Add R2_PUBLIC_URL to deployment workflow #35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Digital Ocean | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository_owner }}/appwit | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set lowercase image name | |
| id: image-name | |
| run: echo "IMAGE_NAME_LOWER=$(echo ${{ env.IMAGE_NAME }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT | |
| - name: Log in to Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push Backend image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./docker/backend.dockerfile | |
| push: true | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/backend:latest | |
| ${{ env.REGISTRY }}/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/backend:${{ github.sha }} | |
| cache-from: | | |
| type=registry,ref=${{ env.REGISTRY }}/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/backend:buildcache | |
| type=gha,scope=backend | |
| cache-to: | | |
| type=registry,ref=${{ env.REGISTRY }}/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/backend:buildcache,mode=max | |
| type=gha,mode=max,scope=backend | |
| - name: Build and push Frontend image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./docker/frontend.dockerfile | |
| push: true | |
| build-args: | | |
| NEXT_PUBLIC_BACKEND_URL=${{ secrets.NEXT_PUBLIC_BACKEND_URL }} | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/frontend:latest | |
| ${{ env.REGISTRY }}/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/frontend:${{ github.sha }} | |
| cache-from: | | |
| type=registry,ref=${{ env.REGISTRY }}/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/frontend:buildcache | |
| type=gha,scope=frontend | |
| cache-to: | | |
| type=registry,ref=${{ env.REGISTRY }}/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/frontend:buildcache,mode=max | |
| type=gha,mode=max,scope=frontend | |
| deploy: | |
| needs: build-and-push | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set lowercase image name | |
| id: image-name | |
| run: echo "IMAGE_NAME_LOWER=$(echo ${{ github.repository_owner }}/appwit | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT | |
| - name: Copy docker-compose.yml to server | |
| uses: appleboy/scp-action@v0.1.7 | |
| with: | |
| host: ${{ secrets.DO_HOST }} | |
| username: ${{ secrets.DO_USERNAME }} | |
| key: ${{ secrets.DO_SSH_KEY }} | |
| port: ${{ secrets.DO_PORT }} | |
| source: "docker-compose.yml" | |
| target: "/root/appwit" | |
| strip_components: 0 | |
| - name: Create .env file and deploy | |
| uses: appleboy/ssh-action@v1.0.0 | |
| with: | |
| host: ${{ secrets.DO_HOST }} | |
| username: ${{ secrets.DO_USERNAME }} | |
| key: ${{ secrets.DO_SSH_KEY }} | |
| port: ${{ secrets.DO_PORT }} | |
| script: | | |
| mkdir -p /root/appwit | |
| cd /root/appwit | |
| # Create .env file | |
| rm -f .env | |
| cat > .env << 'EOF' | |
| # Database Configuration | |
| POSTGRES_DB=${{ secrets.POSTGRES_DB }} | |
| POSTGRES_USER=${{ secrets.POSTGRES_USER }} | |
| POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} | |
| POSTGRES_PORT=5432 | |
| # Backend Configuration | |
| NODE_ENV=production | |
| BACKEND_PORT=${{ secrets.BACKEND_PORT }} | |
| BACKEND_URL=${{ secrets.NEXT_PUBLIC_BACKEND_URL }} | |
| FRONTEND_URL=${{ secrets.FRONTEND_URL }} | |
| JWT_SECRET=${{ secrets.JWT_SECRET }} | |
| # E2B Sandbox Configuration | |
| E2B_API_KEY=${{ secrets.E2B_API_KEY }} | |
| TEMPLATE_ID=${{ secrets.TEMPLATE_ID }} | |
| SANDBOX_PORT=${{ secrets.SANDBOX_PORT }} | |
| # LLM Provider Configuration | |
| LLM_PROVIDER=${{ secrets.LLM_PROVIDER }} | |
| OPENROUTER_API_KEY=${{ secrets.OPENROUTER_API_KEY }} | |
| OPENROUTER_MODEL=${{ secrets.OPENROUTER_MODEL }} | |
| ANTHROPIC_API_KEY=${{ secrets.ANTHROPIC_API_KEY }} | |
| ANTHROPIC_MODEL=${{ secrets.ANTHROPIC_MODEL }} | |
| OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }} | |
| OPENAI_MODEL=${{ secrets.OPENAI_MODEL }} | |
| # Cloudflare R2 Storage | |
| R2_ACCOUNT_ID=${{ secrets.R2_ACCOUNT_ID }} | |
| R2_ACCESS_KEY_ID=${{ secrets.R2_ACCESS_KEY_ID }} | |
| R2_SECRET_ACCESS_KEY=${{ secrets.R2_SECRET_ACCESS_KEY }} | |
| R2_BUCKET_NAME=${{ secrets.R2_BUCKET_NAME }} | |
| R2_PUBLIC_URL=${{ secrets.R2_PUBLIC_URL }} | |
| # Langfuse Observability | |
| LANGFUSE_PUBLIC_KEY=${{ secrets.LANGFUSE_PUBLIC_KEY }} | |
| LANGFUSE_SECRET_KEY=${{ secrets.LANGFUSE_SECRET_KEY }} | |
| LANGFUSE_HOST=${{ secrets.LANGFUSE_HOST }} | |
| # Frontend Configuration | |
| FRONTEND_PORT=${{ secrets.FRONTEND_PORT }} | |
| NEXT_PUBLIC_BACKEND_URL=${{ secrets.NEXT_PUBLIC_BACKEND_URL }} | |
| # Google OAuth | |
| GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} | |
| GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }} | |
| # CORS | |
| CORS_ORIGINS=${{ secrets.CORS_ORIGINS }} | |
| EOF | |
| chmod 600 .env | |
| echo ".env file created successfully" | |
| # Deploy | |
| echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| docker pull ghcr.io/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/backend:latest | |
| docker pull ghcr.io/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/frontend:latest | |
| export BACKEND_IMAGE=ghcr.io/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/backend:latest | |
| export FRONTEND_IMAGE=ghcr.io/${{ steps.image-name.outputs.IMAGE_NAME_LOWER }}/frontend:latest | |
| docker compose down | |
| docker compose up -d | |
| docker image prune -af | |
| docker compose ps |