bu5hm4nn/vault-dash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
786953c4031bc41fc916c72479d9770a2b9d6875
vault-dash/scripts/deploy-forgejo.sh
Bu5hm4nn 786953c403 docs: add verified Forgejo CI debugging guide to AGENTS.md 
Verified:
- Web UI URL for viewing workflow runs
- SSH command to access runner logs
- Common failure patterns and fixes
2026-03-29 12:10:52 +02:00

114 lines
3.4 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -Eeuo pipefail
# Deploy script for Forgejo Actions
# Uses Forgejo environment variables instead of GitLab CI variables
: "${DEPLOY_USER:?DEPLOY_USER is required}"
: "${DEPLOY_HOST:?DEPLOY_HOST is required}"
: "${APP_IMAGE:?APP_IMAGE is required}"
: "${DEPLOY_SSH_PRIVATE_KEY:?DEPLOY_SSH_PRIVATE_KEY is required}"
DEPLOY_PORT="${DEPLOY_PORT:-22}"
DEPLOY_PATH="${DEPLOY_PATH:-/opt/vault-dash}"
COMPOSE_FILE="${COMPOSE_FILE:-docker-compose.deploy.yml}"
COMPOSE_SERVICE="${COMPOSE_SERVICE:-vault-dash}"
DEPLOY_TIMEOUT="${DEPLOY_TIMEOUT:-120}"
HEALTHCHECK_URL="${HEALTHCHECK_URL:-http://127.0.0.1:${APP_PORT:-8000}/health}"
REMOTE_ENV_FILE="${REMOTE_ENV_FILE:-$DEPLOY_PATH/.env}"
SSH_OPTS=(-p "$DEPLOY_PORT" -o StrictHostKeyChecking=accept-new)
SCP_OPTS=(-P "$DEPLOY_PORT" -o StrictHostKeyChecking=accept-new)
REMOTE_TARGET="${DEPLOY_USER}@${DEPLOY_HOST}"
echo "=== Deploying vault-dash ==="
echo "Host: $DEPLOY_HOST:$DEPLOY_PORT"
echo "Path: $DEPLOY_PATH"
echo "Image: $APP_IMAGE"
# Create deployment directory
ssh "${SSH_OPTS[@]}" "$REMOTE_TARGET" "mkdir -p '$DEPLOY_PATH'"
# Write environment file
echo "=== Writing environment file ==="
ssh "${SSH_OPTS[@]}" "$REMOTE_TARGET" "cat > '$REMOTE_ENV_FILE'" <<EOF
APP_IMAGE=$APP_IMAGE
APP_ENV=${APP_ENV:-production}
APP_NAME=${APP_NAME:-Vault Dashboard}
APP_PORT=${APP_PORT:-8000}
APP_BIND_ADDRESS=${APP_BIND_ADDRESS:-127.0.0.1}
REDIS_URL=${REDIS_URL:-}
DEFAULT_SYMBOL=${DEFAULT_SYMBOL:-GLD}
CACHE_TTL=${CACHE_TTL:-300}
WEBSOCKET_INTERVAL_SECONDS=${WEBSOCKET_INTERVAL_SECONDS:-5}
NICEGUI_MOUNT_PATH=${NICEGUI_MOUNT_PATH:-/}
NICEGUI_STORAGE_SECRET=${NICEGUI_STORAGE_SECRET:-}
CORS_ORIGINS=${CORS_ORIGINS:-*}
TURNSTILE_SITE_KEY=${TURNSTILE_SITE_KEY:-}
TURNSTILE_SECRET_KEY=${TURNSTILE_SECRET_KEY:-}
EOF
# Upload docker-compose file
echo "=== Uploading docker-compose.deploy.yml ==="
scp "${SCP_OPTS[@]}" docker-compose.deploy.yml "$REMOTE_TARGET:$DEPLOY_PATH/$COMPOSE_FILE"
# Deploy on remote
echo "=== Running deployment on remote ==="
ssh "${SSH_OPTS[@]}" "$REMOTE_TARGET" "bash -s" <<EOF
set -Eeuo pipefail
cd "$DEPLOY_PATH"
# Save current image for rollback
if [[ -f .last_successful_image ]]; then
PREVIOUS_IMAGE="\$(cat .last_successful_image)"
echo "Previous image: \$PREVIOUS_IMAGE"
fi
# Pull new image
echo "Pulling $APP_IMAGE..."
docker pull "$APP_IMAGE" || {
echo "Failed to pull image"
exit 1
}
# Save new image for rollback
echo "$APP_IMAGE" > .last_successful_image
# Stop existing container
echo "Stopping existing containers..."
docker compose -f "$COMPOSE_FILE" --env-file "$REMOTE_ENV_FILE" down --remove-orphans || true
# Start new container
echo "Starting new container..."
docker compose -f "$COMPOSE_FILE" --env-file "$REMOTE_ENV_FILE" up -d --remove-orphans
# Wait for health check
echo "Waiting for health check..."
COUNTER=0
MAX_WAIT=$DEPLOY_TIMEOUT
while [ \$COUNTER -lt \$MAX_WAIT ]; do
if curl -sf "${HEALTHCHECK_URL}" > /dev/null 2>&1; then
echo "Health check passed after \${COUNTER}s"
echo "=== Deployment successful ==="
exit 0
fi
sleep 1
COUNTER=\$((COUNTER + 1))
done
# Health check failed - rollback
echo "Health check failed after \${MAX_WAIT}s"
if [[ -n "\${PREVIOUS_IMAGE:-}" ]]; then
echo "Rolling back to \$PREVIOUS_IMAGE..."
sed -i.bak "s|^APP_IMAGE=.*|APP_IMAGE=\$PREVIOUS_IMAGE|" "$REMOTE_ENV_FILE"
docker compose -f "$COMPOSE_FILE" --env-file "$REMOTE_ENV_FILE" up -d --remove-orphans
echo "Rollback complete"
fi
exit 1
EOF
echo "=== Deployment complete ==="
Reference in New Issue View Git Blame Copy Permalink