44 lines
1.6 KiB
YAML
44 lines
1.6 KiB
YAML
# Deploy na single server: deploy.sh volá hostovský Docker přes /var/run/docker.sock (bez DinD).
|
|
#
|
|
# Job běží v kontejneru — /opt/ems-deploy a sock musí být přimountované (viz container.volumes).
|
|
# V /opt/gitea-stack/runner/config.yaml nastav container.valid_volumes na stejné cesty.
|
|
# Sladit `runs-on` s labely registrace runneru (výchozí: self-hosted).
|
|
#
|
|
# Spuštění: push na větev main (včetně merge PR do main — merge v Gitea/Git je stále push na main).
|
|
# Nepřidávat paralelně pull_request:closed — při merge by běžel deploy dvakrát (push + PR).
|
|
|
|
name: deploy
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: self-hosted
|
|
container:
|
|
image: docker.io/library/alpine:3.20
|
|
volumes:
|
|
- /opt/ems-deploy:/opt/ems-deploy
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
steps:
|
|
- name: Install git, bash, Docker CLI + Compose v2
|
|
run: apk add --no-cache git bash docker-cli docker-cli-compose
|
|
- name: Run deploy script (host Docker + /opt/ems-deploy checkout)
|
|
run: bash /opt/ems-deploy/deploy.sh
|
|
|
|
# Alternativa: runner v Dockeru bez přístupu k hostu — odkomentovat a upravit SERVER + secrets.
|
|
# deploy-ssh:
|
|
# runs-on: ubuntu-latest
|
|
# steps:
|
|
# - name: Deploy over SSH
|
|
# env:
|
|
# SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
|
|
# run: |
|
|
# mkdir -p ~/.ssh
|
|
# printf '%s\n' "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519
|
|
# chmod 600 ~/.ssh/id_ed25519
|
|
# ssh -o StrictHostKeyChecking=yes -i ~/.ssh/id_ed25519 deploy@SERVER '/opt/ems-deploy/deploy.sh'
|