Fix: wrong api call paht in the smtp #100
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CD-workflow" | |
| on: | |
| push: | |
| branches: | |
| - deploy | |
| jobs: | |
| build: | |
| runs-on: [self-hosted, linux, x64] | |
| env: | |
| POSTGRES_USER: ${{ secrets.POSTGRES_USER }} | |
| POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }} | |
| POSTGRES_DB: ${{ secrets.POSTGRES_DB }} | |
| MONGO_ROOT_USER: ${{ secrets.MONGO_ROOT_USER }} | |
| MONGO_ROOT_PASSWORD: ${{ secrets.MONGO_ROOT_PASSWORD }} | |
| MONGO_DB: ${{ secrets.MONGO_DB }} | |
| MONGO_USER: ${{ secrets.MONGO_USER }} | |
| MONGO_PASSWORD: ${{ secrets.MONGO_PASSWORD }} | |
| FILE_STORAGE_BACKEND: ${{ secrets.FILE_STORAGE_BACKEND }} | |
| GARAGE_S3_ENDPOINT: ${{ secrets.GARAGE_S3_ENDPOINT }} | |
| GARAGE_S3_PUBLIC_ENDPOINT: ${{ secrets.GARAGE_S3_PUBLIC_ENDPOINT }} | |
| GARAGE_S3_REGION: ${{ secrets.GARAGE_S3_REGION }} | |
| GARAGE_ACCESS_KEY_ID: ${{ secrets.GARAGE_ACCESS_KEY_ID }} | |
| GARAGE_SECRET_ACCESS_KEY: ${{ secrets.GARAGE_SECRET_ACCESS_KEY }} | |
| GARAGE_FORCE_PATH_STYLE: ${{ secrets.GARAGE_FORCE_PATH_STYLE }} | |
| GARAGE_BUCKET_CONTENT: ${{ secrets.GARAGE_BUCKET_CONTENT }} | |
| GARAGE_BUCKET_LOGOS: ${{ secrets.GARAGE_BUCKET_LOGOS }} | |
| GARAGE_CONTENT_PREFIX: ${{ secrets.GARAGE_CONTENT_PREFIX }} | |
| GARAGE_LOGOS_PREFIX: ${{ secrets.GARAGE_LOGOS_PREFIX }} | |
| GARAGE_RPC_SECRET: ${{ secrets.GARAGE_RPC_SECRET }} | |
| RABBITMQ_DEFAULT_USER: ${{ secrets.RABBITMQ_DEFAULT_USER }} | |
| RABBITMQ_DEFAULT_PASS: ${{ secrets.RABBITMQ_DEFAULT_PASS }} | |
| RABBITMQ_QUEUE: ${{ secrets.RABBITMQ_QUEUE }} | |
| RABBITMQ_API_USER: ${{ secrets.RABBITMQ_API_USER }} | |
| RABBITMQ_API_PASS: ${{ secrets.RABBITMQ_API_PASS }} | |
| RABBITMQ_SMTP_USER: ${{ secrets.RABBITMQ_SMTP_USER }} | |
| RABBITMQ_SMTP_PASS: ${{ secrets.RABBITMQ_SMTP_PASS }} | |
| RATE_LIMITER_MAX_REQUESTS: ${{ secrets.RATE_LIMITER_MAX_REQUESTS }} | |
| RATE_LIMITER_TIME_WINDOW_SECONDS: ${{ secrets.RATE_LIMITER_TIME_WINDOW_SECONDS }} | |
| KEYCLOAK_ADMIN: ${{ secrets.KEYCLOAK_ADMIN }} | |
| KEYCLOAK_ADMIN_PASSWORD: ${{ secrets.KEYCLOAK_ADMIN_PASSWORD }} | |
| CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} | |
| KEYCLOAK_INTERNAL_URL: ${{ secrets.KEYCLOAK_INTERNAL_URL }} | |
| API_INTERNAL_URL: ${{ secrets.API_INTERNAL_URL }} | |
| PUBLIC_BASE_URL: ${{ secrets.PUBLIC_BASE_URL }} | |
| KC_HTTP_RELATIVE_PATH: ${{ secrets.KC_HTTP_RELATIVE_PATH }} | |
| VITE_BASE_PATH: ${{ secrets.VITE_BASE_PATH }} | |
| KC_HOSTNAME: ${{ secrets.KC_HOSTNAME }} | |
| KC_HOSTNAME_URL: ${{ secrets.KC_HOSTNAME_URL }} | |
| KEYCLOAK_URL: ${{ secrets.KEYCLOAK_URL }} | |
| API_URL: ${{ secrets.API_URL }} | |
| WEB_URL: ${{ secrets.WEB_URL }} | |
| KEYCLOAK_ISSUER_URL: ${{ secrets.KEYCLOAK_ISSUER_URL }} | |
| NGINX_PORT: ${{ secrets.NGINX_PORT }} | |
| SERVER_PORT: ${{ secrets.SERVER_PORT }} | |
| TLS_CERT_FILE: ${{ secrets.TLS_CERT_FILE }} | |
| TLS_KEY_FILE: ${{ secrets.TLS_KEY_FILE }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f | |
