public/gitea-workflows
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add reusable nextjs-deploy and nextjs-nginx-conf workflows
Some checks failed
Generate Nginx Config / generate-config (push) Failing after 33s
Details

Browse Source
This commit is contained in:
sursini
2026-03-10 17:48:59 -03:00
commit c1748d6819
4 changed files with 271 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
.gitea/templates/maintenance.html Normal file
View File

@@ -0,0 +1,62 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Kalpasys — Maintenance</title>
<style>
*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
background: #0a0a0a;
color: #f0f0f0;
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
flex-direction: column;
gap: 1.5rem;
text-align: center;
padding: 2rem;
}
.logo {
font-size: 1.5rem;
font-weight: 700;
letter-spacing: -0.03em;
background: linear-gradient(90deg, #2F5BFF, #6B3BFF, #D62F8A);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
background-clip: text;
}
h1 {
font-size: clamp(1.5rem, 4vw, 2.5rem);
font-weight: 600;
letter-spacing: -0.02em;
}
p {
font-size: 1rem;
color: #6F6F6F;
max-width: 400px;
line-height: 1.6;
}
.dot {
display: inline-block;
width: 8px;
height: 8px;
background: #6B3BFF;
border-radius: 50%;
animation: pulse 1.5s ease-in-out infinite;
}
@keyframes pulse {
0%, 100% { opacity: 1; transform: scale(1); }
50% { opacity: 0.4; transform: scale(0.8); }
}
</style>
</head>
<body>
<div class="logo">Kalpasys</div>
<span class="dot"></span>
<h1>Under maintenance</h1>
<p>We're working on something. Back shortly.</p>
</body>
</html>

37
.gitea/templates/nginx-nextjs-site.conf.template Normal file
View File

@@ -0,0 +1,37 @@
# Kalpasys generated by nextjs-nginx-conf.yaml
server {
listen 80;
server_name {{DOMAIN}};
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name {{DOMAIN}};
ssl_certificate /etc/letsencrypt/live/{{DOMAIN}}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{DOMAIN}}/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
error_page 502 503 504 /maintenance.html;
location = /maintenance.html {
root /var/www/errors;
internal;
}
location / {
proxy_intercept_errors on;
proxy_pass http://127.0.0.1:{{PORT}};
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}

74
.gitea/workflows/nextjs-deploy.yaml Normal file
View File

@@ -0,0 +1,74 @@
name: Deploy to Production
run-name: 🚀 Deploy ${{ github.event.repository.name }} ${{ github.ref_name }}
on:
workflow_call:
push:
tags:
- "v*"
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
env:
VAR_APP_NAME: ${{ vars.VAR_APP_NAME }}
steps:
- name: 📥 Checkout
uses: actions/checkout@v4
- name: 🟢 Setup Node 20 + Cache
uses: actions/setup-node@v4
with:
node-version: 20
cache: "npm"
cache-dependency-path: web/package-lock.json
- name: 📦 Install dependencies
working-directory: web
run: npm ci --include=dev
- name: Create Env
uses: jakubcieslik99/secrets-vars-to-env-file-action@main
with:
secrets: ${{ toJSON(secrets) }}
vars: ${{ toJSON(vars) }}
generate-file: "web/.env"
- name: 🏗️ Build Next.js (Standalone)
working-directory: web
run: |
npm run build
test -d .next/standalone || (echo "Standalone build missing" && exit 1)
test -d .next/static || (echo "Static assets missing" && exit 1)
- name: 🚀 Deploy (Atomic Release)
run: |
set -e
DEPLOY_BASE="/var/www/${VAR_APP_NAME}"
RELEASE_DIR="$DEPLOY_BASE/releases/$(date +%Y%m%d%H%M%S)"
CURRENT_LINK="$DEPLOY_BASE/current"
mkdir -p "$RELEASE_DIR"
cp -r web/.next/standalone/. "$RELEASE_DIR/"
mkdir -p "$RELEASE_DIR/.next/static"
cp -r web/.next/static/. "$RELEASE_DIR/.next/static/"
if [ -d "web/public" ]; then
cp -r web/public "$RELEASE_DIR/"
fi
cp web/.env "$RELEASE_DIR/"
SHARED_LOGS="$DEPLOY_BASE/shared/logs"
mkdir -p "$SHARED_LOGS"
ln -sfn "$RELEASE_DIR" "$CURRENT_LINK"
- name: 🔄 Reload PM2
run: |
set -e
echo "Restarting $VAR_APP_NAME"
sudo -u ansible pm2 restart "$VAR_APP_NAME"
sudo -u ansible pm2 save

