diff --git a/.github/workflows/update-stage.yml b/.github/workflows/update-stage.yml index 7c54fce..17be867 100644 --- a/.github/workflows/update-stage.yml +++ b/.github/workflows/update-stage.yml @@ -21,32 +21,31 @@ jobs: GF_SMTP_FROM_ADDRESS = ${{ secrets.FROM_ADDRESS }} EOF - - name: Check if containers are running - id: check-container + - name: Check if Caddy containers are running + id: check-caddy-container run: | { echo 'stdout<> "$GITHUB_OUTPUT" - - name: Initialize containers - if: steps.check-container.outputs.stdout == '' + - name: when caddy container down, caddy up + if: steps.check-caddy-container.outputs.stdout == '' run: | docker compose --profile caddy up -d --no-recreate - docker compose --profile log up -d --no-recreate - - - name: Run Docker Compose - run: | - docker compose --profile log up -d - + - name: Copy Caddyfile into Caddy Container + env: + AWS_REQ_IP: ${{ secrets.AWS_NAT_IP }} run: | docker cp ./Caddyfile caddy:/etc/caddy/Caddyfile - + - name: Gracefully reload Caddy run: | docker exec -w /etc/caddy caddy caddy reload - - - name: Remove unused docker storages - run: docker system prune -a -f --volumes \ No newline at end of file + + - name: Run Docker Compose Of Log + run: | + docker compose --profile log up -d + \ No newline at end of file diff --git a/Caddyfile b/Caddyfile index ddffbc1..f4584c5 100644 --- a/Caddyfile +++ b/Caddyfile @@ -1,5 +1,8 @@ grafana.codedang.com { handle /lokiaws/* { + @blocked not remote_ip {$AWS_REQ_IP} + respond @blocked "Forbidden" 403 + uri strip_prefix /lokiaws reverse_proxy 127.0.0.1:3100 }