Update deploy.yml #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Production | |
| on: | |
| push: | |
| branches: [ dev ] | |
| workflow_dispatch: | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: '20' | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build | |
| run: npm run build | |
| - name: Install sshpass | |
| run: sudo apt-get install sshpass | |
| - name: Deploy to VM | |
| env: | |
| VM_HOST: ${{ secrets.VM_HOST }} | |
| VM_PASSWORD: ${{ secrets.VM_PASSWORD }} | |
| DEPLOY_PATH: "/root/dfanso-tunnel-server" | |
| SSHPASS: ${{ secrets.VM_PASSWORD }} | |
| run: | | |
| # Create deploy directory | |
| sshpass -e ssh -o StrictHostKeyChecking=no root@${{ secrets.VM_HOST }} "mkdir -p $DEPLOY_PATH" | |
| # Copy files to VM using sshpass | |
| sshpass -e rsync -azP --delete \ | |
| -e "ssh -o StrictHostKeyChecking=no" \ | |
| --exclude '.git' \ | |
| --exclude 'node_modules' \ | |
| ./ root@${{ secrets.VM_HOST }}:$DEPLOY_PATH/ | |
| # SSH into VM and update application | |
| sshpass -e ssh -o StrictHostKeyChecking=no root@${{ secrets.VM_HOST }} "cd $DEPLOY_PATH && \ | |
| # Install Node.js if not installed | |
| if ! command -v node &> /dev/null; then | |
| curl -fsSL https://deb.nodesource.com/setup_20.x | bash - | |
| apt-get install -y nodejs | |
| # Verify installation | |
| node --version | |
| npm --version | |
| fi | |
| # Install PM2 globally | |
| npm install -g pm2@latest | |
| # Install dependencies | |
| npm ci --production && \ | |
| # Create ecosystem config with secrets | |
| cat > ecosystem.config.js << 'EOL' | |
| module.exports = { | |
| apps: [{ | |
| name: 'dfanso-tunnel', | |
| script: './dist/index.js', | |
| instances: 2, | |
| autorestart: true, | |
| watch: true, | |
| max_memory_restart: '1G', | |
| env: { | |
| NODE_ENV: '${{ secrets.NODE_ENV }}', | |
| DOMAIN: '${{ secrets.DOMAIN }}', | |
| WS_PORT: '${{ secrets.WS_PORT }}', | |
| HTTP_PORT: '${{ secrets.HTTP_PORT }}', | |
| HTTPS_PORT: '${{ secrets.HTTPS_PORT }}', | |
| SSL_DIR: '${{ secrets.SSL_DIR }}' | |
| } | |
| }] | |
| }; | |
| EOL | |
| # Ensure PM2 is in PATH | |
| export PATH=$PATH:/usr/local/bin:/root/.npm-global/bin | |
| # Initialize PM2 | |
| pm2 kill || true | |
| # Start new PM2 process with error checking | |
| if ! pm2 start ecosystem.config.js; then | |
| echo 'Failed to start PM2 process' | |
| pm2 logs dfanso-tunnel --lines 50 | |
| exit 1 | |
| fi | |
| # Save PM2 process list and set up startup | |
| pm2 save | |
| env PATH=$PATH:/usr/local/bin:/root/.npm-global/bin pm2 startup systemd -u root --hp /root | |
| systemctl enable pm2-root | |
| # Check if process is running | |
| if ! pm2 pid dfanso-tunnel > /dev/null; then | |
| echo 'PM2 process is not running' | |
| pm2 logs dfanso-tunnel --lines 50 | |
| exit 1 | |
| fi | |
| # Show process status and logs | |
| pm2 list | |
| pm2 logs dfanso-tunnel --lines 20" |