Merge branch 'main' into 330-add-experimental-gradual-patient-progres…

…sion-option
hpi-sam · Oct 4, 2024 · 612d300 · 612d300
2 parents 67910d5 + 54f4cc6
commit 612d300
Show file tree

Hide file tree

Showing 5 changed files with 45 additions and 13 deletions.
diff --git a/.github/workflows/ci-tests.yml b/.github/workflows/ci-tests.yml
@@ -12,7 +12,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Build frontend Docker container
         run: |
@@ -38,7 +38,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Build backend Docker containers
         run: |
@@ -77,7 +77,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
@@ -88,6 +88,7 @@ jobs:
 
       - name: Run docker containers with deploy dev configuration
         run: |
+          cp backend/dps_training_k/deployment/nginx/nginx_deploy_dev.conf ./nginx_dev.conf
           docker compose -f docker-compose.dev.yml up -d
 
       - name: Run integration tests

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -13,7 +13,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
@@ -48,13 +48,16 @@ jobs:
       - name: Prepare deployment files
         run: |
           mkdir deployment_files
-          cp docker-compose.prod.yml deployment_files/docker-compose.yml
-          cp ./.env.prod deployment_files/
-          cp ./.env.dev deployment_files/
-          cp backend/dps_training_k/deployment/nginx/nginx_deploy_prod.conf deployment_files/nginx.conf
+          cp docker-compose.prod.yml deployment_files/docker-compose.prod.yml
+          cp docker-compose.dev.yml deployment_files/docker-compose.dev.yml
+          cp .env.prod deployment_files/.env.prod
+          cp .env.dev deployment_files/.env.dev
+          cp backend/dps_training_k/deployment/nginx/nginx_deploy_prod.conf deployment_files/nginx_prod.conf
+          cp backend/dps_training_k/deployment/nginx/nginx_deploy_dev.conf deployment_files/nginx_dev.conf
 
       - name: Archive deployment files
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: deployment-files
           path: deployment_files/
+          include-hidden-files: true
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -84,7 +84,7 @@ services:
       - django
     volumes:
       - static_volume:/app/staticfiles
-      - ./backend/dps_training_k/deployment/nginx/nginx_deploy_dev.conf:/etc/nginx/conf.d/nginx.conf
+      - ./nginx_dev.conf:/etc/nginx/conf.d/nginx.conf
     ports:
       - "80:80"
       - "443:443"

diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
@@ -86,7 +86,7 @@ services:
       - static_volume:/app/staticfiles
       - /etc/letsencrypt/live/klinik-dps.de/fullchain.pem:/etc/nginx/ssl/fullchain.pem:ro
       - /etc/letsencrypt/live/klinik-dps.de/privkey.pem:/etc/nginx/ssl/privkey.pem:ro
-      - ./nginx.conf:/etc/nginx/conf.d/nginx.conf
+      - ./nginx_prod.conf:/etc/nginx/conf.d/nginx.conf
     ports:
       - "80:80"
       - "443:443"

diff --git a/docs/deployment-process.md b/docs/deployment-process.md
@@ -25,11 +25,39 @@ docker login ghcr.io -u <username> -p <token>
 ```
 8. Run following commands to run the containers:
 ```bash
-docker compose -f docker-compose.<dev/prod>.yml up --build
+docker compose -f docker-compose.<dev/prod>.yml up
 ```
 
 The application is now deployed and the website should be accessible via http (`dev`) or https (`prod`). The images will be automatically updated on each 
 release and the containers restarted accordingly via [Watchtower](https://github.com/containrrr/watchtower).
 
 Note that this also means that it is currently not possible to have multiple Frontend instances deployed that talk to different backend instances.
-To achieve that, the Frontend instances each need to be manually built and deployed with the correct environment variables.
+To achieve that, the Frontend instances each need to be manually built and deployed with the correct environment variables.
+
+## Renewing Certificates
+
+1. ssh into the server, e.g. `ssh [email protected] -i .ssh/bp_server`
+2. free up port 80 by stopping website: `sudo docker-compose -f docker-compose.yml down`
+3. run certbot: ` sudo certbot certonly --nginx -d klinik-dps.de -d www.klinik-dps.de`
+4. kill nginx: `sudo pkill nginx` (yeah it's in a weird state at this point and needs to be killed that way, don't ask me why)
+5. restart website: `sudo docker-compose -f docker-compose.yml up`
+
+If you run into problems:
+
+1. Check if port 80 is in use by something else: `netstat -antp`
+2. Allow http in firewall if necessary: `firewall-cmd --permanent --add-service=http` and `firewall-cmd --reload`
+3. Make sure nginx config is fine (should be located in `/etc/nginx/conf.d`):
+
+```
+server {
+    listen 80;
+    server_name klinik-dps.de www.klinik-dps.de;
+
+    root /usr/share/nginx/html;  # Base directory for web content
+    index index.html;
+
+    location /.well-known/ {
+        try_files $uri $uri/ =404;
+    }
+}
+```