79 lines
2.4 KiB
YAML
79 lines
2.4 KiB
YAML
# .gitea/workflows/deploy.yml
|
|
# Triggered on push to main.
|
|
# Runs CI checks first, then deploys to production.
|
|
#
|
|
# Required Gitea secrets (Settings → Secrets → Actions):
|
|
# DEPLOY_HOST — droplet IP or hostname
|
|
# DEPLOY_USER — SSH user (e.g. root)
|
|
# DEPLOY_SSH_KEY — private key (contents of ~/.ssh/deploy_key)
|
|
# DEPLOY_PORT — SSH port (usually 22)
|
|
|
|
name: Deploy
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
# ── Stage 1: CI ─────────────────────────────────────────────────────────────
|
|
build:
|
|
name: Check & Build
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Verify Node.js
|
|
run: node --version && npm --version
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: JS syntax check
|
|
run: |
|
|
find src -name "*.js" | xargs -I{} node --check {}
|
|
echo "✓ JS syntax OK"
|
|
|
|
- name: Svelte check
|
|
run: npx svelte-check 2>&1 | tail -10
|
|
|
|
- name: Build
|
|
run: npm run build
|
|
env:
|
|
DATABASE_URL: ./dummy.db
|
|
RATE_LIMIT_PUBLISH: '5'
|
|
RATE_LIMIT_READ: '100'
|
|
PUBLIC_BASE_URL: 'https://example.com'
|
|
|
|
# ── Stage 2: Deploy ──────────────────────────────────────────────────────────
|
|
deploy:
|
|
name: Deploy to Production
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
|
|
steps:
|
|
- name: Deploy via SSH
|
|
uses: appleboy/ssh-action@v1.0.3
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USER }}
|
|
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
|
port: ${{ secrets.DEPLOY_PORT }}
|
|
script: |
|
|
set -e
|
|
APP_DIR=/opt/etc-prs/app
|
|
APP_USER=prs
|
|
echo "▸ Pulling latest code…"
|
|
cd "$APP_DIR" && git pull
|
|
echo "▸ Installing dependencies…"
|
|
npm install --quiet
|
|
echo "▸ Building…"
|
|
npm run build
|
|
echo "▸ Fixing ownership…"
|
|
chown -R "${APP_USER}:${APP_USER}" "$APP_DIR"
|
|
echo "▸ Reloading PM2…"
|
|
pm2 reload etc-prs
|
|
echo "✓ Deploy complete"
|