🐛 Fix LinkedIn link #15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # docs: https://docs.github.com/en/actions | |
| # todo: self-host the runner on EC2 too? | |
| # https://docs.github.com/en/actions/how-tos/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners | |
| name: push-to-EC2 | |
| permissions: | |
| contents: read | |
| id-token: write | |
| on: | |
| push: | |
| branches: [ main ] | |
| paths-ignore: | |
| - README.md | |
| - .gitignore | |
| - .github/workflows/* | |
| - .run/* | |
| workflow_dispatch: | |
| inputs: | |
| example: | |
| description: 'Example on/off input' | |
| required: false | |
| type: boolean | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Following https://stackoverflow.com/a/72494416/7253717 | |
| - name: get action runner ip address | |
| id: ip | |
| uses: haythem/public-ip@v1.3 | |
| - name: git clone the repository | |
| uses: actions/checkout@v4 | |
| - name: configure aws credentials | |
| uses: aws-actions/configure-aws-credentials@v4.2.1 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_IAM_ROLE }} | |
| role-session-name: github-deployment-action | |
| aws-region: eu-west-2 | |
| - name: whitelist runner ip address (via aws CLI) | |
| run: | | |
| aws ec2 authorize-security-group-ingress \ | |
| --group-id ${{ secrets.AWS_INSTANCE_SG_ID }} \ | |
| --protocol tcp \ | |
| --port 22 \ | |
| --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
| # Uses deploy strategy of https://stackoverflow.com/a/66661512/7253717 | |
| - name: deploy to EC2 Server (via ssh-deploy) | |
| uses: easingthemes/ssh-deploy@v5.1.1 | |
| with: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| REMOTE_HOST: ${{ secrets.REMOTE_HOST }} | |
| REMOTE_USER: ${{ secrets.REMOTE_USER }} | |
| SCRIPT_BEFORE: | | |
| export PATH="/home/${{ secrets.REMOTE_USER }}/.deno/bin:$PATH" | |
| cd ~/pegasib.dev | |
| pup disable-service | |
| echo "Uninstalled pup service." | |
| # -i = output a change-summary for all updates, -r = recurse into dirs, -l = copy links, -g = group, -o = owner, | |
| # -D = --devices --specials, -z = compress, -v = verbose, -c = skip based on checksum, not mod-time & size | |
| # --delete-after = receiver deletes after transfer, not before (to empty .pup directory first) | |
| ARGS: "-rlgoDzvc -i --delete-after" | |
| SOURCE: "/" | |
| TARGET: "~/pegasib.dev" | |
| # Excludes all node_modules subdirectories etc. Do not include git things on server. | |
| EXCLUDE: "*/node_modules/, */_fresh/, .git/, .run/, .github/" | |
| SCRIPT_AFTER: | | |
| export PATH="/home/${{ secrets.REMOTE_USER }}/.deno/bin:$PATH" | |
| echo "Starting Deno build and deployment for home_server..." | |
| cd ~/pegasib.dev/home_server | |
| deno task build | |
| echo "Starting Deno build and deployment for heardle_server..." | |
| cd ../heardle_server | |
| deno task build | |
| cd ~/pegasib.dev | |
| echo "Re-enabling pup service and restarting servers..." | |
| pup enable-service | |
| pup restart home_server | |
| pup restart heardle_server | |
| SCRIPT_AFTER_REQUIRED: true | |
| - name: revoke runner ip address (via aws CLI) | |
| run: | | |
| aws ec2 revoke-security-group-ingress \ | |
| --group-id ${{ secrets.AWS_INSTANCE_SG_ID }} \ | |
| --protocol tcp \ | |
| --port 22 \ | |
| --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
| if: ${{ always() }} |