diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 94eb58f..d9976e4 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -13,18 +13,17 @@ jobs: run: | git clone --depth=1 --branch=${{ github.ref_name }} https://gitea.airlabs.art/${{ github.repository }}.git . - - name: Sync to server + - name: Setup SSH run: | - # 写入 SSH 私钥 mkdir -p ~/.ssh printf '%s\n' '${{ secrets.INTERNAL_SERVER_SSH_KEY }}' > ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa ssh-keyscan -H 118.196.70.19 >> ~/.ssh/known_hosts 2>/dev/null - # 先清空服务器目录,再上传项目文件 + - name: Sync files to server + run: | ssh root@118.196.70.19 "rm -rf /data/static-sites/* && mkdir -p /data/static-sites" - # 找出所有项目目录并 scp 上传 for dir in */; do case "$dir" in .gitea/|.git/|k8s/) continue ;; @@ -35,10 +34,75 @@ jobs: echo "✓ 文件同步完成" + - name: Auto generate and apply Ingress + run: | + # 收集所有项目目录名 + PROJECTS="" + for dir in */; do + case "$dir" in + .gitea/|.git/|k8s/) continue ;; + esac + name="${dir%/}" + PROJECTS="$PROJECTS $name" + done + + # 生成 Ingress YAML + cat > /tmp/ingress.yaml <<'HEADER' + apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + name: static-sites-ingress + annotations: + kubernetes.io/ingress.class: "traefik" + cert-manager.io/cluster-issuer: "letsencrypt-prod" + spec: + tls: + HEADER + + # 生成 TLS 段 + for name in $PROJECTS; do + cat >> /tmp/ingress.yaml <> /tmp/ingress.yaml + for name in $PROJECTS; do + cat >> /tmp/ingress.yaml < ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H 118.196.70.19 >> ~/.ssh/known_hosts 2>/dev/null - ssh root@118.196.70.19 "ls -laR /data/static-sites/" + ssh root@118.196.70.19 " + echo '=== 站点文件 ===' + ls -la /data/static-sites/ + echo '' + echo '=== Ingress ===' + kubectl get ingress static-sites-ingress + echo '' + echo '=== 证书 ===' + kubectl get certificate + "