ci: migrate deploy job to SSH compose and include scheduler service

2026-02-21 23:52:36 -08:00 · 2026-02-21 23:52:36 -08:00 · 52af2a755c
commit 52af2a755c
parent 54c46dd5ac
2 changed files with 32 additions and 21 deletions
--- a/.gitea/workflows/deploy-dokploy.yml
+++ b/.gitea/workflows/deploy-dokploy.yml
@ -1,4 +1,4 @@
-name: Build & Deploy Fiddy (Dokploy)
+name: Build & Deploy Fiddy (SSH Compose)

 on:
  push:
@ -50,35 +50,40 @@ jobs:
  deploy:
    needs: build
    runs-on: ubuntu-latest
+    env:
+      IMAGE_TAG: ${{ github.sha }}
+      DEPLOY_PATH: /opt/fiddy
    steps:
      - name: Checkout repo
        uses: actions/checkout@v3

-      - name: Trigger Dokploy Deploy
-        env:
-          DOKPLOY_DEPLOY_HOOK: ${{ secrets.DOKPLOY_DEPLOY_HOOK }}
-          IMAGE_TAG: ${{ github.sha }}
+      - name: Install SSH key
        run: |
-          if [ -z "$DOKPLOY_DEPLOY_HOOK" ]; then
-            echo "Missing DOKPLOY_DEPLOY_HOOK secret"
+          set -euo pipefail
+          if [ -z "${{ secrets.DEPLOY_KEY }}" ]; then
+            echo "Missing DEPLOY_KEY secret"
            exit 1
          fi
-          curl -fsS -X POST "$DOKPLOY_DEPLOY_HOOK" \
-            -H "Content-Type: application/json" \
-            -d "{\"imageTag\":\"$IMAGE_TAG\"}"
+          mkdir -p ~/.ssh
+          printf "%s" "${{ secrets.DEPLOY_KEY }}" > ~/.ssh/id_ed25519
+          chmod 600 ~/.ssh/id_ed25519
+          ssh-keyscan -H "${{ secrets.DEPLOY_HOST }}" >> ~/.ssh/known_hosts

-      - name: Trigger Dokploy Scheduler Deploy
-        env:
-          DOKPLOY_SCHEDULER_DEPLOY_HOOK: ${{ secrets.DOKPLOY_SCHEDULER_DEPLOY_HOOK }}
-          IMAGE_TAG: ${{ github.sha }}
+      - name: Upload compose file
        run: |
-          if [ -z "$DOKPLOY_SCHEDULER_DEPLOY_HOOK" ]; then
-            echo "DOKPLOY_SCHEDULER_DEPLOY_HOOK not set; skipping scheduler deploy trigger"
-            exit 0
+          set -euo pipefail
+          if [ -z "${{ secrets.DEPLOY_HOST }}" ] || [ -z "${{ secrets.DEPLOY_USER }}" ]; then
+            echo "Missing DEPLOY_HOST or DEPLOY_USER secret"
+            exit 1
          fi
-          curl -fsS -X POST "$DOKPLOY_SCHEDULER_DEPLOY_HOOK" \
-            -H "Content-Type: application/json" \
-            -d "{\"imageTag\":\"$IMAGE_TAG\"}"
+          ssh "${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }}" "mkdir -p '$DEPLOY_PATH'"
+          scp docker-compose.yml "${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }}:$DEPLOY_PATH/docker-compose.yml"
+
+      - name: Deploy via SSH Compose
+        run: |
+          set -euo pipefail
+          ssh "${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }}" \
+            "cd '$DEPLOY_PATH' && IMAGE_TAG='$IMAGE_TAG' docker compose pull && IMAGE_TAG='$IMAGE_TAG' docker compose up -d --remove-orphans && docker image prune -f"

      - name: Wait for Ready Health Check
        env:
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -6,5 +6,11 @@ services:
    environment:
      - NODE_ENV=production
    ports:
-      - "3000:3000"
+      - "3010:3000"
+    restart: always
+
+  scheduler:
+    image: git.nicosaya.com/nalalangan/fiddy/scheduler:${IMAGE_TAG}
+    env_file:
+      - ./.env
    restart: always