Skip to content

Commit

Permalink
build: prod
Browse files Browse the repository at this point in the history
  • Loading branch information
@hai-ko
hai-ko committed Nov 30, 2023
1 parent a094d47 commit 5eaef8a
Show file tree
Hide file tree
Showing 6 changed files with 394 additions and 51 deletions.
36 changes: 18 additions & 18 deletions .github/workflows/deploy-billboard.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ jobs:
messenger-demo-deploy:
environment: devconnect2023
runs-on: ubuntu-latest
# if: ${{ contains( github.ref, vars.STAGING_BRANCH) }}
if: ${{ contains( github.ref, vars.TRIGGER_BRANCH) }}
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v3
Expand All @@ -22,21 +22,21 @@ jobs:
- name: Prepare SSH
run: |
mkdir ~/.ssh
echo "${{ secrets.STAGING_HOST_SSH }}" > ~/.ssh/known_hosts
echo "${{ secrets.HOST_SSH_PUBLIC_KEY }}" > ~/.ssh/known_hosts
echo "${{ secrets.DO_SSH_KEY }}" > ./ssh-key
chmod 600 ./ssh-key
- name: Create .env file
env:
TARGET_HOST: ${{ secrets.STAGING_HOST }}
TARGET_HOST: ${{ secrets.HOST_DOMAIN}}
TARGET_IP: ${{ secrets.IP_ADDRESS }}
run: |
echo "REACT_APP_ADDR_ENS_SUBDOMAIN=.addr.devconnect.dm3.eth" >> ./.env.react
echo "REACT_APP_BACKEND=https://${{ secrets.STAGING_HOST }}/api" >> ./.env.react
echo "REACT_APP_BACKEND=https://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_DEFAULT_DELIVERY_SERVICE=bb-ds.devconnect.dm3.eth" >> ./.env.react
echo "REACT_APP_DEFAULT_SERVICE=https://${{ secrets.STAGING_HOST }}/api" >> ./.env.react
echo "REACT_APP_DEFAULT_SERVICE=https://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_ETHEREUM_PROVIDER=${{ secrets.REACT_APP_ETHEREUM_PROVIDER }}" >> ./.env.react
echo "REACT_APP_PROFILE_BASE_URL=https://${{ secrets.STAGING_HOST }}/api" >> ./.env.react
echo "REACT_APP_RESOLVER_BACKEND=https://${{ secrets.STAGING_HOST }}/resolver-handler" >> ./.env.react
echo "REACT_APP_PROFILE_BASE_URL=https://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_RESOLVER_BACKEND=https://${{ secrets.HOST_DOMAIN}}/resolver-handler" >> ./.env.react
echo "REACT_APP_USER_ENS_SUBDOMAIN=.user.devconnect.dm3.eth" >> ./.env.react
echo "REACT_APP_WALLET_CONNECT_PROJECT_ID=${{ secrets.REACT_APP_WALLET_CONNECT_PROJECT_ID }}" >> ./.env.react
echo "REACT_APP_COMMIT_HASH=${{ env.sha_short }}" >> ./.env.react
Expand All @@ -51,13 +51,13 @@ jobs:
echo "SPAM_PROTECTION=${{ secrets.SPAM_PROTECTION }}" >> ./.env
echo "ENCRYPTION_PUBLIC_KEY=${{ secrets.ENCRYPTION_PUBLIC_KEY }}" >> ./.env
echo "ENCRYPTION_PRIVATE_KEY=${{ secrets.ENCRYPTION_PRIVATE_KEY }}" >> ./.env
echo "RPC=${{ secrets.STAGING_RPC }}" >> ./.env
echo "RPC=${{ secrets.RPC }}" >> ./.env
echo "BILLBOARD_PRIVATE_KEY=${{ secrets.BILLBOARD_PRIVATE_KEY }}" >> ./.env
echo "interceptor=${{ secrets.INTERCEPTOR }}" >> ./.env
echo "DISABLE_SESSION_CHECK='true'" >> ./.env
echo "BILLBOARD_NAMES=${{ secrets.BILLBOARD_NAMES }}" >> ./.env
echo "CERT_MAIL=${{ secrets.CERT_MAIL }}" >> ./.env
echo "URL=${{ secrets.STAGING_HOST }}" >> ./.env
echo "URL=${{ secrets.HOST_DOMAIN}}" >> ./.env
envsubst '${TARGET_HOST}' < ./docker/billboard/nginx.conf > ./nginx.conf
cat ./.env
- name: Build docker image
Expand All @@ -67,26 +67,26 @@ jobs:
docker save -o ./dm3-backend.tar dm3-backend:latest
- name: Sync files
run: |
rsync -avz -e 'ssh -i ./ssh-key' ./.env app@${{ secrets.STAGING_HOST }}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./dm3-backend.tar app@${{ secrets.STAGING_HOST }}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./nginx.conf app@${{ secrets.STAGING_HOST }}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./docker/billboard/docker-compose.yml app@${{ secrets.STAGING_HOST }}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./.env app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./dm3-backend.tar app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./nginx.conf app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./docker/billboard/docker-compose.yml app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
- name: Prepare docker
run: |
ssh -i ./ssh-key app@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker compose down && docker system prune -af"
ssh -i ./ssh-key root@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key root@${{ secrets.HOST_DOMAIN}} "\
systemctl restart docker.service"
- name: Load docker image
run: |
ssh -i ./ssh-key app@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker load -i dm3-backend.tar; \
rm dm3-backend.tar || true"
- name: Firewall config
run: |
ssh -i ./ssh-key root@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key root@${{ secrets.HOST_DOMAIN}} "\
ufw allow from 172.18.0.1/16 proto tcp to ${{ secrets.IP_ADDRESS }} port 80"
- name: Start
run: |
ssh -i ./ssh-key app@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker compose --env-file .env up -d"
85 changes: 85 additions & 0 deletions .github/workflows/pord-deplo.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
name: Prod deploy
on: push

