From 3c0676acd912df4549b81010346f5435c475ad64 Mon Sep 17 00:00:00 2001 From: boban Date: Tue, 21 Apr 2026 01:23:30 +0200 Subject: [PATCH] =?UTF-8?q?feat:=20Gitea=20Webhook=20Auto-Deploy=20Service?= =?UTF-8?q?=20f=C3=BCr=20Staging?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit deployer-Container (almir/webhook) lauscht auf Port 9001. Bei Push → git pull, npm build, migrate, cache clear, workers restart. Secret via DEPLOY_WEBHOOK_SECRET in .env konfigurieren. Co-Authored-By: Claude Sonnet 4.6 --- docker-compose.staging.yml | 19 +++++++++++++++++++ docker/webhook/deploy.sh | 29 +++++++++++++++++++++++++++++ docker/webhook/entrypoint.sh | 4 ++++ docker/webhook/hooks.json | 18 ++++++++++++++++++ 4 files changed, 70 insertions(+) create mode 100755 docker/webhook/deploy.sh create mode 100755 docker/webhook/entrypoint.sh create mode 100644 docker/webhook/hooks.json diff --git a/docker-compose.staging.yml b/docker-compose.staging.yml index 8e7dae7..e092b47 100644 --- a/docker-compose.staging.yml +++ b/docker-compose.staging.yml @@ -163,6 +163,25 @@ services: depends_on: - redis + deployer: + image: almir/webhook + container_name: nexxo_deployer + restart: unless-stopped + ports: + - "9001:9001" + environment: + DEPLOY_WEBHOOK_SECRET: ${DEPLOY_WEBHOOK_SECRET} + volumes: + - ./docker/webhook/hooks.json:/etc/webhook/hooks.json:ro + - ./docker/webhook/entrypoint.sh:/entrypoint.sh:ro + - ./docker/webhook/deploy.sh:/scripts/deploy.sh + - /var/run/docker.sock:/var/run/docker.sock + - /usr/bin/docker:/usr/bin/docker:ro + - ./:/aziros + entrypoint: ["/bin/sh", "/entrypoint.sh"] + networks: + - nexxo + networks: nexxo: driver: bridge diff --git a/docker/webhook/deploy.sh b/docker/webhook/deploy.sh new file mode 100755 index 0000000..f4ce436 --- /dev/null +++ b/docker/webhook/deploy.sh @@ -0,0 +1,29 @@ +#!/bin/bash +set -e + +COMPOSE_FILE="/aziros/docker-compose.staging.yml" + +echo "[deploy] $(date) – Deploy gestartet" +cd /aziros + +git pull origin main + +docker compose -f "$COMPOSE_FILE" exec -T app npm ci --silent +docker compose -f "$COMPOSE_FILE" exec -T app npm run build:staging + +docker compose -f "$COMPOSE_FILE" exec -T app composer install --no-dev --optimize-autoloader --quiet + +docker compose -f "$COMPOSE_FILE" exec -T app php artisan migrate --force +docker compose -f "$COMPOSE_FILE" exec -T app php artisan db:seed --class=TranslationSeeder --force + +docker compose -f "$COMPOSE_FILE" exec -T app php artisan config:clear +docker compose -f "$COMPOSE_FILE" exec -T app php artisan cache:clear +docker compose -f "$COMPOSE_FILE" exec -T app php artisan view:clear +docker compose -f "$COMPOSE_FILE" exec -T app php artisan route:clear +docker compose -f "$COMPOSE_FILE" exec -T app php artisan config:cache +docker compose -f "$COMPOSE_FILE" exec -T app php artisan route:cache +docker compose -f "$COMPOSE_FILE" exec -T app php artisan view:cache + +docker compose -f "$COMPOSE_FILE" restart worker scheduler mail-worker reverb + +echo "[deploy] ✅ Deploy fertig" diff --git a/docker/webhook/entrypoint.sh b/docker/webhook/entrypoint.sh new file mode 100755 index 0000000..44b666e --- /dev/null +++ b/docker/webhook/entrypoint.sh @@ -0,0 +1,4 @@ +#!/bin/sh +# Substituiert ${DEPLOY_WEBHOOK_SECRET} im hooks.json-Template +envsubst < /etc/webhook/hooks.json > /tmp/hooks.json +exec webhook -hooks /tmp/hooks.json -verbose -port 9001 diff --git a/docker/webhook/hooks.json b/docker/webhook/hooks.json new file mode 100644 index 0000000..c14b7f0 --- /dev/null +++ b/docker/webhook/hooks.json @@ -0,0 +1,18 @@ +[ + { + "id": "deploy", + "execute-command": "/scripts/deploy.sh", + "command-working-directory": "/aziros", + "response-message": "Deploy gestartet", + "trigger-rule": { + "match": { + "type": "value", + "value": "${DEPLOY_WEBHOOK_SECRET}", + "parameter": { + "source": "header", + "name": "X-Webhook-Secret" + } + } + } + } +]