feat: add reusable nextjs-deploy and nextjs-nginx-conf workflows

.gitea/workflows/nextjs-nginx-conf.yaml

@@ -0,0 +1,98 @@
+name: Generate Nginx Config
+run-name: 🔧 Generate Nginx config for ${{ vars.VAR_APP_NAME }}
+
+on:
+  workflow_call:
+  workflow_dispatch:
+  push:
+    paths:
+      - '.gitea/workflows/nextjs-nginx-conf.yaml'
+      - '.gitea/templates/nginx-nextjs-site.conf.template'
+    branches:
+      - main
+
+jobs:
+  generate-config:
+    runs-on: ubuntu-latest
+
+    env:
+      APP_NAME: ${{ vars.VAR_APP_NAME }}
+      NEXTJS_PORT: ${{ vars.NEXTJS_PORT }}
+      WEBSITE_URL: ${{ vars.WEBSITE_URL }}
+      ADMIN_EMAIL: ${{ vars.ADMIN_EMAIL }}
+
+    steps:
+      - name: 📥 Checkout devops
+        uses: actions/checkout@v3
+        with:
+          repository: Infrastructure/gitea-workflows
+          ref: main
+          fetch-depth: 1
+
+      - name: 📋 Infos de génération
+        run: |
+          echo "APP_NAME    : ${{ env.APP_NAME }}"
+          echo "NEXTJS_PORT : ${{ env.NEXTJS_PORT }}"
+          echo "WEBSITE_URL : ${{ env.WEBSITE_URL }}"
+          if [ -z "${{ env.APP_NAME }}" ]; then echo "❌ VAR_APP_NAME manquant" && exit 1; fi
+          if [ -z "${{ env.NEXTJS_PORT }}" ]; then echo "❌ NEXTJS_PORT manquant" && exit 1; fi
+          if [ -z "${{ env.WEBSITE_URL }}" ]; then echo "❌ WEBSITE_URL manquant" && exit 1; fi
+
+      - name: 🔧 Génération du fichier de configuration
+        run: |
+          DOMAIN=$(echo "${{ env.WEBSITE_URL }}" | sed -E 's#^https?://##' | sed -E 's#/.*$##')
+          CONFIG_FILENAME="${DOMAIN}.conf"
+          LOCAL_TEMP="/tmp/$CONFIG_FILENAME"
+          cp .gitea/templates/nginx-nextjs-site.conf.template "$LOCAL_TEMP"
+          sed -i "s/{{DOMAIN}}/$DOMAIN/g" "$LOCAL_TEMP"
+          sed -i "s/{{PORT}}/${{ env.NEXTJS_PORT }}/g" "$LOCAL_TEMP"
+          cat "$LOCAL_TEMP"
+
+      - name: 🛠️ Déploiement page maintenance
+        run: |
+          sudo mkdir -p /var/www/errors
+          sudo cp .gitea/templates/maintenance.html /var/www/errors/maintenance.html
+          sudo chmod 644 /var/www/errors/maintenance.html
+
+      - name: 🔒 Certificat SSL (certbot --standalone si absent)
+        run: |
+          DOMAIN=$(echo "${{ env.WEBSITE_URL }}" | sed -E 's#^https?://##' | sed -E 's#/.*$##')
+          CERT_PATH="/etc/letsencrypt/live/$DOMAIN/fullchain.pem"
+
+          # Installer certbot si absent
+          if ! command -v certbot &>/dev/null; then
+            echo "📦 Installation de certbot..."
+            sudo apt-get update -qq
+            sudo apt-get install -y -qq certbot
+          fi
+
+          if [ -f "$CERT_PATH" ]; then
+            echo "✅ Certificat existant trouvé — aucune action requise"
+          else
+            echo "🔐 Certificat absent — obtention via certbot --standalone"
+            # Arrêt de nginx pour libérer le port 80 (standalone en a besoin)
+            sudo systemctl stop nginx || true
+            sudo certbot certonly \
+              --standalone \
+              --non-interactive \
+              --agree-tos \
+              --email "${{ env.ADMIN_EMAIL }}" \
+              -d "$DOMAIN"
+            echo "✅ Certificat obtenu pour $DOMAIN"
+          fi
+
+      - name: 🚀 Installation NGINX
+        run: |
+          DOMAIN=$(echo "${{ env.WEBSITE_URL }}" | sed -E 's#^https?://##' | sed -E 's#/.*$##')
+          CONFIG_FILENAME="${DOMAIN}.conf"
+          LOCAL_TEMP="/tmp/$CONFIG_FILENAME"
+          TARGET_AVAILABLE="/etc/nginx/sites-available/$CONFIG_FILENAME"
+          TARGET_ENABLED="/etc/nginx/sites-enabled/$CONFIG_FILENAME"
+          sudo mv "$LOCAL_TEMP" "$TARGET_AVAILABLE"
+          if [ ! -f "$TARGET_ENABLED" ]; then sudo ln -s "$TARGET_AVAILABLE" "$TARGET_ENABLED"; fi
+          sudo nginx -t
+          if sudo systemctl is-active --quiet nginx; then
+            sudo systemctl reload nginx
+          else
+            sudo systemctl start nginx
+          fi