7102f9b15d
- Docker nginx 대신 서버 nginx 설정 직접 적용 - sudo NOPASSWD 특정 명령어만 허용하여 보안 유지 - nginx -t 및 systemctl reload 자동화 - README.md 배포 플로우 업데이트 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
41 lines
1.2 KiB
YAML
41 lines
1.2 KiB
YAML
name: Deploy to Ubuntu Server
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout source
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup SSH key
|
|
uses: webfactory/ssh-agent@v0.9.0
|
|
with:
|
|
ssh-private-key: ${{ secrets.NAS_SSH_KEY_ADMIN }}
|
|
|
|
- name: Deploy files via SCP
|
|
env:
|
|
HOST: ${{ secrets.NAS_HOST }}
|
|
PORT: ${{ secrets.NAS_PORT }}
|
|
USER: ${{ secrets.NAS_USER }}
|
|
run: |
|
|
ssh -o StrictHostKeyChecking=no -p $PORT $USER@$HOST "rm -rf ~/robeing-nginx/* || true; mkdir -p ~/robeing-nginx"
|
|
tar --exclude='.git' -czf - . | ssh -o StrictHostKeyChecking=no -p $PORT $USER@$HOST "cd ~/robeing-nginx && tar -xzf -"
|
|
|
|
- name: Apply nginx config via SSH
|
|
env:
|
|
HOST: ${{ secrets.NAS_HOST }}
|
|
PORT: ${{ secrets.NAS_PORT }}
|
|
USER: ${{ secrets.NAS_USER }}
|
|
run: |
|
|
ssh -o StrictHostKeyChecking=no -p $PORT $USER@$HOST << 'EOF'
|
|
cd ~/robeing-nginx
|
|
sudo cp server-nginx-default /etc/nginx/sites-available/default
|
|
sudo nginx -t
|
|
sudo systemctl reload nginx
|
|
docker compose down || true
|
|
EOF |