Deploy to Server #20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Server | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| vpn_username: | |
| description: 'USP Number' | |
| required: true | |
| type: string | |
| vpn_password: | |
| description: 'USP Password' | |
| required: true | |
| type: string | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Hide sensitive inputs | |
| uses: levibostian/action-hide-sensitive-inputs@v1 | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v2 | |
| with: | |
| version: latest | |
| - name: Install dependencies | |
| run: pnpm install --no-frozen-lockfile | |
| - name: Generate Panda CSS | |
| run: pnpm run prepare | |
| - name: Build project | |
| run: pnpm run build | |
| - name: Create deployment archive | |
| run: | | |
| cd dist | |
| zip -r ../ugl.zip . | |
| cd .. | |
| - name: Install openfortivpn | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y openfortivpn | |
| - name: Connect to FortiClient VPN | |
| run: | | |
| # Start VPN connection in background | |
| sudo openfortivpn ${{ secrets.FORTIGATE_SERVER }} \ | |
| --username="${{ github.event.inputs.vpn_username }}" \ | |
| --password="${{ github.event.inputs.vpn_password }}" \ | |
| --trusted-cert=${{ secrets.FORTIGATE_CERT }} & | |
| # Wait for VPN to establish | |
| sleep 10 | |
| - name: Install sshpass | |
| run: sudo apt-get update && sudo apt-get install -y sshpass | |
| - name: Deploy to server | |
| env: | |
| SSHPASS: ${{ secrets.SSH_PASSWORD }} | |
| run: | | |
| # Upload the build archive | |
| sshpass -e scp -o StrictHostKeyChecking=no ugl.zip ${{ secrets.SSH_USER }}@${{ secrets.SERVER_HOST }}:${{ secrets.DEPLOY_PATH }}/ | |
| # Execute deployment commands on server | |
| sshpass -e ssh -o StrictHostKeyChecking=no ${{ secrets.SSH_USER }}@${{ secrets.SERVER_HOST }} << 'EOF' | |
| cd ${{ secrets.DEPLOY_PATH }} | |
| # Backup current version (if exists) | |
| if [ -d "ugl" ]; then | |
| rm -rf ugl-old 2>/dev/null || true | |
| mv ugl ugl-old | |
| fi | |
| # Create new current directory and extract | |
| mkdir -p ugl | |
| cd ugl | |
| unzip -o ../ugl.zip | |
| cd .. | |
| # Clean up the zip file | |
| rm ugl.zip | |
| # Run deploy script (if exists) | |
| if [ -f "deploy.sh" ]; then | |
| chmod +x deploy.sh | |
| ./deploy.sh | |
| fi | |
| EOF |