Add CI/CD pipeline with Gitea Actions and production deployment

- Production Dockerfiles: backend (gunicorn + uvicorn workers), frontend (multi-stage Node build + nginx with API proxy) - docker-compose.prod.yml: integrates with VPS nginx-proxy via VIRTUAL_HOST for auto-TLS at fit.cescalante.dev - GitHub Actions workflow (Gitea Actions-compatible): builds images and deploys on push to main via self-hosted runner - Make CORS origins configurable via CORS_ORIGINS env var Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-21 10:28:46 +01:00 · 2026-03-20 18:57:15 -06:00
parent f279907ae3
commit 3b544f6a25
7 changed files with 201 additions and 1 deletions
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,50 @@
+name: Deploy to VPS
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  deploy:
+    runs-on: self-hosted
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Write .env.prod
+        run: |
+          cat > .env.prod << 'ENVEOF'
+          POSTGRES_USER=${{ secrets.POSTGRES_USER }}
+          POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}
+          POSTGRES_DB=${{ secrets.POSTGRES_DB }}
+          OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
+          SECRET_KEY=${{ secrets.SECRET_KEY }}
+          VAPID_PRIVATE_KEY=${{ secrets.VAPID_PRIVATE_KEY }}
+          VAPID_PUBLIC_KEY=${{ secrets.VAPID_PUBLIC_KEY }}
+          VAPID_MAILTO=${{ secrets.VAPID_MAILTO }}
+          CORS_ORIGINS=${{ secrets.CORS_ORIGINS }}
+          VITE_API_URL=${{ secrets.VITE_API_URL }}
+          ENVEOF
+
+      - name: Build and deploy
+        run: |
+          docker compose -f docker-compose.prod.yml --env-file .env.prod build
+          docker compose -f docker-compose.prod.yml --env-file .env.prod up -d --remove-orphans
+
+      - name: Wait for health
+        run: |
+          echo "Waiting for backend..."
+          for i in $(seq 1 30); do
+            if docker inspect healthyfit-backend-prod --format '{{.State.Health.Status}}' 2>/dev/null | grep -q healthy; then
+              echo "Backend is healthy"
+              break
+            fi
+            sleep 2
+          done
+
+      - name: Prune old images
+        run: docker image prune -f
+
+      - name: Cleanup
+        if: always()
+        run: rm -f .env.prod