From 585a8ad8ca4cfeab4df7ae5d852f5fb616b72aca Mon Sep 17 00:00:00 2001 From: cuqmbr Date: Tue, 24 Jun 2025 14:21:05 +0300 Subject: [PATCH] add deployment actions job --- .github/workflows/deploy.yml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..251a83e --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,36 @@ +--- + +on: + push: + branches: + - main + +jobs: + deploy: + runs-on: ubuntu-latest + steps: + - name: Checkout cuqmbr/homelab repository + run: git clone https://git.cuqmbr.xyz/cuqmbr/homelab.git --depth 1 --branch main --single-branch + - name: Setup ansible + run: apt-get update && apt-get install ansible-core -y + - name: Add SSH key + env: + SSH_AUTH_SOCK: /tmp/ssh_agent.sock + run: | + mkdir -p ~/.ssh + echo "${{secrets.ANSIBLE_SSH_KEY}}" > ~/.ssh/key + chmod 600 ~/.ssh/key + ssh-agent -a $SSH_AUTH_SOCK > /dev/null + ssh-add ~/.ssh/key + # Without the workaroud can't establish connection to targeted server + - name: Connect directly to bastion + env: + SSH_AUTH_SOCK: /tmp/ssh_agent.sock + run: | + ssh -o StrictHostKeyChecking=no gitea-actions@bastion.cuqmbr.home 'cat /etc/hostname' + - name: Run ansible playbook + env: + SSH_AUTH_SOCK: /tmp/ssh_agent.sock + run: | + cd ./homelab/ansible + ansible-playbook -u gitea-actions --ssh-common-args "-o StrictHostKeyChecking=no -o ProxyCommand='ssh -p 22 -W %h:%p -q gitea-actions@bastion.cuqmbr.home'" --private-key ~/.ssh/key -b --become-method doas --start-at-task 'Install hugo deb package from github.' --extra-vars "hugo_git_repo=${{github.server_url}}/${{github.repository}}.git hugo_git_refspec=${{github.ref}} hugo_git_commit=${{github.sha}}" -i inventories/dev/hosts.yml 20_main_page.yml