Try CI

Draco1js · Draco1js · commit ba1da031cf0d · 2025-04-29T21:40:34.000+05:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -11,58 +11,58 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      
+
       - name: Setup Node.js
         uses: actions/setup-node@v4
         with:
           node-version: '20'
-          
+
       - name: Install pnpm
         uses: pnpm/action-setup@v3
         with:
           version: 8
-          
+
       - name: Get pnpm store directory
         id: pnpm-cache
         shell: bash
         run: |
           echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
-          
+
       - uses: actions/cache@v4
         with:
           path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
           key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
           restore-keys: |
             ${{ runner.os }}-pnpm-store-
-            
+
       - name: Install dependencies
         run: pnpm install
-      
+
       - name: Install Playwright system dependencies
         run: |
           sudo apt-get update
           sudo apt-get install -y libgtk-4-1 libgraphene-1.0-0 libwoff1 libevent-2.1-7 libopus0 \
             libharfbuzz-icu0 libsecret-1-0 libhyphen0 libmanette-0.2-0 \
             libgles2 libx264-dev libavif-dev
-      
+
       - name: Install Playwright
         run: pnpm exec playwright install --with-deps
-        
+
       - name: Build shared package
         run: pnpm --filter shared build
-        
+
       - name: Type check
         run: |
           # Skip type checking for now and just build
           pnpm --filter shared build
           pnpm --filter server build --skipLibCheck
-          
+
       - name: Lint
         run: pnpm --filter client lint
-      
+
       - name: End-to-end tests
         run: pnpm e2e
-        
+
       - name: Build
         run: pnpm build
 
@@ -75,37 +75,37 @@ jobs:
       packages: write
     steps:
       - uses: actions/checkout@v4
-      
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-        
+
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-          
+
       - name: Set lowercase names
         id: lowercase
         run: |
           echo "owner=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
           echo "repo=$(echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
-          
+
       - name: Extract metadata for Docker
         id: meta
         uses: docker/metadata-action@v5
         with:
           images: ghcr.io/${{ steps.lowercase.outputs.owner }}/${{ steps.lowercase.outputs.repo }}
-          
+
       - name: Build and push client image
         uses: docker/build-push-action@v5
         with:
           context: .
           push: true
           tags: ghcr.io/${{ steps.lowercase.outputs.owner }}/${{ steps.lowercase.outputs.repo }}/client:latest
           target: client
-          
+
       - name: Build and push server image
         uses: docker/build-push-action@v5
         with:
@@ -114,6 +114,15 @@ jobs:
           tags: ghcr.io/${{ steps.lowercase.outputs.owner }}/${{ steps.lowercase.outputs.repo }}/server:latest
           target: server
 
+      - name: Copy Nginx config to VPS
+        uses: appleboy/scp-action@master
+        with:
+          host: ${{ secrets.VPS_HOST }}
+          username: ${{ secrets.VPS_USERNAME }}
+          key: ${{ secrets.VPS_SSH_KEY }}
+          source: "nginx/hackops.dracodev.me.conf"
+          target: "/tmp"
+
       - name: Deploy to VPS
         uses: appleboy/ssh-action@master
         with:
@@ -124,7 +133,7 @@ jobs:
             # Create app directory if it doesn't exist
             mkdir -p ~/hackops-submission
             cd ~/hackops-submission
-            
+
             # Create docker-compose file
             echo 'version: "3.8"' > docker-compose.yml
             echo '' >> docker-compose.yml
@@ -137,6 +146,7 @@ jobs:
             echo '      - NODE_ENV=production' >> docker-compose.yml
             echo '    depends_on:' >> docker-compose.yml
             echo '      - server' >> docker-compose.yml
+            echo '    restart: unless-stopped' >> docker-compose.yml
             echo '' >> docker-compose.yml
             echo '  server:' >> docker-compose.yml
             echo '    image: ghcr.io/${{ steps.lowercase.outputs.owner }}/${{ steps.lowercase.outputs.repo }}/server:latest' >> docker-compose.yml
@@ -145,9 +155,45 @@ jobs:
             echo '    environment:' >> docker-compose.yml
             echo '      - NODE_ENV=production' >> docker-compose.yml
             echo '    command: node /app/server/index.js' >> docker-compose.yml
-            
+            echo '    restart: unless-stopped' >> docker-compose.yml
+
             # Pull latest images and restart containers
             docker pull ghcr.io/${{ steps.lowercase.outputs.owner }}/${{ steps.lowercase.outputs.repo }}/client:latest
             docker pull ghcr.io/${{ steps.lowercase.outputs.owner }}/${{ steps.lowercase.outputs.repo }}/server:latest
             docker-compose down
             docker-compose up -d
+
+            # Set up Nginx
+            # Install Nginx if not already installed
+            if ! command -v nginx &> /dev/null; then
+              apt-get update
+              apt-get install -y nginx
+            fi
+
+            # Copy Nginx configuration
+            cp /tmp/nginx/hackops.dracodev.me.conf /etc/nginx/sites-available/hackops.dracodev.me
+
+            # Create symbolic link if it doesn't exist
+            if [ ! -f /etc/nginx/sites-enabled/hackops.dracodev.me ]; then
+              ln -s /etc/nginx/sites-available/hackops.dracodev.me /etc/nginx/sites-enabled/
+            fi
+
+            # Remove default site if it exists
+            if [ -f /etc/nginx/sites-enabled/default ]; then
+              rm /etc/nginx/sites-enabled/default
+            fi
+
+            # Test Nginx configuration
+            nginx -t
+
+            # Reload Nginx
+            systemctl reload nginx
+
+            # Install Certbot for SSL if not already installed
+            if ! command -v certbot &> /dev/null; then
+              apt-get update
+              apt-get install -y certbot python3-certbot-nginx
+            fi
+
+            # Set up SSL certificate
+            certbot --nginx -d hackops.dracodev.me --non-interactive --agree-tos --email admin@dracodev.me
diff --git a/README.md b/README.md
@@ -213,7 +213,36 @@ jobs:
 
