(baby-project-deployment) #3 Creates a simple deployment action (#5)

I created the pipline prosess for deploying to the server. This only runs when something has been merged to main. The idea in the future is that each PR will create its own instance of the deployment. But that is something we can add in the future. The PR deployment will be like a RC (Release Candidate). That way we can test all or latest feautres agenst production before we actualy merge it and it gets deployed to production. But for now we only have the main branch that is essentaly production
TurkuForge · May 19, 2021 · 8dbe8d3 · 8dbe8d3
1 parent 97ecfbf
commit 8dbe8d3
Show file tree

Hide file tree

Showing 6 changed files with 166 additions and 4 deletions.
diff --git a/.env b/.env
@@ -0,0 +1 @@
+VERSION="0.1.0"
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -0,0 +1,18 @@
+name: DEPLOY
+on:
+  push:
+    branches: [ main ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - id: deploy
+        name: Dokku Deploy
+        uses: dokku/github-action@master
+        with:
+          git_remote_url: 'ssh://[email protected]:22/baby-project-server'
+          ssh_private_key: ${{ secrets.DOKKU_PRIVATE_KEY }}
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,14 @@
+FROM openjdk:15-buster
+
+EXPOSE 80
+
+RUN mkdir /app
+
+# Copy required files.
+COPY ./nginx.conf.sigil /app
+COPY ./.env /app
+COPY ./web.sh /app
+
+WORKDIR /app
+
+CMD bash web.sh
diff --git a/README.md b/README.md
@@ -1,6 +1,23 @@
 # Baby Project Deployment
-This repository serves as a form of documentation and deployment mechanism 
-through github actions for how we deploy the Baby Project to a server along with
-what security measures we have in place for securing the app and the server(s).
+We use a poly repo structure for a few reasons, but the main one is that we can make use of
+GitHub pages for each repo separately. That way we can deploy our documentation, test coverage, or even a full web app without extra fees. 
+That comes with some drawbacks, but some benefits as well. We publish individual releases from
+each repo and use this repo to deploy them.
 
-<!-- @TODO: add the deployment structure here once we have on -->
+We use [Dokku](https://dokku.com/) for deployment. The main reason is that it's quite easy to set up, scale, and maintain. You can however deploy it locally as well using Docker.
+
+First build it 🛠
+```shell
+docker build --tag baby-project .
+```
+Then run it 🏃‍
+```shell
+docker run --detach --publish 8080:80 baby-project
+```
+Then go to 
+`localhost:8080`
+and then you have the production environment running locally.
+
+The official deployment to the server is done through GitHub actions. The process is basically just bumping the version in
+the `.env` file that we keep in the version control and create a PR. Only organization members can create PRs for this repo.
+This is only for safety reasons. We don't want anyone to deploy unwanted changes.
diff --git a/nginx.conf.sigil b/nginx.conf.sigil
@@ -0,0 +1,85 @@
+server {
+    listen      [::]:80;
+    listen      80;
+    server_name {{ .NOSSL_SERVER_NAME }};
+
+    access_log  /var/log/nginx/{{ .APP }}-access.log;
+    error_log   /var/log/nginx/{{ .APP }}-error.log;
+
+    return 301 https://$host:443$request_uri;
+}
+
+server {
+    listen      [::]:443 ssl http2;
+    listen      443 ssl http2;
+    {{ if .SSL_SERVER_NAME }}server_name {{ .SSL_SERVER_NAME }}; {{ end }}
+
+    access_log  /var/log/nginx/{{ .APP }}-access.log;
+    error_log   /var/log/nginx/{{ .APP }}-error.log;
+
+    ssl_certificate     {{ .APP_SSL_PATH }}/server.crt;
+    ssl_certificate_key {{ .APP_SSL_PATH }}/server.key;
+    ssl_protocols             TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers off;
+
+    keepalive_timeout   70;
+
+
+    location / {
+        gzip on;
+        gzip_min_length  1100;
+        gzip_buffers  4 32k;
+        gzip_types    text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml  application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml;
+        gzip_vary on;
+        gzip_comp_level  6;
+
+        proxy_pass  http://{{ .APP }};
+                http2_push_preload on;
+        proxy_http_version 1.1;
+        proxy_read_timeout 60s;
+        proxy_buffer_size 4096;
+        proxy_buffering on;
+        proxy_buffers 8 4096;
+        proxy_busy_buffers_size 8192;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $http_connection;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Port $server_port;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Request-Start $msec;
+    }
+
+
+    include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf;
+
+  error_page 400 401 402 403 405 406 407 408 409 410 411 412 413 414 415 416 417 418 420 422 423 424 426 428 429 431 444 449 450 451 /400-error.html;
+  location /400-error.html {
+    root /var/lib/dokku/data/nginx-vhosts/dokku-errors;
+    internal;
+  }
+
+  error_page 404 /404-error.html;
+  location /404-error.html {
+    root /var/lib/dokku/data/nginx-vhosts/dokku-errors;
+    internal;
+  }
+
+  error_page 500 501 503 504 505 506 507 508 509 510 511 /500-error.html;
+  location /500-error.html {
+    root /var/lib/dokku/data/nginx-vhosts/dokku-errors;
+    internal;
+  }
+
+  error_page 502 /502-error.html;
+  location /502-error.html {
+    root /var/lib/dokku/data/nginx-vhosts/dokku-errors;
+    internal;
+  }
+}
+
+upstream {{ .APP }} {
+{{ range .DOKKU_APP_LISTENERS | split " " }}
+  server {{ . }};
+{{ end }}
+}
diff --git a/web.sh b/web.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+# This file is run once the Docker container in this repo has been built and started.
+
+if [ -f .env ]
+then
+  export $(cat .env | sed 's/#.*//g' | xargs)
+fi
+
+# Prints out version
+echo "$VERSION"
+
+# Defines some variables
+ZIP_FILE_NAME="baby-project-server-v$VERSION.zip"
+REPO_URL="https://github.com/TurkuForge/baby-project-server/releases/download/v$VERSION/$ZIP_FILE_NAME"
+FOLDER_NAME="baby-project-server"
+JAR_PATH="$FOLDER_NAME/libs/babyproject-$VERSION.jar"
+
+echo "Downloads given version"
+wget "$REPO_URL"
+
+echo "Unzipping download zip"
+unzip "$ZIP_FILE_NAME" -d "$FOLDER_NAME"
+
+echo "Starting server"
+java -jar "$JAR_PATH" --server.port=80
+
+