| - name: Create deployment .env from GitHub secrets | |
| run: | | |
| cat > deployment/.env <<EOF | |
| POSTGRES_USER=${POSTGRES_USER} | |
| POSTGRES_PASSWORD=${POSTGRES_PASSWORD} | |
| POSTGRES_DB=${POSTGRES_DB} | |
| MONGO_ROOT_USER=${MONGO_ROOT_USER} | |
| MONGO_ROOT_PASSWORD=${MONGO_ROOT_PASSWORD} | |
| MONGO_DB=${MONGO_DB} | |
| MONGO_USER=${MONGO_USER} | |
| MONGO_PASSWORD=${MONGO_PASSWORD} | |
| FILE_STORAGE_BACKEND=${FILE_STORAGE_BACKEND} | |
| GARAGE_S3_ENDPOINT=${GARAGE_S3_ENDPOINT} | |
| GARAGE_S3_PUBLIC_ENDPOINT=${GARAGE_S3_PUBLIC_ENDPOINT} | |
| GARAGE_S3_REGION=${GARAGE_S3_REGION} | |
| GARAGE_ACCESS_KEY_ID=${GARAGE_ACCESS_KEY_ID} | |
| GARAGE_SECRET_ACCESS_KEY=${GARAGE_SECRET_ACCESS_KEY} | |
| GARAGE_FORCE_PATH_STYLE=${GARAGE_FORCE_PATH_STYLE} | |
| GARAGE_BUCKET_CONTENT=${GARAGE_BUCKET_CONTENT} | |
| GARAGE_BUCKET_LOGOS=${GARAGE_BUCKET_LOGOS} | |
| GARAGE_CONTENT_PREFIX=${GARAGE_CONTENT_PREFIX} | |
| GARAGE_LOGOS_PREFIX=${GARAGE_LOGOS_PREFIX} | |
| GARAGE_RPC_SECRET=${GARAGE_RPC_SECRET} | |
| RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER} | |
| RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS} | |
| RABBITMQ_QUEUE=${RABBITMQ_QUEUE} | |
| RABBITMQ_API_USER=${RABBITMQ_API_USER} | |
| RABBITMQ_API_PASS=${RABBITMQ_API_PASS} | |
| RABBITMQ_SMTP_USER=${RABBITMQ_SMTP_USER} | |
| RABBITMQ_SMTP_PASS=${RABBITMQ_SMTP_PASS} | |
| RATE_LIMITER_MAX_REQUESTS=${RATE_LIMITER_MAX_REQUESTS} | |
| RATE_LIMITER_TIME_WINDOW_SECONDS=${RATE_LIMITER_TIME_WINDOW_SECONDS} | |
| KEYCLOAK_ADMIN=${KEYCLOAK_ADMIN} | |
| KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD} | |
| CLIENT_SECRET=${CLIENT_SECRET} | |
| KEYCLOAK_INTERNAL_URL=${KEYCLOAK_INTERNAL_URL} | |
| API_INTERNAL_URL=${API_INTERNAL_URL} | |
| PUBLIC_BASE_URL=${PUBLIC_BASE_URL} | |
| KC_HTTP_RELATIVE_PATH=${KC_HTTP_RELATIVE_PATH} | |
| VITE_BASE_PATH=${VITE_BASE_PATH} | |
| KC_HOSTNAME=${KC_HOSTNAME} | |
| KC_HOSTNAME_URL=${KC_HOSTNAME_URL} | |
| KEYCLOAK_URL=${KEYCLOAK_URL} | |
| API_URL=${API_URL} | |
| WEB_URL=${WEB_URL} | |
| KEYCLOAK_ISSUER_URL=${KEYCLOAK_ISSUER_URL} | |
| NGINX_PORT=${NGINX_PORT} | |
| SERVER_PORT=${SERVER_PORT} | |
| TLS_CERT_FILE=${TLS_CERT_FILE} | |
| TLS_KEY_FILE=${TLS_KEY_FILE} | |
| EOF | |
| - name: Generate TLS certificates | |
| run: | | |
| set -euo pipefail | |
| source deployment/.env | |
| mkdir -p deployment/certs | |
| ./deployment/scripts/generate-tls-certs.sh \ | |
| --domain "${KC_HOSTNAME}" \ | |
| --alt "${KC_HOSTNAME},localhost,127.0.0.1" \ | |
| --out-dir deployment/certs \ | |
| --cert-file "${TLS_CERT_FILE:-tls.crt}" \ | |
| --key-file "${TLS_KEY_FILE:-tls.key}" \ | |
| --days 3650 | |
| - name: Rebuild and redeploy stack | |
| env: | |
| DOCKER_BUILDKIT: 1 | |
| run: | | |
| docker compose --env-file deployment/.env -f deployment/docker-compose.yml down | |
| docker compose --env-file deployment/.env -f deployment/docker-compose.yml up -d --build |