97 lines
3.4 KiB
YAML
97 lines
3.4 KiB
YAML
name: Deploy Static Sites
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
run: |
|
|
git clone --depth=1 --branch=${{ github.ref_name }} https://gitea.airlabs.art/${{ github.repository }}.git .
|
|
|
|
- name: Setup SSH
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
printf '%s\n' '${{ secrets.INTERNAL_SERVER_SSH_KEY }}' > ~/.ssh/id_rsa
|
|
chmod 600 ~/.ssh/id_rsa
|
|
ssh-keyscan -H 118.196.70.19 >> ~/.ssh/known_hosts 2>/dev/null
|
|
|
|
- name: Sync files to server
|
|
run: |
|
|
ssh root@118.196.70.19 "rm -rf /data/static-sites/* && mkdir -p /data/static-sites"
|
|
|
|
for dir in */; do
|
|
case "$dir" in
|
|
.gitea/|.git/|k8s/) continue ;;
|
|
esac
|
|
echo "上传 $dir ..."
|
|
scp -r "$dir" root@118.196.70.19:/data/static-sites/
|
|
done
|
|
|
|
echo "✓ 文件同步完成"
|
|
|
|
- name: Auto generate and apply Ingress
|
|
run: |
|
|
PROJECTS=""
|
|
for dir in */; do
|
|
case "$dir" in
|
|
.gitea/|.git/|k8s/) continue ;;
|
|
esac
|
|
PROJECTS="$PROJECTS ${dir%/}"
|
|
done
|
|
|
|
# 头部
|
|
printf 'apiVersion: networking.k8s.io/v1\n' > /tmp/ingress.yaml
|
|
printf 'kind: Ingress\n' >> /tmp/ingress.yaml
|
|
printf 'metadata:\n' >> /tmp/ingress.yaml
|
|
printf ' name: static-sites-ingress\n' >> /tmp/ingress.yaml
|
|
printf ' annotations:\n' >> /tmp/ingress.yaml
|
|
printf ' kubernetes.io/ingress.class: "traefik"\n' >> /tmp/ingress.yaml
|
|
printf ' cert-manager.io/cluster-issuer: "letsencrypt-prod"\n' >> /tmp/ingress.yaml
|
|
printf 'spec:\n' >> /tmp/ingress.yaml
|
|
printf ' tls:\n' >> /tmp/ingress.yaml
|
|
|
|
for name in $PROJECTS; do
|
|
printf ' - hosts:\n' >> /tmp/ingress.yaml
|
|
printf ' - %s.airlabs.art\n' "$name" >> /tmp/ingress.yaml
|
|
printf ' secretName: %s-tls\n' "$name" >> /tmp/ingress.yaml
|
|
done
|
|
|
|
printf ' rules:\n' >> /tmp/ingress.yaml
|
|
for name in $PROJECTS; do
|
|
printf ' - host: %s.airlabs.art\n' "$name" >> /tmp/ingress.yaml
|
|
printf ' http:\n' >> /tmp/ingress.yaml
|
|
printf ' paths:\n' >> /tmp/ingress.yaml
|
|
printf ' - path: /\n' >> /tmp/ingress.yaml
|
|
printf ' pathType: Prefix\n' >> /tmp/ingress.yaml
|
|
printf ' backend:\n' >> /tmp/ingress.yaml
|
|
printf ' service:\n' >> /tmp/ingress.yaml
|
|
printf ' name: static-sites\n' >> /tmp/ingress.yaml
|
|
printf ' port:\n' >> /tmp/ingress.yaml
|
|
printf ' number: 80\n' >> /tmp/ingress.yaml
|
|
done
|
|
|
|
echo "--- 生成的 Ingress ---"
|
|
cat /tmp/ingress.yaml
|
|
|
|
scp /tmp/ingress.yaml root@118.196.70.19:/tmp/ingress.yaml
|
|
ssh root@118.196.70.19 "kubectl apply -f /tmp/ingress.yaml"
|
|
echo "✓ Ingress 已自动更新"
|
|
|
|
- name: Verify
|
|
run: |
|
|
ssh root@118.196.70.19 "
|
|
echo '=== 站点文件 ==='
|
|
ls -la /data/static-sites/
|
|
echo ''
|
|
echo '=== Ingress ==='
|
|
kubectl get ingress static-sites-ingress
|
|
echo ''
|
|
echo '=== 证书 ==='
|
|
kubectl get certificate
|
|
"
|