Deploy Payment Proxy Server #42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Payment Proxy Server | |
on: | |
workflow_dispatch: | |
inputs: | |
build-image: | |
description: "Build docker image" | |
required: false | |
default: "true" | |
deploy-patsy: | |
description: "Deploy Patsy" | |
required: false | |
default: "true" | |
jobs: | |
build-image: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
if: github.event.inputs.build-image == 'true' | |
uses: actions/checkout@v3 | |
- name: Build Docker image | |
if: github.event.inputs.build-image == 'true' | |
run: make docker/paymentproxy/build | |
- name: Login to DigitalOcean Docker Registry | |
if: github.event.inputs.build-image == 'true' | |
run: docker login -u ${{ secrets.DO_API_KEY }} -p ${{ secrets.DO_API_KEY }} registry.digitalocean.com | |
- name: Push Docker image to DigitalOcean | |
if: github.event.inputs.build-image == 'true' | |
run: make docker/paymentproxy/push | |
deploy-patsy: | |
needs: build-image | |
runs-on: ubuntu-latest | |
if: github.event.inputs.deploy-patsy == 'true' | |
steps: | |
- name: Deploy to Droplet | |
env: | |
DO_API_KEY: ${{ secrets.DO_API_KEY }} | |
SSH_PRIVATE_KEY: ${{ secrets.PATSY_SSH_PRIVATE_KEY }} | |
DROPLET_IP: "165.22.197.200" | |
NAME: "nitro-payment-proxy" | |
NITRO_ENDPOINT: "brad-node.statechannels.org:4005/api/v1" | |
DESTINATION_URL: "https://demo-files.ams3.digitaloceanspaces.com/" | |
TLS_CERT_FILE: /app/certs/live/payment-proxy.statechannels.org/fullchain.pem | |
TLS_KEY_FILE: /app/certs/live/payment-proxy.statechannels.org/privkey.pem | |
PROXY_PORT: 443 | |
run: | | |
echo "$SSH_PRIVATE_KEY" > private_key.pem | |
chmod 600 private_key.pem | |
ssh -o StrictHostKeyChecking=no -i private_key.pem root@$DROPLET_IP <<ENDSSH | |
docker login -u $DO_API_KEY -p $DO_API_KEY registry.digitalocean.com | |
docker pull registry.digitalocean.com/magmo/nitro-payment-proxy:latest | |
docker stop $NAME || true | |
docker rm $NAME || true | |
docker run --restart=unless-stopped -it -d --name $NAME \ | |
-v /etc/letsencrypt:/app/certs \ | |
-p 443:443 -p 80:80 -p 5511:5511 \ | |
-e NITRO_ENDPOINT=$NITRO_ENDPOINT \ | |
-e DESTINATION_URL=$DESTINATION_URL \ | |
-e TLS_CERT_FILE=$TLS_CERT_FILE \ | |
-e TLS_KEY_FILE=$TLS_KEY_FILE \ | |
-e PROXY_PORT=$PROXY_PORT \ | |
registry.digitalocean.com/magmo/nitro-payment-proxy:latest | |
ENDSSH | |
rm private_key.pem |