diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..69293b9 --- /dev/null +++ b/.env.example @@ -0,0 +1,3 @@ +BESZEL_HUB_URL=http://mon.localhost +NEXTCLOUD_DOMAIN=cld.localhost +GITEA_URL=http://git:3000 diff --git a/.gitea/workflows/demo.yaml b/.gitea/workflows/demo.yaml deleted file mode 100644 index 394c807..0000000 --- a/.gitea/workflows/demo.yaml +++ /dev/null @@ -1,19 +0,0 @@ -name: Gitea Actions Demo -run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀 -on: [push] - -jobs: - Explore-Gitea-Actions: - runs-on: ubuntu-latest - steps: - - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event." - - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!" - - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}." - - name: Check out repository code - uses: actions/checkout@v4 - - run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner." - - run: echo "🖥️ The workflow is now ready to test your code on the runner." - - name: List files in the repository - run: | - ls ${{ gitea.workspace }} - - run: echo "🍏 This job's status is ${{ job.status }}." \ No newline at end of file diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 7af81d5..bdabbe0 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -1,5 +1,5 @@ -name: Deploy -run-name: Deploy +name: 🚀 Deploy +run-name: '🚀 Deploy: ${{ gitea.ref_name }} by @${{ gitea.actor }}' on: workflow_dispatch: @@ -17,11 +17,39 @@ jobs: echo "Clean ref name: $CLEAN_REF_NAME" echo "CLEAN_REF_NAME=$CLEAN_REF_NAME" >> $GITEA_ENV - - name: ⚙️ Configure SSH Client + - name: ⚙️ Configure ssh client + uses: ./.gitea/actions/configure-ssh-client + with: + ssh_host: ${{ secrets.SSH_HOST }} + + - name: 📦 Create backup of data/ folder + env: + SSHPASS: ${{ secrets.SSH_PASSWORD }} + SSH_USERNAME: ${{ secrets.SSH_USERNAME }} + SSH_HOST: ${{ secrets.SSH_HOST }} + DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }} + REF_NAME: ${{ env.CLEAN_REF_NAME }} run: | - sudo apt-get update && sudo apt-get install -y sshpass - mkdir -p ~/.ssh - ssh-keyscan -p 22 "${{ secrets.SSH_HOST }}" >> ~/.ssh/known_hosts + sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT + set -e + cd "$DEPLOY_DIRECTORY" + + mkdir -p backups + + BACKUP_DATE=\$(date +%Y-%m-%d_%H-%M-%S) + BACKUP_FILE="backups/backup-${REF_NAME}-\${BACKUP_DATE}.tar.gz" + + echo "Creating backup of data/ into \${BACKUP_FILE}..." + + if [ -d "data" ]; then + tar -czf "\${BACKUP_FILE}" data + echo "✅ Backup created successfully!" + else + echo "⚡️ No data/ folder, backup creation skipped." + fi + + find backups/ -type f -name "backup-*.tar.gz" -mtime +7 -delete + EOT - name: 🏗️ Create docker-compose file env: @@ -38,7 +66,7 @@ jobs: cat > \"docker-compose-$REF_NAME.yml\"" \ < docker-compose.yml - - name: 🔐 Create secrets + - name: 🔐 Create secrets and envs env: SSHPASS: ${{ secrets.SSH_PASSWORD }} SSH_USERNAME: ${{ secrets.SSH_USERNAME }} @@ -46,12 +74,22 @@ jobs: DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }} BESZEL_AGENT_KEY: ${{ secrets.BESZEL_AGENT_KEY }} BESZEL_AGENT_TOKEN: ${{ secrets.BESZEL_AGENT_TOKEN }} - GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets._GITEA_RUNNER_REGISTRATION_TOKEN }} + BESZEL_HUB_URL: ${{ vars.BESZEL_HUB_URL }} + GITEA_RUNNER_REGISTRATION_TOKEN: ${{ secrets.RUNNER_REGISTRATION_TOKEN }} + GITEA_URL: ${{ vars.GIT_URL }} VAULTWARDEN_ADMIN_TOKEN: ${{ secrets.VAULTWARDEN_ADMIN_TOKEN }} + NEXTCLOUD_DOMAIN: ${{ vars.NEXTCLOUD_DOMAIN }} run: | sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT set -e cd "$DEPLOY_DIRECTORY" + + cat << 'EOF_ENV' > .env + BESZEL_HUB_URL=$BESZEL_HUB_URL + NEXTCLOUD_DOMAIN=$NEXTCLOUD_DOMAIN + GITEA_URL=$GITEA_URL + EOF_ENV + mkdir -p secrets cat << 'EOF_SECRET' > secrets/beszel_agent_key.txt @@ -81,12 +119,16 @@ jobs: SSH_HOST: ${{ secrets.SSH_HOST }} DEPLOY_DIRECTORY: ${{ secrets.DEPLOY_DIRECTORY }} REF_NAME: ${{ env.CLEAN_REF_NAME }} - TELEGRAM_TOKEN: ${{ secrets.DEPLOY_TELEGRAM_BOT_TOKEN }} - TELEGRAM_CHAT: ${{ secrets.DEPLOY_TELEGRAM_CHAT_ID }} - PROXY_HOST: ${{ secrets.PROXY_HOST }} - PROXY_PORT: ${{ secrets.PROXY_PORT }} - PROXY_USER: ${{ secrets.PROXY_USER }} - PROXY_PASSWORD: ${{ secrets.PROXY_PASSWORD }} + TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_DEPLOY_BOT_TOKEN }} + TELEGRAM_CHAT: ${{ secrets.TELEGRAM_DEPLOY_CHAT_ID }} + PROXY_URL: ${{ secrets.PROXY_URL }} + SUCCESS_MESSAGE: |- + ✅ Успешный деплой! + Релиз: ${{ gitea.ref_name }} + FAILURE_MESSAGE: |- + ❌ Ошибка деплоя! + Релиз: ${{ gitea.ref_name }} + DEPLOY_LOG_FILE: /tmp/deploy-${{ env.CLEAN_REF_NAME }}.log run: | sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT set -e @@ -95,30 +137,24 @@ jobs: nohup bash -c ' sleep 5 - if docker compose -f "docker-compose-${REF_NAME}.yml" up -d --remove-orphans > /tmp/docker_deploy.log 2>&1; then - ESCAPED_REF=\$(echo "${REF_NAME}" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g") - TEXT="🚀 *Деплой успешен\!* %0AСервер применил релиз: \`\$ESCAPED_REF\`" - - # ИСПРАВЛЕНО: Восстановлен верный URL api.telegram.org/bot\$TELEGRAM_TOKEN/ - curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \ - --proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \ + if docker compose --dry-run -f "docker-compose-${REF_NAME}.yml" up -d --remove-orphans > ${DEPLOY_LOG_FILE} 2>&1; then + curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \ + --proxy "${PROXY_URL}" \ -d "chat_id=${TELEGRAM_CHAT}" \ - -d "parse_mode=MarkdownV2" \ - -d "text=\$TEXT" > /dev/null + -d "parse_mode=HTML" \ + --data-urlencode "text=${SUCCESS_MESSAGE}" > /dev/null else - ERROR_LOG=\$(tail -n 10 /tmp/docker_deploy.log) - ESCAPED_LOG=\$(echo "\$ERROR_LOG" | sed "s/-/\\\\-/g" | sed "s/\./\\\\./g" | sed "s/!/\\\\!/g") - TEXT="❌ *Ошибка деплоя релиза ${REF_NAME}\!* %0A%0A\`\`\`%0A\$ESCAPED_LOG%0A\`\`\`" - - # ИСПРАВЛЕНО: Здесь URL тоже приведен к стандарту Telegram API - curl -s -X POST "https://telegram.org\${TELEGRAM_TOKEN}/sendMessage" \ - --proxy "http://${PROXY_USER}:${PROXY_PASSWORD}@${PROXY_HOST}:${PROXY_PORT}" \ + curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \ + --proxy "${PROXY_URL}" \ -d "chat_id=${TELEGRAM_CHAT}" \ - -d "parse_mode=MarkdownV2" \ - -d "text=\$TEXT" > /dev/null + -d "parse_mode=HTML" \ + --data-urlencode "text=${FAILURE_MESSAGE}" > /dev/null fi - - rm -f /tmp/docker_deploy.log + + curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendDocument" \ + --proxy "${PROXY_URL}" \ + -F "chat_id=${TELEGRAM_CHAT}" \ + -F "document=@${DEPLOY_LOG_FILE}" > /dev/null && rm -f ${DEPLOY_LOG_FILE} ' > /dev/null 2>&1 & EOT diff --git a/.gitea/workflows/test_telegram_deploy_bot.yaml b/.gitea/workflows/test_telegram_deploy_bot.yaml index bb4bfb3..a4e49ca 100644 --- a/.gitea/workflows/test_telegram_deploy_bot.yaml +++ b/.gitea/workflows/test_telegram_deploy_bot.yaml @@ -7,21 +7,15 @@ jobs: send_test_message: runs-on: ubuntu-latest steps: - - name: Checout repository + - name: 📂 Checkout repository uses: actions/checkout@v4 - - name: Configure ssh client + - name: ⚙️ Configure ssh client uses: ./.gitea/actions/configure-ssh-client with: ssh_host: ${{ secrets.SSH_HOST }} - - name: Prepare message - id: prepare_message - uses: ./.gitea/actions/telegram-message-escape - with: - message: 💬 Test message - - - name: Send message + - name: 💬 Send message env: SSHPASS: ${{ secrets.SSH_PASSWORD }} SSH_USERNAME: ${{ secrets.SSH_USERNAME }} @@ -32,9 +26,11 @@ jobs: MESSAGE: ${{ steps.prepare_message.outputs.escaped_message }} run: | sshpass -e ssh -p 22 "$SSH_USERNAME@$SSH_HOST" bash -s << EOT - curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \ + set -e + + curl -s --connect-timeout 10 -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \ --proxy "${PROXY_URL}" \ -d "chat_id=${TELEGRAM_CHAT}" \ - -d "parse_mode=MarkdownV2" \ - -d "text=$MESSAGE" > /dev/null + -d "parse_mode=HTML" \ + --data-urlencode "text=💬 Test message" EOT \ No newline at end of file