ChrisChen/ROLAC
1
0
Fork 0
Code Issues 66 Pull Requests Actions Packages Projects Releases Wiki Activity

update docker
ci-cd-vm / ci-cd (push) Failing after 40s
Details

Browse Source
This commit is contained in:
Chris Chen
2026-06-22 16:37:53 -07:00
parent 1fb97cfccc
commit bcd6b39356
4 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/ci-cd-vm.yml
+1 -1
View File
@@ -15,7 +15,7 @@ jobs:
shell: bash shell: bash
env: env:
REGISTRY: git.golife.love/chrischen REGISTRY: git.golife.love/chrischen
DEPLOY_DIR: /opt/rolac DEPLOY_DIR: /home/chris/docker/rolac
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
deploy/vm/README.md
+11 -11
View File
@@ -36,11 +36,11 @@ No TLS yet — plain HTTP on port **8080**. Add Let's Encrypt later (see the Azu
1. **Deploy dir + secrets:** 1. **Deploy dir + secrets:**
```bash ```bash
sudo mkdir -p /opt/rolac/nginx/conf.d /opt/rolac/data/api-storage sudo mkdir -p /home/chris/docker/rolac/nginx/conf.d /home/chris/docker/rolac/data/api-storage
sudo cp /path/to/repo/deploy/vm/.env.example /opt/rolac/.env sudo cp /path/to/repo/deploy/vm/.env.example /home/chris/docker/rolac/.env
sudo nano /opt/rolac/.env # real DB user/password + JWT_SECRET + APP_ORIGIN sudo nano /home/chris/docker/rolac/.env # real DB user/password + JWT_SECRET + APP_ORIGIN
``` ```
Make sure the user the runner executes as can read/write `/opt/rolac`. Make sure the user the runner executes as can read/write `/home/chris/docker/rolac`.
2. **Registry token** — in Gitea: Settings → Applications → new token with 2. **Registry token** — in Gitea: Settings → Applications → new token with
`read:package` + `write:package`. Log Docker in once on the VM: `read:package` + `write:package`. Log Docker in once on the VM:
@@ -50,11 +50,11 @@ No TLS yet — plain HTTP on port **8080**. Add Let's Encrypt later (see the Azu
3. **Install act_runner on the VM** with the label **`ubuntu`** and access to the 3. **Install act_runner on the VM** with the label **`ubuntu`** and access to the
host Docker. The runner must be able to run `dotnet`, `docker`, and host Docker. The runner must be able to run `dotnet`, `docker`, and
`docker compose`, and reach `/opt/rolac`: `docker compose`, and reach `/home/chris/docker/rolac`:
```bash ```bash
docker run -d --restart unless-stopped --name rolac-runner \ docker run -d --restart unless-stopped --name rolac-runner \
-v /var/run/docker.sock:/var/run/docker.sock \ -v /var/run/docker.sock:/var/run/docker.sock \
-v /opt/rolac:/opt/rolac \ -v /home/chris/docker/rolac:/home/chris/docker/rolac \
-e GITEA_INSTANCE_URL=https://git.golife.love \ -e GITEA_INSTANCE_URL=https://git.golife.love \
-e GITEA_RUNNER_REGISTRATION_TOKEN=<token> \ -e GITEA_RUNNER_REGISTRATION_TOKEN=<token> \
-e GITEA_RUNNER_LABELS=ubuntu \ -e GITEA_RUNNER_LABELS=ubuntu \
@@ -92,10 +92,10 @@ On the VM, from a checkout of the repo:
docker login git.golife.love -u ChrisChen docker login git.golife.love -u ChrisChen
docker build -t git.golife.love/chrischen/rolac-api:latest ./API docker build -t git.golife.love/chrischen/rolac-api:latest ./API
docker build -t git.golife.love/chrischen/rolac-app:latest ./APP docker build -t git.golife.love/chrischen/rolac-app:latest ./APP
mkdir -p /opt/rolac/nginx/conf.d /opt/rolac/data/api-storage mkdir -p /home/chris/docker/rolac/nginx/conf.d /home/chris/docker/rolac/data/api-storage
cp deploy/vm/docker-compose.yml /opt/rolac/docker-compose.yml cp deploy/vm/docker-compose.yml /home/chris/docker/rolac/docker-compose.yml
cp deploy/vm/nginx/conf.d/rolac.conf /opt/rolac/nginx/conf.d/rolac.conf cp deploy/vm/nginx/conf.d/rolac.conf /home/chris/docker/rolac/nginx/conf.d/rolac.conf
cd /opt/rolac && docker compose up -d cd /home/chris/docker/rolac && docker compose up -d
curl -fsS http://localhost:8080/api/health curl -fsS http://localhost:8080/api/health
``` ```
@@ -106,7 +106,7 @@ curl -fsS http://localhost:8080/api/health
- **First boot runs DB migrations** against `192.168.68.55` automatically - **First boot runs DB migrations** against `192.168.68.55` automatically
(`Program.cs` calls `MigrateAsync()` + seed). The VM must reach that host and the (`Program.cs` calls `MigrateAsync()` + seed). The VM must reach that host and the
DB user needs DDL rights; back up before the first run. DB user needs DDL rights; back up before the first run.
- **Uploaded files** persist under `/opt/rolac/data/api-storage`. - **Uploaded files** persist under `/home/chris/docker/rolac/data/api-storage`.
- **Same Docker daemon for build + run** means `docker compose up` finds the freshly - **Same Docker daemon for build + run** means `docker compose up` finds the freshly
built `:<sha>` images locally; `docker compose pull` is unnecessary here (but built `:<sha>` images locally; `docker compose pull` is unnecessary here (but
harmless if you add it). harmless if you add it).
deploy/vm/runner/README.md
+1 -1
View File
@@ -10,7 +10,7 @@ It registers with the label **`ubuntu:host`**:
instead of spawning a separate job container that wouldn't have dotnet/docker. instead of spawning a separate job container that wouldn't have dotnet/docker.
The container mounts the **host Docker socket** (so build/push/compose act on the The container mounts the **host Docker socket** (so build/push/compose act on the
host daemon) and **`/opt/rolac`** at the same path (so compose's relative volumes host daemon) and **`/home/chris/docker/rolac`** at the same path (so compose's relative volumes
resolve), and uses **host networking** (so the deploy step's resolve), and uses **host networking** (so the deploy step's
`curl http://localhost:8080/api/health` works). `curl http://localhost:8080/api/health` works).
deploy/vm/runner/docker-compose.yml
+1 -1
View File
@@ -12,6 +12,6 @@ services:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
# deploy target — must be the SAME path so compose's relative ./data and # deploy target — must be the SAME path so compose's relative ./data and
# ./nginx volumes resolve to real host paths # ./nginx volumes resolve to real host paths
- /opt/rolac:/opt/rolac - /home/chris/docker/rolac:/home/chris/docker/rolac
# persist runner registration so it doesn't re-register on restart # persist runner registration so it doesn't re-register on restart
- ./runner-data:/data - ./runner-data:/data