jobs:
messenger-demo-deploy:
environment: prod
runs-on: ubuntu-latest
if: ${{ contains( github.ref, vars.TRIGGER_BRANCH) }}
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v3
with:
registry-url: 'https://npm.pkg.github.com'
node-version: 18.0.0
cache: 'yarn'
- name: Declare some variables
shell: bash
run: |
echo ${{ contains( github.ref, vars.TRIGGER_BRANCH) }}
echo "sha_short=$(git rev-parse --short "$GITHUB_SHA")" >> "$GITHUB_ENV"
echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >> "$GITHUB_ENV"
echo "now=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
- name: Prepare SSH
run: |
mkdir ~/.ssh
echo "${{ secrets.HOST_SSH_PUBLIC_KEY }}" > ~/.ssh/known_hosts
echo "${{ secrets.DO_SSH_KEY }}" > ./ssh-key
chmod 600 ./ssh-key
- name: Create .env file
env:
TARGET_HOST: ${{ secrets.HOST_DOMAIN}}
run: |
echo "REACT_APP_ADDR_ENS_SUBDOMAIN=.beta-addr.dm3.eth" >> ./.env.react
echo "REACT_APP_BACKEND=http://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_DEFAULT_DELIVERY_SERVICE=beta-ds.dm3.eth" >> ./.env.react
echo "REACT_APP_DEFAULT_SERVICE=http://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_ETHEREUM_PROVIDER=${{ secrets.RPC }}" >> ./.env.react
echo "REACT_APP_PROFILE_BASE_URL=http://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_RESOLVER_BACKEND=http://${{ secrets.HOST_DOMAIN}}/resolver-handler" >> ./.env.react
echo "REACT_APP_USER_ENS_SUBDOMAIN=.beta-user.dm3.eth" >> ./.env.react
echo "REACT_APP_WALLET_CONNECT_PROJECT_ID=${{ secrets.REACT_APP_WALLET_CONNECT_PROJECT_ID }}" >> ./.env.react
echo "REACT_APP_COMMIT_HASH=${{ env.sha_short }}" >> ./.env.react
echo "REACT_APP_BRANCH=${{ env.branch }}" >> ./.env.react
echo "REACT_APP_BUILD_TIME=${{ env.now }}" >> ./.env.react
cat ./.env.react >> ./.env
echo "RESOLVER_ADDR=0xae6646c22D8eE6479eE0a39Bf63B9bD9e57bAD9d" >> ./.env
echo "SIGNING_PUBLIC_KEY=${{ secrets.SIGNING_PUBLIC_KEY }}" >> ./.env
echo "SIGNING_PRIVATE_KEY=${{ secrets.SIGNING_PRIVATE_KEY }}" >> ./.env
echo "SIGNER_PRIVATE_KEY=${{ secrets.SIGNER_PRIVATE_KEY }}" >> ./.env
echo "SPAM_PROTECTION=${{ secrets.SPAM_PROTECTION }}" >> ./.env
echo "ENCRYPTION_PUBLIC_KEY=${{ secrets.ENCRYPTION_PUBLIC_KEY }}" >> ./.env
echo "ENCRYPTION_PRIVATE_KEY=${{ secrets.ENCRYPTION_PRIVATE_KEY }}" >> ./.env
echo "RPC=${{ secrets.RPC }}" >> ./.env
envsubst '${SSL_CERTIFICATE_BASE_LOC} ${TLS_CERTIFICATE_LOCATION} ${TARGET_HOST}' < ./docker/prod/nginx.conf > ./nginx.conf
cat ./.env
- name: Build docker image
run: |
cp ./.env.react packages/messenger-demo/.env
docker build --progress=plain -t dm3-backend:latest -f ./docker/Dockerfile .
docker save -o ./dm3-backend.tar dm3-backend:latest
- name: Prepare docker
run: |
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker compose down && docker system prune -af"
ssh -i ./ssh-key root@${{ secrets.HOST_DOMAIN}} "\
systemctl restart docker.service \
rm /home/app/dm3-backend.tar || true"
- name: Sync files
run: |
rsync -avz -e 'ssh -i ./ssh-key' ./.env app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./dm3-backend.tar app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./nginx.conf app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./docker/prod/docker-compose.yml app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
- name: Load docker image
run: |
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker load -i dm3-backend.tar"
- name: Firewall config
run: |
ssh -i ./ssh-key root@${{ secrets.HOST_DOMAIN}} "\
ufw allow from 172.18.0.1/16 proto tcp to ${{ secrets.HOST_DOMAIN}} port 80"
- name: Start
run: |
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker compose --env-file .env up -d"
39 changes: 20 additions & 19 deletions .github/workflows/deploy.yml → .github/workflows/staging-deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@ on: push