 1. Merge code into `main`
 2. GitHub Actions pipeline runs tests, builds images, pushes to registry
-3. SSH into VPS: pulls images, updates `docker-compose.yml`, restarts services
+3. GitHub Actions deploys to VPS:
+   - Pulls latest images
+   - Updates `docker-compose.yml`
+   - Restarts services
+   - Configures Nginx as a reverse proxy
+   - Sets up SSL with Let's Encrypt
+
+### Setting Up GitHub Secrets for Deployment
+
+To enable automatic deployment to your VPS, you need to set up the following GitHub secrets:
+
+1. `VPS_HOST`: Your VPS IP address
+2. `VPS_USERNAME`: The username to connect to your VPS (usually `root`)
+3. `VPS_SSH_KEY`: Your SSH private key for connecting to the VPS
+
+You can use the provided script to set up these secrets:
+
+```bash
+# Make sure you have the GitHub CLI installed
+# https://cli.github.com/
+
+# Run the setup script
+./scripts/setup-github-secrets.sh
+```
+
+### Domain Configuration
+
+The deployment is configured to work with the domain `hackops.dracodev.me`. Make sure your domain's DNS records point to your VPS IP address:
+
+- Create an A record for `hackops.dracodev.me` pointing to your VPS IP address
 
 
 ## Configuration Files
diff --git a/nginx/hackops.dracodev.me.conf b/nginx/hackops.dracodev.me.conf
@@ -0,0 +1,31 @@
+server {
+    listen 80;
+    server_name hackops.dracodev.me;
+
+    location / {
+        proxy_pass http://localhost:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+    }
+
+    location /api {
+        proxy_pass http://localhost:3001;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+    }
+
+    location /socket.io {
+        proxy_pass http://localhost:3001;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+    }
+}
diff --git a/scripts/setup-github-secrets.sh b/scripts/setup-github-secrets.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+
+# This script helps you set up GitHub secrets for your CI/CD workflow
+# You'll need the GitHub CLI (gh) installed: https://cli.github.com/
+
+# Check if GitHub CLI is installed
+if ! command -v gh &> /dev/null; then
+    echo "GitHub CLI is not installed. Please install it first: https://cli.github.com/"
+    exit 1
+fi
+
+# Check if logged in to GitHub
+if ! gh auth status &> /dev/null; then
+    echo "You're not logged in to GitHub. Please run 'gh auth login' first."
+    exit 1
+fi
+
+# Get the repository name
+REPO=$(git config --get remote.origin.url | sed 's/.*github.com[:\/]\(.*\)\.git/\1/')
+
+if [ -z "$REPO" ]; then
+    echo "Could not determine repository name. Please make sure you're in a git repository with a GitHub remote."
+    exit 1
+fi
+
+echo "Setting up secrets for repository: $REPO"
+
+# Set VPS_HOST secret
+echo "Setting VPS_HOST secret..."
+gh secret set VPS_HOST --body "142.93.160.146" --repo "$REPO"
+
+# Set VPS_USERNAME secret
+echo "Setting VPS_USERNAME secret..."
+gh secret set VPS_USERNAME --body "root" --repo "$REPO"
+
+# Set VPS_SSH_KEY secret
+echo "Setting VPS_SSH_KEY secret..."
+# Read the SSH key from the file
+if [ -f "vps.key" ]; then
+    gh secret set VPS_SSH_KEY --body "$(cat vps.key)" --repo "$REPO"
+else
+    echo "SSH key file 'vps.key' not found. Please create this file with your SSH private key."
+    exit 1
+fi
+
+echo "GitHub secrets have been set up successfully!"
