/\\\\!/g")
|
|
||||||
TEXT="❌ *Ошибка деплоя релиза ${REF_NAME}\!* %0A%0A\`\`\`%0A\$ESCAPED_LOG%0A\`\`\`"
|
|
||||||
|
|
||||||
# ИСПРАВЛЕНО: Здесь URL тоже приведен к стандарту Telegram API
|
|
||||||
curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \
|
|
||||||
--proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \
|
|
||||||
-d "chat_id=${TELEGRAM_CHAT}" \
|
|
||||||
-d "parse_mode=MarkdownV2" \
|
|
||||||
-d "text=\$TEXT" > /dev/null
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
rm -f /tmp/docker_deploy.log
|
if docker compose \${DRY_RUN_FLAG} -f "docker-compose-${REF_NAME}.yml" up -d --remove-orphans > ${DEPLOY_LOG_FILE} 2>&1; then
|
||||||
|
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
|
||||||
|
--proxy "${PROXY_URL}" \
|
||||||
|
-d "chat_id=${TELEGRAM_CHAT}" \
|
||||||
|
-d "parse_mode=HTML" \
|
||||||
|
--data-urlencode "text=${SUCCESS_MESSAGE}" > /dev/null
|
||||||
|
else
|
||||||
|
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
|
||||||
|
--proxy "${PROXY_URL}" \
|
||||||
|
-d "chat_id=${TELEGRAM_CHAT}" \
|
||||||
|
-d "parse_mode=HTML" \
|
||||||
|
--data-urlencode "text=${FAILURE_MESSAGE}" > /dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
|
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendDocument" \
|
||||||
|
--proxy "${PROXY_URL}" \
|
||||||
|
-F "chat_id=${TELEGRAM_CHAT}" \
|
||||||
|
-F "document=@${DEPLOY_LOG_FILE}" > /dev/null && rm -f ${DEPLOY_LOG_FILE}
|
||||||
' > /dev/null 2>&1 &
|
' > /dev/null 2>&1 &
|
||||||
EOT
|
EOT
|
||||||
|
|
||||||
|
|||||||
@@ -7,21 +7,15 @@ jobs:
|
|||||||
send_test_message:
|
send_test_message:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Checout repository
|
- name: 📂 Checkout repository
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Configure ssh client
|
- name: ⚙️ Configure ssh client
|
||||||
uses: ./.gitea/actions/configure-ssh-client
|
uses: ./.gitea/actions/configure-ssh-client
|
||||||
with:
|
with:
|
||||||
ssh_host: ${{ secrets.SSH_HOST }}
|
ssh_host: ${{ secrets.SSH_HOST }}
|
||||||
|
|
||||||
- name: Prepare message
|
- name: 💬 Send message
|
||||||
id: prepare_message
|
|
||||||
uses: ./.gitea/actions/telegram-message-escape
|
|
||||||
with:
|
|
||||||
message: 💬 Test message
|
|
||||||
|
|
||||||
- name: Send message
|
|
||||||
env:
|
env:
|
||||||
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
SSHPASS: ${{ secrets.SSH_PASSWORD }}
|
||||||
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
|
||||||
@@ -32,9 +26,11 @@ jobs:
|
|||||||
MESSAGE: ${{ steps.prepare_message.outputs.escaped_message }}
|
MESSAGE: ${{ steps.prepare_message.outputs.escaped_message }}
|
||||||
run: |
|
run: |
|
||||||
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT
|
||||||
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
|
set -e
|
||||||
|
|
||||||
|
curl -s --connect-timeout 10 -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
|
||||||
--proxy "${PROXY_URL}" \
|
--proxy "${PROXY_URL}" \
|
||||||
-d "chat_id=${TELEGRAM_CHAT}" \
|
-d "chat_id=${TELEGRAM_CHAT}" \
|
||||||
-d "parse_mode=MarkdownV2" \
|
-d "parse_mode=HTML" \
|
||||||
-d "text=$MESSAGE" > /dev/null
|
--data-urlencode "text=💬 Test message"
|
||||||
EOT
|
EOT
|
||||||
@@ -1,6 +0,0 @@
|
|||||||
1. Backup data/ before rerun containers
|
|
||||||
2. Auto run on new realese
|
|
||||||
3. Разделение докер сетей
|
|
||||||
4. Notifications
|
|
||||||
5. Bot for server operations
|
|
||||||
6. multi device copy-paste
|
|
||||||
@@ -99,6 +99,12 @@ services:
|
|||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
secrets:
|
secrets:
|
||||||
- gitea_runner_registration_token
|
- gitea_runner_registration_token
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:9101/healthz"]
|
||||||
|
interval: 30s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 3
|
||||||
|
start_period: 10s
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
default:
|
default:
|
||||||
|
|||||||
Reference in New Issue
Block a user