-
Notifications
You must be signed in to change notification settings - Fork 19
71 lines (63 loc) · 2.55 KB
/
deploy-patsy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
name: Deploy Payment Proxy Server
on:
workflow_dispatch:
inputs:
build-image:
description: "Build docker image"
required: false
default: "true"
deploy-patsy:
description: "Deploy Patsy"
required: false
default: "true"
jobs:
build-image:
runs-on: ubuntu-latest
steps:
- name: Checkout code
if: github.event.inputs.build-image == 'true'
uses: actions/checkout@v3
- name: Build Docker image
if: github.event.inputs.build-image == 'true'
run: make docker/paymentproxy/build
- name: Login to DigitalOcean Docker Registry
if: github.event.inputs.build-image == 'true'
run: docker login -u ${{ secrets.DO_API_KEY }} -p ${{ secrets.DO_API_KEY }} registry.digitalocean.com
- name: Push Docker image to DigitalOcean
if: github.event.inputs.build-image == 'true'
run: make docker/paymentproxy/push
deploy-patsy:
needs: build-image
runs-on: ubuntu-latest
if: github.event.inputs.deploy-patsy == 'true'
steps:
- name: Deploy to Droplet
env:
DO_API_KEY: ${{ secrets.DO_API_KEY }}
SSH_PRIVATE_KEY: ${{ secrets.PATSY_SSH_PRIVATE_KEY }}
DROPLET_IP: "165.22.197.200"
NAME: "nitro-payment-proxy"
NITRO_ENDPOINT: "brad-node.statechannels.org:4005/api/v1"
DESTINATION_URL: "https://demo-files.ams3.digitaloceanspaces.com/"
TLS_CERT_FILE: /app/certs/live/payment-proxy.statechannels.org/fullchain.pem
TLS_KEY_FILE: /app/certs/live/payment-proxy.statechannels.org/privkey.pem
PROXY_PORT: 443
run: |
echo "$SSH_PRIVATE_KEY" > private_key.pem
chmod 600 private_key.pem
ssh -o StrictHostKeyChecking=no -i private_key.pem root@$DROPLET_IP <<ENDSSH
docker login -u $DO_API_KEY -p $DO_API_KEY registry.digitalocean.com
docker pull registry.digitalocean.com/magmo/nitro-payment-proxy:latest
docker stop $NAME || true
docker rm $NAME || true
docker run --restart=unless-stopped -it -d --name $NAME \
-v /etc/letsencrypt:/app/certs \
-p 443:443 -p 80:80 -p 5511:5511 \
-e NITRO_ENDPOINT=$NITRO_ENDPOINT \
-e DESTINATION_URL=$DESTINATION_URL \
-e TLS_CERT_FILE=$TLS_CERT_FILE \
-e TLS_KEY_FILE=$TLS_KEY_FILE \
-e PROXY_PORT=$PROXY_PORT \
registry.digitalocean.com/magmo/nitro-payment-proxy:latest
ENDSSH
rm private_key.pem