From 74b8769195d97bbd83a12622e71c5ac67f983408 Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 16 Jun 2026 05:48:14 +0300 Subject: [PATCH 01/16] fix deploy workflow --- .gitea/workflows/deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 73fa8fc..dab8cc2 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -12,7 +12,7 @@ jobs: with: host: ${{ secrets.SSH_HOST }} username: ${{ secrets.SSH_USERNAME }} - key: ${{ secrets.SSH_PASSWORD }} + password: ${{ secrets.SSH_PASSWORD }} port: 22 script: | cd /home/vbevdev/test -- 2.52.0 From 9572e20a2c5a994cab0ba55d3b245fa3227a845f Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 00:14:19 +0300 Subject: [PATCH 02/16] deploy workflow: create secrets --- .gitea/workflows/deploy.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index dab8cc2..e858598 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -7,6 +7,7 @@ jobs: deploy: runs-on: ubuntu-latest steps: + - run: echo "🏗️ Creating secrets..." - name: Execute Remote SSH Commands uses: appleboy/ssh-action@v1.0.3 with: @@ -15,5 +16,11 @@ jobs: password: ${{ secrets.SSH_PASSWORD }} port: 22 script: | - cd /home/vbevdev/test - touch hello-there.txt + cd ${{ secrets.DEPLOY_DIRECTORY }} + mkdir secrets + cd secrets + echo "${{ secrets.BESZEL_AGENT_KEY }}" > beszel_agent_key.txt + echo "${{ secrets.BESZEL_AGENT_TOKEN }}" > beszel_agent_token.txt + echo "${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}" > gitea_runner_registration_token.txt + echo "${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}" > vaultwarden_admin_token.txt + - run: echo "✅ Secrets created" -- 2.52.0 From 40b621448ce9a23aa327c6625d1b22102b076a52 Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 00:27:05 +0300 Subject: [PATCH 03/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index e858598..7cf0aa5 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -17,6 +17,7 @@ jobs: port: 22 script: | cd ${{ secrets.DEPLOY_DIRECTORY }} + touch docker-compose-${{ gitea.ref }}.yml mkdir secrets cd secrets echo "${{ secrets.BESZEL_AGENT_KEY }}" > beszel_agent_key.txt -- 2.52.0 From 0b1260614e213bfc8254ba0c2e466a8bc611befe Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 00:30:32 +0300 Subject: [PATCH 04/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 7cf0aa5..bd3ee24 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -17,7 +17,7 @@ jobs: port: 22 script: | cd ${{ secrets.DEPLOY_DIRECTORY }} - touch docker-compose-${{ gitea.ref }}.yml + touch docker-compose-${{ gitea.ref_name }}.yml mkdir secrets cd secrets echo "${{ secrets.BESZEL_AGENT_KEY }}" > beszel_agent_key.txt -- 2.52.0 From ccdac3847f9ac52951c5af36bc05633366643b4b Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 00:47:49 +0300 Subject: [PATCH 05/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index bd3ee24..0ca8a1e 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -8,6 +8,10 @@ jobs: runs-on: ubuntu-latest steps: - run: echo "🏗️ Creating secrets..." + - name: 🧼 Cleaning ref name + run: | + CLEAN_REF_NAME=${GITEA_REF_NAME//\//-} + echo "Clean ref name: $CLEAN_REF_NAME" - name: Execute Remote SSH Commands uses: appleboy/ssh-action@v1.0.3 with: @@ -17,11 +21,21 @@ jobs: port: 22 script: | cd ${{ secrets.DEPLOY_DIRECTORY }} - touch docker-compose-${{ gitea.ref_name }}.yml - mkdir secrets - cd secrets - echo "${{ secrets.BESZEL_AGENT_KEY }}" > beszel_agent_key.txt - echo "${{ secrets.BESZEL_AGENT_TOKEN }}" > beszel_agent_token.txt - echo "${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}" > gitea_runner_registration_token.txt - echo "${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}" > vaultwarden_admin_token.txt + touch "docker-compose-${{ env.CLEAN_REF_NAME }}.yml" + # mkdir secrets + # cd secrets + # echo "${{ secrets.BESZEL_AGENT_KEY }}" > beszel_agent_key.txt + # echo "${{ secrets.BESZEL_AGENT_TOKEN }}" > beszel_agent_token.txt + # echo "${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}" > gitea_runner_registration_token.txt + # echo "${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}" > vaultwarden_admin_token.txt - run: echo "✅ Secrets created" + - name: Create docker-compose file + # - run: | + # # Безопасно заменяем все слэши "/" на дефисы "-" + # CLEAN_REF=${GITEA_REF_NAME//\//-} + + # # Создаем файл с очищенным именем + # touch "docker-compose-${CLEAN_REF}.yml" + + # # Проверяем результат в логах + # ls -la docker-compose-*.yml -- 2.52.0 From 2bdfa276244ef4e0f2e7aa4848593279db18f7a5 Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 00:49:27 +0300 Subject: [PATCH 06/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 0ca8a1e..6c3d77c 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -29,7 +29,7 @@ jobs: # echo "${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}" > gitea_runner_registration_token.txt # echo "${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}" > vaultwarden_admin_token.txt - run: echo "✅ Secrets created" - - name: Create docker-compose file + # - name: Create docker-compose file # - run: | # # Безопасно заменяем все слэши "/" на дефисы "-" # CLEAN_REF=${GITEA_REF_NAME//\//-} -- 2.52.0 From 6f55ebb99c8e920c322af7226359fe4b08175485 Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 00:54:51 +0300 Subject: [PATCH 07/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 6c3d77c..459e2ca 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -10,7 +10,8 @@ jobs: - run: echo "🏗️ Creating secrets..." - name: 🧼 Cleaning ref name run: | - CLEAN_REF_NAME=${GITEA_REF_NAME//\//-} + ORIGINAL_REF_NAME="${{ gitea.ref_name }}" + CLEAN_REF_NAME=${ORIGINAL_REF_NAME//\//-} echo "Clean ref name: $CLEAN_REF_NAME" - name: Execute Remote SSH Commands uses: appleboy/ssh-action@v1.0.3 -- 2.52.0 From 2a47f284659f5aa40a9cd5385d7320592473d51e Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 00:57:28 +0300 Subject: [PATCH 08/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 459e2ca..5b4bcf3 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -13,6 +13,7 @@ jobs: ORIGINAL_REF_NAME="${{ gitea.ref_name }}" CLEAN_REF_NAME=${ORIGINAL_REF_NAME//\//-} echo "Clean ref name: $CLEAN_REF_NAME" + echo "CLEAN_REF_NAME=$CLEAN_REF_NAME" >> $GITEA_ENV - name: Execute Remote SSH Commands uses: appleboy/ssh-action@v1.0.3 with: -- 2.52.0 From 03e987e73f080b885b77df8c1d39f5b76aa2f40b Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 01:00:27 +0300 Subject: [PATCH 09/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 5b4bcf3..8a80167 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -31,13 +31,3 @@ jobs: # echo "${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}" > gitea_runner_registration_token.txt # echo "${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}" > vaultwarden_admin_token.txt - run: echo "✅ Secrets created" - # - name: Create docker-compose file - # - run: | - # # Безопасно заменяем все слэши "/" на дефисы "-" - # CLEAN_REF=${GITEA_REF_NAME//\//-} - - # # Создаем файл с очищенным именем - # touch "docker-compose-${CLEAN_REF}.yml" - - # # Проверяем результат в логах - # ls -la docker-compose-*.yml -- 2.52.0 From b9a1d5bf7d03f7a680c1596da2d65e0c3fdeebbb Mon Sep 17 00:00:00 2001 From: vbevdev Date: Tue, 23 Jun 2026 01:01:19 +0300 Subject: [PATCH 10/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 8a80167..46314a6 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -24,10 +24,10 @@ jobs: script: | cd ${{ secrets.DEPLOY_DIRECTORY }} touch "docker-compose-${{ env.CLEAN_REF_NAME }}.yml" - # mkdir secrets - # cd secrets - # echo "${{ secrets.BESZEL_AGENT_KEY }}" > beszel_agent_key.txt - # echo "${{ secrets.BESZEL_AGENT_TOKEN }}" > beszel_agent_token.txt - # echo "${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}" > gitea_runner_registration_token.txt - # echo "${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}" > vaultwarden_admin_token.txt + mkdir secrets + cd secrets + echo "${{ secrets.BESZEL_AGENT_KEY }}" > beszel_agent_key.txt + echo "${{ secrets.BESZEL_AGENT_TOKEN }}" > beszel_agent_token.txt + echo "${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}" > gitea_runner_registration_token.txt + echo "${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}" > vaultwarden_admin_token.txt - run: echo "✅ Secrets created" -- 2.52.0 From f331f754e116e033327bb96e5cbacb9763f2f2ef Mon Sep 17 00:00:00 2001 From: vbevdev Date: Thu, 25 Jun 2026 00:23:14 +0300 Subject: [PATCH 11/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 46314a6..facbc2d 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -22,6 +22,7 @@ jobs: password: ${{ secrets.SSH_PASSWORD }} port: 22 script: | + set -e # Остановить выполнение при любой ошибке cd ${{ secrets.DEPLOY_DIRECTORY }} touch "docker-compose-${{ env.CLEAN_REF_NAME }}.yml" mkdir secrets -- 2.52.0 From fbae09ebe19a8f5e0b99ec5e898c779faf2ecbda Mon Sep 17 00:00:00 2001 From: vbevdev Date: Thu, 25 Jun 2026 00:47:15 +0300 Subject: [PATCH 12/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index facbc2d..4f36e56 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -7,28 +7,37 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - run: echo "🏗️ Creating secrets..." - name: 🧼 Cleaning ref name run: | ORIGINAL_REF_NAME="${{ gitea.ref_name }}" CLEAN_REF_NAME=${ORIGINAL_REF_NAME//\//-} echo "Clean ref name: $CLEAN_REF_NAME" echo "CLEAN_REF_NAME=$CLEAN_REF_NAME" >> $GITEA_ENV - - name: Execute Remote SSH Commands + + - name: 🛜 Execute Remote SSH Commands uses: appleboy/ssh-action@v1.0.3 + env: + DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }} + REF_NAME: ${{ env.CLEAN_REF_NAME }} + BESZEL_AGENT_KEY: ${{ secrets.BESZEL_AGENT_KEY }} + BESZEL_AGENT_TOKEN: ${{ secrets.BESZEL_AGENT_TOKEN }} + GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }} + VAULTWARDEN_ADMIN_TOKEN: ${{ secrets.VAULTWARDEN_ADMIN_TOKEN }} with: host: ${{ secrets.SSH_HOST }} username: ${{ secrets.SSH_USERNAME }} password: ${{ secrets.SSH_PASSWORD }} port: 22 + envs: DEPLOY_DIRECTORY,REF_NAME,BESZEL_AGENT_KEY,BESZEL_AGENT_TOKEN,GITEA_RUNNER_REGISTRATION_TOKEN,VAULTWARDEN_ADMIN_TOKEN script: | - set -e # Остановить выполнение при любой ошибке - cd ${{ secrets.DEPLOY_DIRECTORY }} - touch "docker-compose-${{ env.CLEAN_REF_NAME }}.yml" - mkdir secrets - cd secrets - echo "${{ secrets.BESZEL_AGENT_KEY }}" > beszel_agent_key.txt - echo "${{ secrets.BESZEL_AGENT_TOKEN }}" > beszel_agent_token.txt - echo "${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }}" > gitea_runner_registration_token.txt - echo "${{ secrets.VAULTWARDEN_ADMIN_TOKEN }}" > vaultwarden_admin_token.txt - - run: echo "✅ Secrets created" + set -e # Stop on error + + cd "$DEPLOY_DIRECTORY" + + touch "docker-compose-${REF_NAME}.yml" + + mkdir -p secrets + echo "$BESZEL_AGENT_KEY" > secrets/beszel_agent_key.txt + echo "$BESZEL_AGENT_TOKEN" > secrets/beszel_agent_token.txt + echo "$GITEA_RUNNER_REGISTRATION_TOKEN" > secrets/gitea_runner_registration_token.txt + echo "$VAULTWARDEN_ADMIN_TOKEN" > secrets/vaultwarden_admin_token.txt -- 2.52.0 From 6d859cf79e2ddd1626c638cb2022f8d6e5376939 Mon Sep 17 00:00:00 2001 From: vbevdev Date: Thu, 25 Jun 2026 01:08:53 +0300 Subject: [PATCH 13/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 4f36e56..90f3c10 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -7,18 +7,36 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - name: 🧼 Cleaning ref name + - name: 📂 Checkout repository + uses: actions/checkout@v4 + + - name: 🧼 Clean ref name run: | ORIGINAL_REF_NAME="${{ gitea.ref_name }}" CLEAN_REF_NAME=${ORIGINAL_REF_NAME//\//-} echo "Clean ref name: $CLEAN_REF_NAME" echo "CLEAN_REF_NAME=$CLEAN_REF_NAME" >> $GITEA_ENV - - name: 🛜 Execute Remote SSH Commands + - name: ✏️ Rename local docker-compose file + run: | + mv docker-compose.yml "docker-compose-${{ env.CLEAN_REF_NAME }}.yml" + + - name: 🚚 Copy docker-compose file to remote server + uses: appleboy/scp-action@v0.1.7 + with: + host: ${{ secrets.SSH_HOST }} + username: ${{ secrets.SSH_USERNAME }} + password: ${{ secrets.SSH_PASSWORD }} + port: 22 + source: "docker-compose-${{ env.CLEAN_REF_NAME }}.yml" + target: ${{ secrets.DEPLOY_DIRECTORY }} + strip_components: 0 + tar_tmp_path: /tmp + + - name: 🔐 Create secrets uses: appleboy/ssh-action@v1.0.3 env: DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }} - REF_NAME: ${{ env.CLEAN_REF_NAME }} BESZEL_AGENT_KEY: ${{ secrets.BESZEL_AGENT_KEY }} BESZEL_AGENT_TOKEN: ${{ secrets.BESZEL_AGENT_TOKEN }} GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }} @@ -28,14 +46,12 @@ jobs: username: ${{ secrets.SSH_USERNAME }} password: ${{ secrets.SSH_PASSWORD }} port: 22 - envs: DEPLOY_DIRECTORY,REF_NAME,BESZEL_AGENT_KEY,BESZEL_AGENT_TOKEN,GITEA_RUNNER_REGISTRATION_TOKEN,VAULTWARDEN_ADMIN_TOKEN + envs: DEPLOY_DIRECTORY,BESZEL_AGENT_KEY,BESZEL_AGENT_TOKEN,GITEA_RUNNER_REGISTRATION_TOKEN,VAULTWARDEN_ADMIN_TOKEN script: | set -e # Stop on error cd "$DEPLOY_DIRECTORY" - touch "docker-compose-${REF_NAME}.yml" - mkdir -p secrets echo "$BESZEL_AGENT_KEY" > secrets/beszel_agent_key.txt echo "$BESZEL_AGENT_TOKEN" > secrets/beszel_agent_token.txt -- 2.52.0 From ca2df02029bb65251534ab9d1b24022484fb0494 Mon Sep 17 00:00:00 2001 From: vbevdev Date: Thu, 25 Jun 2026 02:00:08 +0300 Subject: [PATCH 14/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 54 ++++++++++++++++++++---------------- 1 file changed, 30 insertions(+), 24 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 90f3c10..e23ac99 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -17,43 +17,49 @@ jobs: echo "Clean ref name: $CLEAN_REF_NAME" echo "CLEAN_REF_NAME=$CLEAN_REF_NAME" >> $GITEA_ENV - - name: ✏️ Rename local docker-compose file + - name: ⚙️ Configure SSH Client run: | - mv docker-compose.yml "docker-compose-${{ env.CLEAN_REF_NAME }}.yml" + sudo apt-get update && sudo apt-get install -y sshpass + mkdir -p ~/.ssh + ssh-keyscan -p 22 "${{ secrets.SSH_HOST }}" >> ~/.ssh/known_hosts - - name: 🚚 Copy docker-compose file to remote server - uses: appleboy/scp-action@v0.1.7 - with: - host: ${{ secrets.SSH_HOST }} - username: ${{ secrets.SSH_USERNAME }} - password: ${{ secrets.SSH_PASSWORD }} - port: 22 - source: "docker-compose-${{ env.CLEAN_REF_NAME }}.yml" - target: ${{ secrets.DEPLOY_DIRECTORY }} - strip_components: 0 - tar_tmp_path: /tmp + - name: 🏗️ Create docker-compose file + env: + SSHPASS: ${{ secrets.SSH_PASSWORD }} + SSH_USERNAME: ${{ secrets.SSH_USERNAME }} + SSH_HOST: ${{ secrets.SSH_HOST }} + DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }} + REF_NAME: ${{ env.CLEAN_REF_NAME }} + run: | + sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" \ + "mkdir -p \"$DEPLOY_DIRECTORY\" && \ + cat > \"$DEPLOY_DIRECTORY/docker-compose-$REF_NAME.yml\"" \ + < docker-compose.yml - name: 🔐 Create secrets - uses: appleboy/ssh-action@v1.0.3 env: + SSHPASS: ${{ secrets.SSH_PASSWORD }} + SSH_USERNAME: ${{ secrets.SSH_USERNAME }} + SSH_HOST: ${{ secrets.SSH_HOST }} DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }} BESZEL_AGENT_KEY: ${{ secrets.BESZEL_AGENT_KEY }} BESZEL_AGENT_TOKEN: ${{ secrets.BESZEL_AGENT_TOKEN }} GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }} VAULTWARDEN_ADMIN_TOKEN: ${{ secrets.VAULTWARDEN_ADMIN_TOKEN }} - with: - host: ${{ secrets.SSH_HOST }} - username: ${{ secrets.SSH_USERNAME }} - password: ${{ secrets.SSH_PASSWORD }} - port: 22 - envs: DEPLOY_DIRECTORY,BESZEL_AGENT_KEY,BESZEL_AGENT_TOKEN,GITEA_RUNNER_REGISTRATION_TOKEN,VAULTWARDEN_ADMIN_TOKEN - script: | - set -e # Stop on error - + run: | + sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" env \ + DEPLOY_DIRECTORY="$DEPLOY_DIRECTORY" \ + BESZEL_AGENT_KEY="$BESZEL_AGENT_KEY" \ + BESZEL_AGENT_TOKEN="$BESZEL_AGENT_TOKEN" \ + GITEA_RUNNER_REGISTRATION_TOKEN="$GITEA_RUNNER_REGISTRATION_TOKEN" \ + VAULTWARDEN_ADMIN_TOKEN="$VAULTWARDEN_ADMIN_TOKEN" \ + bash -s << 'EOT' + set -e cd "$DEPLOY_DIRECTORY" - + mkdir -p secrets echo "$BESZEL_AGENT_KEY" > secrets/beszel_agent_key.txt echo "$BESZEL_AGENT_TOKEN" > secrets/beszel_agent_token.txt echo "$GITEA_RUNNER_REGISTRATION_TOKEN" > secrets/gitea_runner_registration_token.txt echo "$VAULTWARDEN_ADMIN_TOKEN" > secrets/vaultwarden_admin_token.txt + EOT -- 2.52.0 From 3f9db6cdc1921ed9ed2f027c80cc359d41401e6e Mon Sep 17 00:00:00 2001 From: vbevdev Date: Thu, 25 Jun 2026 02:06:14 +0300 Subject: [PATCH 15/16] deploy-workflow: create docker compose file --- .gitea/workflows/deploy.yaml | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index e23ac99..934a5df 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -47,19 +47,25 @@ jobs: GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }} VAULTWARDEN_ADMIN_TOKEN: ${{ secrets.VAULTWARDEN_ADMIN_TOKEN }} run: | - sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" env \ - DEPLOY_DIRECTORY="$DEPLOY_DIRECTORY" \ - BESZEL_AGENT_KEY="$BESZEL_AGENT_KEY" \ - BESZEL_AGENT_TOKEN="$BESZEL_AGENT_TOKEN" \ - GITEA_RUNNER_REGISTRATION_TOKEN="$GITEA_RUNNER_REGISTRATION_TOKEN" \ - VAULTWARDEN_ADMIN_TOKEN="$VAULTWARDEN_ADMIN_TOKEN" \ - bash -s << 'EOT' + sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT set -e cd "$DEPLOY_DIRECTORY" - mkdir -p secrets - echo "$BESZEL_AGENT_KEY" > secrets/beszel_agent_key.txt - echo "$BESZEL_AGENT_TOKEN" > secrets/beszel_agent_token.txt - echo "$GITEA_RUNNER_REGISTRATION_TOKEN" > secrets/gitea_runner_registration_token.txt - echo "$VAULTWARDEN_ADMIN_TOKEN" > secrets/vaultwarden_admin_token.txt + + cat << 'EOF_SECRET' > secrets/beszel_agent_key.txt + $BESZEL_AGENT_KEY + EOF_SECRET + + cat << 'EOF_SECRET' > secrets/beszel_agent_token.txt + $BESZEL_AGENT_TOKEN + EOF_SECRET + + cat << 'EOF_SECRET' > secrets/gitea_runner_registration_token.txt + $GITEA_RUNNER_REGISTRATION_TOKEN + EOF_SECRET + + cat << 'EOF_SECRET' > secrets/vaultwarden_admin_token.txt + $VAULTWARDEN_ADMIN_TOKEN + EOF_SECRET EOT + -- 2.52.0 From 10d7773a13e516a390fa3b95f01c4ad4eb8bc0db Mon Sep 17 00:00:00 2001 From: vbevdev Date: Sat, 4 Jul 2026 00:13:40 +0300 Subject: [PATCH 16/16] deploy-workflow: create docker compose file --- .../actions/configure-ssh-client/action.yaml | 16 ++++++ .../telegram-message-escape/action.yaml | 26 +++++++++ .gitea/workflows/deploy.yaml | 56 ++++++++++++++++++- .../workflows/test_telegram_deploy_bot.yaml | 40 +++++++++++++ IDEAS.md | 6 ++ 5 files changed, 143 insertions(+), 1 deletion(-) create mode 100644 .gitea/actions/configure-ssh-client/action.yaml create mode 100644 .gitea/actions/telegram-message-escape/action.yaml create mode 100644 .gitea/workflows/test_telegram_deploy_bot.yaml create mode 100644 IDEAS.md diff --git a/.gitea/actions/configure-ssh-client/action.yaml b/.gitea/actions/configure-ssh-client/action.yaml new file mode 100644 index 0000000..b9a19f6 --- /dev/null +++ b/.gitea/actions/configure-ssh-client/action.yaml @@ -0,0 +1,16 @@ +name: '⚙️ Configure SSH Client' +description: 'Installs sshpass and configures known_hosts' + +inputs: + ssh_host: + description: 'Remote server IP' + required: true + +runs: + using: 'composite' + steps: + - shell: bash + run: | + sudo apt-get update && sudo apt-get install -y sshpass + mkdir -p ~/.ssh + ssh-keyscan -p 22 "${{ inputs.ssh_host }}" >> ~/.ssh/known_hosts diff --git a/.gitea/actions/telegram-message-escape/action.yaml b/.gitea/actions/telegram-message-escape/action.yaml new file mode 100644 index 0000000..6981d62 --- /dev/null +++ b/.gitea/actions/telegram-message-escape/action.yaml @@ -0,0 +1,26 @@ +name: '🧼 Telegram message escape' +description: 'Automatically escapes dots, dashes, and exclamation marks for Telegram MarkdownV2' + +inputs: + message: + description: 'The raw text string to escape' + required: true + +outputs: + escaped_message: + description: 'The safely escaped string ready for Telegram' + value: ${{ steps.escape.outputs.result }} + +runs: + using: 'composite' + steps: + - id: escape + shell: bash + run: | + RAW_MESSAGE="${{ inputs.message }}" + + ESCAPED_MESSAGE=$(echo "$RAW_MESSAGE" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g" | sed "s/!/\\\\!/g") + + echo "result<> $GITHUB_OUTPUT + echo "$ESCAPED_MESSAGE" >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 934a5df..7af81d5 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -33,7 +33,9 @@ jobs: run: | sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" \ "mkdir -p \"$DEPLOY_DIRECTORY\" && \ - cat > \"$DEPLOY_DIRECTORY/docker-compose-$REF_NAME.yml\"" \ + cd \"$DEPLOY_DIRECTORY\" && \ + rm -f docker-compose-*.yml && \ + cat > \"docker-compose-$REF_NAME.yml\"" \ < docker-compose.yml - name: 🔐 Create secrets @@ -67,5 +69,57 @@ jobs: cat << 'EOF_SECRET' > secrets/vaultwarden_admin_token.txt $VAULTWARDEN_ADMIN_TOKEN EOF_SECRET + + chmod 700 secrets + chmod 600 secrets/*.txt EOT + - name: 🚀 Run new containers + env: + SSHPASS: ${{ secrets.SSH_PASSWORD }} + SSH_USERNAME: ${{ secrets.SSH_USERNAME }} + SSH_HOST: ${{ secrets.SSH_HOST }} + DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }} + REF_NAME: ${{ env.CLEAN_REF_NAME }} + TELEGRAM_TOKEN: ${{ secrets.DEPLOY_TELEGRAM_BOT_TOKEN }} + TELEGRAM_CHAT: ${{ secrets.DEPLOY_TELEGRAM_CHAT_ID }} + PROXY_HOST: ${{ secrets.PROXY_HOST }} + PROXY_PORT: ${{ secrets.PROXY_PORT }} + PROXY_USER: ${{ secrets.PROXY_USER }} + PROXY_PASSWORD: ${{ secrets.PROXY_PASSWORD }} + run: | + sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT + set -e + cd "$DEPLOY_DIRECTORY" + + nohup bash -c ' + sleep 5 + + if docker compose -f "docker-compose-${REF_NAME}.yml" up -d --remove-orphans > /tmp/docker_deploy.log 2>&1; then + ESCAPED_REF=\$(echo "${REF_NAME}" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g") + TEXT="🚀 *Деплой успешен\!* %0AСервер применил релиз: \`\$ESCAPED_REF\`" + + # ИСПРАВЛЕНО: Восстановлен верный URL api.telegram.org/bot\$TELEGRAM_TOKEN/ + curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \ + --proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \ + -d "chat_id=${TELEGRAM_CHAT}" \ + -d "parse_mode=MarkdownV2" \ + -d "text=\$TEXT" > /dev/null + else + ERROR_LOG=\$(tail -n 10 /tmp/docker_deploy.log) + ESCAPED_LOG=\$(echo "\$ERROR_LOG" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g" | sed "s/!/\\\\!/g") + TEXT="❌ *Ошибка деплоя релиза ${REF_NAME}\!* %0A%0A\`\`\`%0A\$ESCAPED_LOG%0A\`\`\`" + + # ИСПРАВЛЕНО: Здесь URL тоже приведен к стандарту Telegram API + curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \ + --proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \ + -d "chat_id=${TELEGRAM_CHAT}" \ + -d "parse_mode=MarkdownV2" \ + -d "text=\$TEXT" > /dev/null + fi + + rm -f /tmp/docker_deploy.log + ' > /dev/null 2>&1 & + EOT + + echo "New containers will be started after 5 seconds" \ No newline at end of file diff --git a/.gitea/workflows/test_telegram_deploy_bot.yaml b/.gitea/workflows/test_telegram_deploy_bot.yaml new file mode 100644 index 0000000..bb4bfb3 --- /dev/null +++ b/.gitea/workflows/test_telegram_deploy_bot.yaml @@ -0,0 +1,40 @@ +name: 🤖 Test telegram deploy bot +run-name: '🤖 Test telegram deploy bot: ${{ gitea.ref_name }} by @${{ gitea.actor }}' +on: + workflow_dispatch: + +jobs: + send_test_message: + runs-on: ubuntu-latest + steps: + - name: Checout repository + uses: actions/checkout@v4 + + - name: Configure ssh client + uses: ./.gitea/actions/configure-ssh-client + with: + ssh_host: ${{ secrets.SSH_HOST }} + + - name: Prepare message + id: prepare_message + uses: ./.gitea/actions/telegram-message-escape + with: + message: 💬 Test message + + - name: Send message + env: + SSHPASS: ${{ secrets.SSH_PASSWORD }} + SSH_USERNAME: ${{ secrets.SSH_USERNAME }} + SSH_HOST: ${{ secrets.SSH_HOST }} + TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_DEPLOY_BOT_TOKEN }} + TELEGRAM_CHAT: ${{ secrets.TELEGRAM_DEPLOY_CHAT_ID }} + PROXY_URL: ${{ secrets.PROXY_URL }} + MESSAGE: ${{ steps.prepare_message.outputs.escaped_message }} + run: | + sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT + curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \ + --proxy "${PROXY_URL}" \ + -d "chat_id=${TELEGRAM_CHAT}" \ + -d "parse_mode=MarkdownV2" \ + -d "text=$MESSAGE" > /dev/null + EOT \ No newline at end of file diff --git a/IDEAS.md b/IDEAS.md new file mode 100644 index 0000000..7c81d8d --- /dev/null +++ b/IDEAS.md @@ -0,0 +1,6 @@ +1. Backup data/ before rerun containers +2. Auto run on new realese +3. Разделение докер сетей +4. Notifications +5. Bot for server operations +6. multi device copy-paste \ No newline at end of file -- 2.52.0