jobs:
messenger-demo-deploy:
environment: staging
runs-on: ubuntu-latest
if: ${{ contains( github.ref, vars.STAGING_BRANCH) }}
if: ${{ contains( github.ref, vars.TRIGGER_BRANCH) }}
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v3
Expand All @@ -21,20 +22,20 @@ jobs:
- name: Prepare SSH
run: |
mkdir ~/.ssh
echo "${{ secrets.STAGING_HOST_SSH }}" > ~/.ssh/known_hosts
echo "${{ secrets.HOST_SSH_PUBLIC_KEY }}" > ~/.ssh/known_hosts
echo "${{ secrets.DO_SSH_KEY }}" > ./ssh-key
chmod 600 ./ssh-key
- name: Create .env file
env:
TARGET_HOST: ${{ secrets.STAGING_HOST }}
TARGET_HOST: ${{ secrets.HOST_DOMAIN}}
run: |
echo "REACT_APP_ADDR_ENS_SUBDOMAIN=.beta-addr.dm3.eth" >> ./.env.react
echo "REACT_APP_BACKEND=http://${{ secrets.STAGING_HOST }}/api" >> ./.env.react
echo "REACT_APP_BACKEND=http://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_DEFAULT_DELIVERY_SERVICE=beta-ds.dm3.eth" >> ./.env.react
echo "REACT_APP_DEFAULT_SERVICE=http://${{ secrets.STAGING_HOST }}/api" >> ./.env.react
echo "REACT_APP_ETHEREUM_PROVIDER=${{ secrets.REACT_APP_ETHEREUM_PROVIDER }}" >> ./.env.react
echo "REACT_APP_PROFILE_BASE_URL=http://${{ secrets.STAGING_HOST }}/api" >> ./.env.react
echo "REACT_APP_RESOLVER_BACKEND=http://${{ secrets.STAGING_HOST }}/resolver-handler" >> ./.env.react
echo "REACT_APP_DEFAULT_SERVICE=http://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_ETHEREUM_PROVIDER=${{ secrets.RPC }}" >> ./.env.react
echo "REACT_APP_PROFILE_BASE_URL=http://${{ secrets.HOST_DOMAIN}}/api" >> ./.env.react
echo "REACT_APP_RESOLVER_BACKEND=http://${{ secrets.HOST_DOMAIN}}/resolver-handler" >> ./.env.react
echo "REACT_APP_USER_ENS_SUBDOMAIN=.beta-user.dm3.eth" >> ./.env.react
echo "REACT_APP_WALLET_CONNECT_PROJECT_ID=${{ secrets.REACT_APP_WALLET_CONNECT_PROJECT_ID }}" >> ./.env.react
echo "REACT_APP_COMMIT_HASH=${{ env.sha_short }}" >> ./.env.react
Expand All @@ -48,7 +49,7 @@ jobs:
echo "SPAM_PROTECTION=${{ secrets.SPAM_PROTECTION }}" >> ./.env
echo "ENCRYPTION_PUBLIC_KEY=${{ secrets.ENCRYPTION_PUBLIC_KEY }}" >> ./.env
echo "ENCRYPTION_PRIVATE_KEY=${{ secrets.ENCRYPTION_PRIVATE_KEY }}" >> ./.env
echo "RPC=${{ secrets.STAGING_RPC }}" >> ./.env
echo "RPC=${{ secrets.RPC }}" >> ./.env
envsubst '${SSL_CERTIFICATE_BASE_LOC} ${TLS_CERTIFICATE_LOCATION} ${TARGET_HOST}' < ./docker/nginx.conf > ./nginx.conf
cat ./.env
- name: Build docker image
Expand All @@ -58,26 +59,26 @@ jobs:
docker save -o ./dm3-backend.tar dm3-backend:latest
- name: Prepare docker
run: |
ssh -i ./ssh-key app@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker compose down && docker system prune -af"
ssh -i ./ssh-key root@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key root@${{ secrets.HOST_DOMAIN}} "\
systemctl restart docker.service \
rm /home/app/dm3-backend.tar || true"
- name: Sync files
run: |
rsync -avz -e 'ssh -i ./ssh-key' ./.env app@${{ secrets.STAGING_HOST }}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./dm3-backend.tar app@${{ secrets.STAGING_HOST }}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./nginx.conf app@${{ secrets.STAGING_HOST }}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./docker/docker-compose.yml app@${{ secrets.STAGING_HOST }}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./.env app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./dm3-backend.tar app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./nginx.conf app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
rsync -avz -e 'ssh -i ./ssh-key' ./docker/docker-compose.yml app@${{ secrets.HOST_DOMAIN}}:/home/app/dm3
- name: Load docker image
run: |
ssh -i ./ssh-key app@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker load -i dm3-backend.tar"
- name: Firewall config
run: |
ssh -i ./ssh-key root@${{ secrets.STAGING_HOST }} "\
ufw allow from 172.18.0.1/16 proto tcp to ${{ secrets.STAGING_HOST }} port 80"
ssh -i ./ssh-key root@${{ secrets.HOST_DOMAIN}} "\
ufw allow from 172.18.0.1/16 proto tcp to ${{ secrets.HOST_DOMAIN}} port 80"
- name: Start
run: |
ssh -i ./ssh-key app@${{ secrets.STAGING_HOST }} "\
ssh -i ./ssh-key app@${{ secrets.HOST_DOMAIN}} "\
cd dm3 && docker compose --env-file .env up -d"
28 changes: 14 additions & 14 deletions docker/billboard/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,20 +80,20 @@ services:
timeout: 10s
retries: 5

