Set singular deployment structure for new vikunja image #283
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy | |
on: | |
push: | |
branches: | |
- '**' # running only on main branch is pointless until we have a development environment | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Fetch repository | |
id: fetch | |
uses: actions/checkout@v3 | |
- name: Setup Tailscale | |
id: tailscale | |
uses: tailscale/github-action@v1 | |
with: | |
authkey: ${{ secrets.TAILSCALE_AUTHKEY }} | |
- name: Add SSH key | |
id: ssh | |
env: | |
SSH_KEY: ${{ secrets.SSH_KEY }} | |
SSH_USER: ${{ secrets.SSH_USER }} | |
MACHINE_NAME: ${{ secrets.MACHINE_NAME }} | |
run: | | |
mkdir -p ~/.ssh | |
MACHINE_IP="$(tailscale ip -4 ${MACHINE_NAME})" | |
echo "::add-mask::${MACHINE_IP}" | |
echo "GITHUB_MACHINE_IP=${MACHINE_IP}" >> ${GITHUB_ENV} | |
ssh-keyscan ${MACHINE_IP} >> ~/.ssh/known_hosts | |
printf "%s" "${SSH_KEY}" > ~/.ssh/key | |
chmod 600 ~/.ssh/key | |
printf "Host homelab\n\tUser %s\n\tIdentityFile %s\n\tHostName %s" "${SSH_USER}" "~/.ssh/key" "${MACHINE_IP}" > ~/.ssh/config | |
- name: Set up Bitwarden | |
id: bitwarden | |
env: | |
BW_EMAIL: ${{ secrets.BW_EMAIL }} | |
BW_PW: ${{ secrets.BW_PW }} | |
BW_CLIENTID: ${{ secrets.BW_CLIENTID }} | |
BW_CLIENTSECRET: ${{ secrets.BW_CLIENTSECRET }} | |
run: | | |
npm install -g @bitwarden/cli | |
bw login --apikey >/dev/null | |
export BW_SESSION=$(bw unlock --raw "${BW_PW}") >/dev/null | |
echo "BW_SESSION=${BW_SESSION}" >> ${GITHUB_ENV} | |
echo "::add-mask::${BW_SESSION}" | |
bw sync | |
- name: Run Ansible playbook | |
uses: dawidd6/action-ansible-playbook@v2 | |
with: | |
playbook: playbook.yml | |
requirements: requirements.yml | |
options: | | |
--inventory hosts | |
--verbose | |
--extra-vars "HOST_EXTERNAL_IPV4=${{ env.GITHUB_MACHINE_IP }} hdd_mount_path=${{ secrets.STORAGE_MOUNT_PATH }} install_arch=${{ secrets.INSTALL_ARCH }}" |