diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index 29f2a9f..2d417bb 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -46,7 +46,15 @@ jobs: images: liamsgit.dev/LiamPietralla/code-snippets tags: | type=raw,value=latest - type=sha,value=${{ github.sha }} + + # - name: Setup Docker Metadata + # id: meta + # uses: docker/metadata-action@v4 + # with: + # images: liamsgit.dev/LiamPietralla/code-snippets + # tags: | + # type=raw,value=latest + # type=sha,value=${{ github.sha }} - name: Login to Registry uses: docker/login-action@v3 @@ -63,7 +71,7 @@ jobs: labels: ${{ steps.meta.outputs.labels }} deploy: - if: github.ref == 'refs/heads/main' && github.event_name == 'push' + if: github.ref == 'refs/heads/main' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') name: Deploy to Infrastructure runs-on: ubuntu-latest @@ -73,42 +81,21 @@ jobs: steps: - uses: actions/checkout@v3 - - name: Write GitHub SSH Key to File - env: - SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} - run: | - echo "$SSH_PRIVATE_KEY" > private.key - sudo chmod 400 private.key - - - name: Write Ansible Inventory To File - env: - APP_HOST: ${{ secrets.APP_HOST }} - run: | - echo "[app]" > hosts.ini - echo "$APP_HOST" >> hosts.ini - - - name: Install Ansible - run: | - sudo apt-add-repository ppa:ansible/ansible -y - sudo apt-get update -y - sudo apt-get install ansible -y - - - name: Run Ansible Playbook to Configure Servers - run: | - export ANSIBLE_HOST_KEY_CHECKING=False # Disable host key checking - ansible-playbook infra/ansible/deploy-playbook.yml --private-key private.key --inventory hosts.ini - env: - APP_HOST: ${{ secrets.APP_HOST }} - REGISTRY_USERNAME: ${{ secrets.DOCKER_USERNAME }} - REGISTRY_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - - # - name: Setup Nomad - # uses: hashicorp/setup-nomad@main - # with: - # nomad_version: '1.10.5' + - name: Setup Nomad + uses: hashicorp/setup-nomad@main + with: + nomad_version: '1.10.5' # - name: Deploy Job to Nomad # run: | # nomad job run -var="version=${{ github.sha }}" infra/nomad/code-snippets.nomad.hcl # env: # NOMAD_ADDR: ${{ vars.NOMAD_ADDR }} + # NOMAD_TOKEN: ${{ secrets.NOMAD_TOKEN }} + + - name: Deploy Job to Nomad + run: | + nomad job run infra/nomad/code-snippets.nomad.hcl + env: + NOMAD_ADDR: ${{ vars.NOMAD_ADDR }} + NOMAD_TOKEN: ${{ secrets.NOMAD_TOKEN }} diff --git a/infra/ansible/deploy-playbook.yml b/infra/ansible/deploy-playbook.yml deleted file mode 100644 index 5d8f643..0000000 --- a/infra/ansible/deploy-playbook.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Configure App Server - hosts: app - remote_user: root - become: yes # sudo - roles: - - app - vars: - registry_username: "{{ lookup('env', 'REGISTRY_USERNAME') }}" - registry_password: "{{ lookup('env', 'REGISTRY_PASSWORD') }}" - \ No newline at end of file diff --git a/infra/ansible/roles/app/files/nginx.conf b/infra/ansible/roles/app/files/nginx.conf deleted file mode 100644 index c95cbf4..0000000 --- a/infra/ansible/roles/app/files/nginx.conf +++ /dev/null @@ -1,13 +0,0 @@ -server { - listen 80; - server_name code.liampietralla.com; - - location / { - proxy_pass http://localhost:5000; - proxy_redirect off; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Host $server_name; - } -} \ No newline at end of file diff --git a/infra/ansible/roles/app/tasks/main.yml b/infra/ansible/roles/app/tasks/main.yml deleted file mode 100644 index 541f925..0000000 --- a/infra/ansible/roles/app/tasks/main.yml +++ /dev/null @@ -1,31 +0,0 @@ -- name: Login to Docker Registry - docker_login: - registry: liamsgit.dev - username: "{{ registry_username }}" - password: "{{ registry_password }}" - -- name: Run Code App Container - docker_container: - name: code - image: liamsgit.dev/liampietralla/code-snippets - pull: yes - ports: - - "5000:80" - restart_policy: unless-stopped - -- name: Copy nginx config file - copy: - src: nginx.conf - dest: /etc/nginx/sites-available/code - force: no - -- name: Create symlink to code - file: - src: /etc/nginx/sites-available/code - dest: /etc/nginx/sites-enabled/code - state: link - -- name: Restart Nginx - service: - name: nginx - state: restarted \ No newline at end of file diff --git a/infra/nomad/code-snippets.nomad.hcl b/infra/nomad/code-snippets.nomad.hcl index 93b4dab..1dc33e3 100644 --- a/infra/nomad/code-snippets.nomad.hcl +++ b/infra/nomad/code-snippets.nomad.hcl @@ -1,6 +1,6 @@ variable "version" { -type = string -default = "latest" + type = string + default = "latest" } job "code-snippets" { @@ -20,7 +20,7 @@ job "code-snippets" { driver = "docker" config { - image = "liamsgit.dev/LiamPietralla/code-snippets:${var.version}" + image = "liamsgit.dev/liampietralla/code-snippets:${var.version}" force_pull = true ports = ["http"] } @@ -30,8 +30,9 @@ job "code-snippets" { port = "http" tags = [ "traefik.enable=true", - "traefik.http.routers.code-snippets.rule=PathPrefix(`/`)", - "traefik.http.routers.code-snippets.entrypoints=p5003" + "traefik.http.routers.codesnippets.rule=Host(`code.liampietralla.com`)", + "traefik.http.routers.codesnippets.entrypoints=websecure", + "traefik.http.routers.codesnippets.tls.certresolver=letsencrypt" ] check {