98
.gitea/workflows/nextjs-nginx-conf.yaml Normal file
View File

@@ -0,0 +1,98 @@
name: Generate Nginx Config
run-name: 🔧 Generate Nginx config for ${{ vars.VAR_APP_NAME }}
on:
workflow_call:
workflow_dispatch:
push:
paths:
- '.gitea/workflows/nextjs-nginx-conf.yaml'
- '.gitea/templates/nginx-nextjs-site.conf.template'
branches:
- main
jobs:
generate-config:
runs-on: ubuntu-latest
env:
APP_NAME: ${{ vars.VAR_APP_NAME }}
NEXTJS_PORT: ${{ vars.NEXTJS_PORT }}
WEBSITE_URL: ${{ vars.WEBSITE_URL }}
ADMIN_EMAIL: ${{ vars.ADMIN_EMAIL }}
steps:
- name: 📥 Checkout devops
uses: actions/checkout@v3
with:
repository: Infrastructure/gitea-workflows
ref: main
fetch-depth: 1
- name: 📋 Infos de génération
run: |
echo "APP_NAME : ${{ env.APP_NAME }}"
echo "NEXTJS_PORT : ${{ env.NEXTJS_PORT }}"
echo "WEBSITE_URL : ${{ env.WEBSITE_URL }}"
if [ -z "${{ env.APP_NAME }}" ]; then echo "❌ VAR_APP_NAME manquant" && exit 1; fi
if [ -z "${{ env.NEXTJS_PORT }}" ]; then echo "❌ NEXTJS_PORT manquant" && exit 1; fi
if [ -z "${{ env.WEBSITE_URL }}" ]; then echo "❌ WEBSITE_URL manquant" && exit 1; fi
- name: 🔧 Génération du fichier de configuration
run: |
DOMAIN=$(echo "${{ env.WEBSITE_URL }}" | sed -E 's#^https?://##' | sed -E 's#/.*$##')
CONFIG_FILENAME="${DOMAIN}.conf"
LOCAL_TEMP="/tmp/$CONFIG_FILENAME"
cp .gitea/templates/nginx-nextjs-site.conf.template "$LOCAL_TEMP"
sed -i "s/{{DOMAIN}}/$DOMAIN/g" "$LOCAL_TEMP"
sed -i "s/{{PORT}}/${{ env.NEXTJS_PORT }}/g" "$LOCAL_TEMP"
cat "$LOCAL_TEMP"
- name: 🛠️ Déploiement page maintenance
run: |
sudo mkdir -p /var/www/errors
sudo cp .gitea/templates/maintenance.html /var/www/errors/maintenance.html
sudo chmod 644 /var/www/errors/maintenance.html
- name: 🔒 Certificat SSL (certbot --standalone si absent)
run: |
DOMAIN=$(echo "${{ env.WEBSITE_URL }}" | sed -E 's#^https?://##' | sed -E 's#/.*$##')
CERT_PATH="/etc/letsencrypt/live/$DOMAIN/fullchain.pem"
# Installer certbot si absent
if ! command -v certbot &>/dev/null; then
echo "📦 Installation de certbot..."
sudo apt-get update -qq
sudo apt-get install -y -qq certbot
fi
if [ -f "$CERT_PATH" ]; then
echo "✅ Certificat existant trouvé — aucune action requise"
else
echo "🔐 Certificat absent — obtention via certbot --standalone"
# Arrêt de nginx pour libérer le port 80 (standalone en a besoin)
sudo systemctl stop nginx || true
sudo certbot certonly \
--standalone \
--non-interactive \
--agree-tos \
--email "${{ env.ADMIN_EMAIL }}" \
-d "$DOMAIN"
echo "✅ Certificat obtenu pour $DOMAIN"
fi
- name: 🚀 Installation NGINX
run: |
DOMAIN=$(echo "${{ env.WEBSITE_URL }}" | sed -E 's#^https?://##' | sed -E 's#/.*$##')
CONFIG_FILENAME="${DOMAIN}.conf"
LOCAL_TEMP="/tmp/$CONFIG_FILENAME"
TARGET_AVAILABLE="/etc/nginx/sites-available/$CONFIG_FILENAME"
TARGET_ENABLED="/etc/nginx/sites-enabled/$CONFIG_FILENAME"
sudo mv "$LOCAL_TEMP" "$TARGET_AVAILABLE"
if [ ! -f "$TARGET_ENABLED" ]; then sudo ln -s "$TARGET_AVAILABLE" "$TARGET_ENABLED"; fi
sudo nginx -t
if sudo systemctl is-active --quiet nginx; then
sudo systemctl reload nginx
else
sudo systemctl start nginx
fi