# web:
# image: dm3-backend
# command: yarn workspace messenger-demo start
# environment:
# REACT_APP_ADDR_ENS_SUBDOMAIN: ${REACT_APP_ADDR_ENS_SUBDOMAIN}
# REACT_APP_BACKEND: ${REACT_APP_BACKEND}
# REACT_APP_DEFAULT_DELIVERY_SERVICE: ${REACT_APP_DEFAULT_DELIVERY_SERVICE}
# REACT_APP_DEFAULT_SERVICE: ${REACT_APP_DEFAULT_SERVICE}
# REACT_APP_ETHEREUM_PROVIDER: ${REACT_APP_ETHEREUM_PROVIDER}
# REACT_APP_PROFILE_BASE_URL: ${REACT_APP_PROFILE_BASE_URL}
# REACT_APP_RESOLVER_BACKEND: ${REACT_APP_RESOLVER_BACKEND}
# REACT_APP_USER_ENS_SUBDOMAIN: ${REACT_APP_USER_ENS_SUBDOMAIN}
# REACT_APP_WALLET_CONNECT_PROJECT_ID: ${REACT_APP_WALLET_CONNECT_PROJECT_ID}
# RESOLVER_ADDR: ${RESOLVER_ADDR}
web:
image: dm3-backend
command: yarn workspace messenger-demo start
environment:
REACT_APP_ADDR_ENS_SUBDOMAIN: ${REACT_APP_ADDR_ENS_SUBDOMAIN}
REACT_APP_BACKEND: ${REACT_APP_BACKEND}
REACT_APP_DEFAULT_DELIVERY_SERVICE: ${REACT_APP_DEFAULT_DELIVERY_SERVICE}
REACT_APP_DEFAULT_SERVICE: ${REACT_APP_DEFAULT_SERVICE}
REACT_APP_ETHEREUM_PROVIDER: ${REACT_APP_ETHEREUM_PROVIDER}
REACT_APP_PROFILE_BASE_URL: ${REACT_APP_PROFILE_BASE_URL}
REACT_APP_RESOLVER_BACKEND: ${REACT_APP_RESOLVER_BACKEND}
REACT_APP_USER_ENS_SUBDOMAIN: ${REACT_APP_USER_ENS_SUBDOMAIN}
REACT_APP_WALLET_CONNECT_PROJECT_ID: ${REACT_APP_WALLET_CONNECT_PROJECT_ID}
RESOLVER_ADDR: ${RESOLVER_ADDR}

certbot:
image: certbot/certbot
Expand Down
Loading

0 comments on commit 5eaef8a

Please sign in to comment.