diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 31e8164..aae1126 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -22,7 +22,7 @@ jobs: with: ruby-version: 3.3.0 bundler-cache: true - - run: gem install kamal -v 1.8.3 + - run: gem install kamal -v 2.0.0 - uses: webfactory/ssh-agent@v0.9.0 with: ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} diff --git a/.kamal/secrets b/.kamal/secrets new file mode 100644 index 0000000..d196fd1 --- /dev/null +++ b/.kamal/secrets @@ -0,0 +1,2 @@ +SESSION_SECRET=$SESSION_SECRET +KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD diff --git a/config/deploy.yml b/config/deploy.yml index 71750b4..050cca9 100644 --- a/config/deploy.yml +++ b/config/deploy.yml @@ -2,17 +2,7 @@ service: todox image: paganotoni/todox servers: web: - hosts: - - <%= ENV['PRODUCTION_SERVER_IP'] %> - options: - "add-host": host.docker.internal:host-gateway - labels: - traefik.http.services.todox-web.loadbalancer.server.port: 3000 - traefik.http.routers.todox.rule: "Host(`todox.antoniopagano.com`)" - traefik.http.routers.todox_secure.rule: "Host(`todox.antoniopagano.com`)" - traefik.http.routers.todox_secure.entrypoints: websecure - traefik.http.routers.todox_secure.tls: true - traefik.http.routers.todox_secure.tls.certresolver: letsencrypt + - <%= ENV['PRODUCTION_SERVER_IP'] %> volumes: - /data/todox:/data/todox @@ -25,30 +15,21 @@ registry: env: clear: - HOST: 0.0.0.0 GO_ENV: production DATABASE_URL: /data/todox/database.db secret: - SESSION_SECRET -healthcheck: - cmd: wget -qO- http://localhost:3000/health - max_attempts: 2 -traefik: - options: - publish: - - "443:443" - volume: - - "/letsencrypt/acme.json:/letsencrypt/acme.json" - args: - entryPoints.web.address: ":80" - entryPoints.websecure.address: ":443" - certificatesResolvers.letsencrypt.acme.email: "antonio@pagano.id" - certificatesResolvers.letsencrypt.acme.storage: "/letsencrypt/acme.json" - certificatesResolvers.letsencrypt.acme.httpchallenge: true - certificatesResolvers.letsencrypt.acme.httpchallenge.entrypoint: web +proxy: + host: todox.antoniopagano.com + ssl: true + app_port: 3000 + healthcheck: + interval: 2 + timeout: 2 + path: /health builder: - multiarch: false + arch: amd64 cache: type: gha