Files
deepdrft/deploy/deploy-public.sh
T
daniel-c-harvey 9bb11e47c7 feat(deploy): add full CD pipeline infrastructure for DeepDrftHome
Four Gitea workflows (deploy-public, deploy-manager, deploy-api,
package-install) and a complete deploy/ folder: bootstrap, install,
ssh-wrapper, three deploy scripts, setup-step10-creds, three systemd
user units, two nginx vhost templates. Models Skipper's deploy
infrastructure with key deviations: flat csproj paths, dual PostgreSQL
databases, FileDatabase vault directory (never touched on deploy), EF
bundle covers DeepDrftContext only (AuthBlocks self-migrates at boot),
deploy-api reads DB connection from host credentials not CI args.
2026-06-04 10:45:50 -04:00

47 lines
1.7 KiB
Bash

#!/usr/bin/env bash
# Installed to: /opt/<APP_USER>/bin/deploy-public.sh
# Deployed by: deploy-public Gitea Actions workflow (ssh forced-command)
#
# Expects in ${APP_HOME}/staging/:
# deepdrft-public.tar.gz -- published self-contained linux-x64 binary tree
#
# DeepDrftPublic receives its API URL credential via systemd LoadCredential
# (api-public.json -> $CREDENTIALS_DIRECTORY/api at runtime). No env file copy needed.
#
# Paths are derived at runtime — no hardcoded usernames or home dirs.
# APP_HOME comes from $HOME (sshd sets this for the app user).
set -euo pipefail
export XDG_RUNTIME_DIR="/run/user/$(id -u)"
APP_HOME="${HOME}"
export PATH="${APP_HOME}/.local/bin:${PATH}"
STAGING="${APP_HOME}/staging"
APPROOT="${APP_HOME}/public"
ARCHIVE="deepdrft-public.tar.gz"
echo "[deploy-public] $(date -u +%Y-%m-%dT%H:%M:%SZ) starting"
# ── Swap in new binary tree ────────────────────────────────────────────────
rm -rf "${APPROOT}/bin.prev"
if [[ -d "${APPROOT}/bin" ]]; then
mv "${APPROOT}/bin" "${APPROOT}/bin.prev"
fi
mkdir -p "${APPROOT}/bin"
tar -xzf "${STAGING}/${ARCHIVE}" -C "${APPROOT}/bin"
rm -f "${STAGING}/${ARCHIVE}"
echo "[deploy-public] archive extracted"
# ── Enable and restart service ─────────────────────────────────────────────
systemctl --user enable deepdrftpublic.service
systemctl --user restart deepdrftpublic.service
systemctl --user is-active --quiet deepdrftpublic.service \
&& echo "[deploy-public] service is active" \
|| { echo "[deploy-public] ERROR: service failed to start" >&2; exit 1; }
echo "[deploy-public] done"