Julian Tabel
7cd3372c7e
- Pass SUPABASE_JWT_SECRET to backend in docker-compose.prod.yml - Add build args (VITE_API_URL, VITE_SUPABASE_URL, VITE_SUPABASE_ANON_KEY) to Dockerfile.prod so Vite inlines them at build time - Pass build args from secrets in deploy workflow - Add build section to frontend service in docker-compose.prod.yml No GoTrue container needed in prod — Supabase Cloud hosts the auth service. The backend only needs the JWT secret to verify tokens. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
51 lines
2.0 KiB
YAML
51 lines
2.0 KiB
YAML
name: Deploy
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
if: github.ref == 'refs/heads/main'
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Login to Gitea registry
|
|
run: echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login gitea.nerdboden.de -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
|
|
|
|
- name: Build and push API image
|
|
run: |
|
|
docker build --platform linux/amd64 \
|
|
-t gitea.nerdboden.de/thefurya/nuzlocke-tracker-api:latest \
|
|
-f backend/Dockerfile.prod ./backend
|
|
docker push gitea.nerdboden.de/thefurya/nuzlocke-tracker-api:latest
|
|
|
|
- name: Build and push frontend image
|
|
run: |
|
|
docker build --platform linux/amd64 \
|
|
--build-arg VITE_API_URL=${{ secrets.VITE_API_URL }} \
|
|
--build-arg VITE_SUPABASE_URL=${{ secrets.VITE_SUPABASE_URL }} \
|
|
--build-arg VITE_SUPABASE_ANON_KEY=${{ secrets.VITE_SUPABASE_ANON_KEY }} \
|
|
-t gitea.nerdboden.de/thefurya/nuzlocke-tracker-frontend:latest \
|
|
-f frontend/Dockerfile.prod ./frontend
|
|
docker push gitea.nerdboden.de/thefurya/nuzlocke-tracker-frontend:latest
|
|
|
|
- name: Deploy to Unraid
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
echo "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/deploy_key
|
|
chmod 600 ~/.ssh/deploy_key
|
|
SSH_CMD="ssh -o StrictHostKeyChecking=no -i ~/.ssh/deploy_key root@192.168.1.10"
|
|
SCP_CMD="scp -o StrictHostKeyChecking=no -i ~/.ssh/deploy_key"
|
|
DEPLOY_DIR="/mnt/user/appdata/nuzlocke-tracker"
|
|
|
|
$SCP_CMD docker-compose.prod.yml "root@192.168.1.10:${DEPLOY_DIR}/docker-compose.yml"
|
|
$SCP_CMD backup.sh "root@192.168.1.10:${DEPLOY_DIR}/backup.sh"
|
|
$SSH_CMD "chmod +x '${DEPLOY_DIR}/backup.sh'"
|
|
$SSH_CMD "cd '${DEPLOY_DIR}' && docker compose pull && docker compose up -d"
|