This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Baphomet Server Deploy | |
| on: | |
| push: | |
| branches: | |
| - master | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Source | |
| uses: actions/checkout@v4 | |
| - name: Set Environment Variables | |
| run: | | |
| echo "ATLAS_DB_PASSWORD=${{ secrets.ATLAS_DB_PASSWORD }}" >> $GITHUB_ENV | |
| echo "ATLAS_DB_USERNAME=${{ secrets.ATLAS_DB_USERNAME }}" >> $GITHUB_ENV | |
| echo "ATLAS_CLUSTER=${{ secrets.ATLAS_CLUSTER }}" >> $GITHUB_ENV | |
| echo "ATLAS_DB=${{ secrets.ATLAS_DB }}" >> $GITHUB_ENV | |
| echo "ACCESS_TOKEN_SECRET=${{ secrets.ACCESS_TOKEN_SECRET }}" >> $GITHUB_ENV | |
| echo "REFRESH_TOKEN_SECRET=${{ secrets.REFRESH_TOKEN_SECRET }}" >> $GITHUB_ENV | |
| - name: Decode and Write SSL Certificates | |
| run: | | |
| echo "${{ secrets.SSL_CERT_BASE64 }}" | base64 --decode > certfile.cer | |
| echo "${{ secrets.SSL_PRIVATE_KEY_BASE64 }}" | base64 --decode > keyfile.key | |
| echo "${{ secrets.SSL_CERT_INTERMEDIATE_BASE64 }}" | base64 --decode > intermediate.cer | |
| echo "SSL_CERT_PATH=certfile.cer" >> $GITHUB_ENV | |
| echo "SSL_KEY_PATH=keyfile.key" >> $GITHUB_ENV | |
| echo "SSL_CA_PATH=intermediate.cer" >> $GITHUB_ENV | |
| - name: Build Docker Image | |
| run: docker build --build-arg SSL_CERT_PATH=$SSL_CERT_PATH --build-arg SSL_KEY_PATH=$SSL_KEY_PATH --build-arg SSL_CA_PATH=$SSL_CA_PATH -t collinlucke/baphomet-server:latest . | |
| - name: Login to Docker Hub | |
| run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| - name: Push Docker Image | |
| run: docker push collinlucke/baphomet-server:latest | |
| - name: Deploy to Server | |
| run: | | |
| ssh -o StrictHostKeyChecking=no [email protected] 'bash -s' < deploy.sh | |
| env: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} |