diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 9ce1326..5cd2fbc 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -48,6 +48,8 @@ jobs: TIMESTAMP=$(date +%Y%m%d_%H%M%S) DEPLOY_HOME="/home/kjh2064" DEPLOY_DIR="$DEPLOY_HOME/deployments/taxbaik_${TIMESTAMP}" + DEPLOY_HOST="${{ secrets.DEPLOY_HOST }}" + DEPLOY_USER="${{ secrets.DEPLOY_USER }}" echo "=== Deploying TaxBaik v$(git rev-parse --short HEAD) ===" mkdir -p "$DEPLOY_DIR" @@ -55,21 +57,30 @@ jobs: ln -sfn "$DEPLOY_DIR" "$DEPLOY_HOME/taxbaik_active" echo "✓ Deployed to $DEPLOY_DIR" - # systemd가 새 아티팩트를 다시 읽도록 서비스 재시작 - echo "=== Restarting service ===" - sudo systemctl restart taxbaik + # 서버에서 systemd로 서비스를 재시작 + echo "=== Restarting service on server ===" + mkdir -p ~/.ssh + printf '%s\n' "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts 2>/dev/null || true + ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes "$DEPLOY_USER@$DEPLOY_HOST" "sudo systemctl restart taxbaik" sleep 5 echo "✓ Deployment complete" - name: Verify deployment run: | + set -e + DEPLOY_HOST="${{ secrets.DEPLOY_HOST }}" + DEPLOY_USER="${{ secrets.DEPLOY_USER }}" + mkdir -p ~/.ssh + printf '%s\n' "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts 2>/dev/null || true sleep 10 - HOME_STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://127.0.0.1:5001/taxbaik/ || echo "000") - LOGIN_STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://127.0.0.1:5001/taxbaik/admin/login || echo "000") + HOME_STATUS=$(ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes "$DEPLOY_USER@$DEPLOY_HOST" "curl -s -o /dev/null -w '%{http_code}' http://127.0.0.1:5001/taxbaik/" || echo "000") + LOGIN_STATUS=$(ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes "$DEPLOY_USER@$DEPLOY_HOST" "curl -s -o /dev/null -w '%{http_code}' http://127.0.0.1:5001/taxbaik/admin/login" || echo "000") ADMIN_TEST_PASSWORD="${{ secrets.TAXBAIK_ADMIN_TEST_PASSWORD }}" - AUTH_BODY=$(curl -s -X POST http://127.0.0.1:5001/taxbaik/api/auth/login \ - -H "Content-Type: application/json" \ - -d "{\"username\":\"admin\",\"password\":\"${ADMIN_TEST_PASSWORD}\"}" || echo "") + AUTH_BODY=$(ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes "$DEPLOY_USER@$DEPLOY_HOST" "python3 - <<'PY'\nimport json, urllib.request\nreq = urllib.request.Request('http://127.0.0.1:5001/taxbaik/api/auth/login', data=json.dumps({'username':'admin','password':'${ADMIN_TEST_PASSWORD}'}).encode(), headers={'Content-Type':'application/json'}, method='POST')\ntry:\n with urllib.request.urlopen(req, timeout=20) as r:\n print(r.read().decode())\nexcept Exception as e:\n print(type(e).__name__, e)\nPY" || echo "") echo "Home Status: $HOME_STATUS" echo "Login Status: $LOGIN_STATUS" echo "Auth Body: $AUTH_BODY"