expand/CCash
1
0
Fork 0
mirror of https://github.com/Expand-sys/CCash synced 2025-12-17 08:32:13 +11:00
Code Issues Projects Releases Packages Wiki Activity Actions
CCash/docs/deploy.md
Luke Bennett 396d95f340 ci: add deploy workflow
2021-06-24 19:16:00 +01:00

3.4 KiB
Raw Blame History

Deploying CCash

CCash can deployed to a remote machine pretty simply.

A pre-built docker image is supplied in the repos GitHub Packages container registry EntireTwix/CCash.

It can be run with docker like so:

docker pull docker.pkg.github.com/entiretwix/ccash/ccash:latest

Build

The CCash repo provides a GitHub Workflow to build, release and publish the docker image in .github/workflows/build.yaml to the GitHub Packages container registry.

You can build and publish your own images using this workflow by forking EntireTwix/CCash.

Deploy

You can deploy this docker image to be run on a remote machine in a few steps. In this case we are using Debian OS running on the Linode cloud provider, but most OS and cloud providers will work, assuming the machine can run an SSH server and Docker.

Similarly, the CCash repo also provides a GitHub Workflow to deploy the latest docker image to a remote machine in .github/workflows/deploy.yaml.

Configure the machine

  1. Create a machine using your chosen cloud provider
  2. Configure DNS to point your chosen domain name to the machines IP address. (Without this, TLS/SSL will not work)
  3. Create an SSH key-pair by running ssh-keygen locally. Make sure you don't set a password
  4. Add the *.pub public key to the servers ~/.ssh/authorized_keys file
  5. Install Docker Engine on the remote machine following official docs
  6. Generate SSL/TLS certificate (Using certbot is recommended)
  7. Configure GitHub secrets for the repo
  • CCASH_SSH_KEY - The private key (not *.pub) created earlier
  • CCASH_DOMAIN - The domain name pointing to the remote machine
  • CCASH_CONFIG_JSON - A config.json file that will be written every deploy (https config cert path should be /ccash/cert and key path should be /ccash/key)
  • CCASH_USERS_JSON - A users.json file that will be written only on first deploy
  • CCASH_ADMIN_PASSWORD - A CCash server admin account password
  • CCASH_SAVE_FREQUENCY - A number representing the frequency to save to users.json (in minutes)
  • CCASH_THREAD_COUNT - A number representing the number of threads to use
  • CCASH_TLS_CERT_PATH - The path to the TLS/SSL certificate on the host machine
  • CCASH_TLS_KEY_PATH - The path to the TLS/SSL key on the host machine
  • CCASH_DEPLOY_TOKEN - A GitHub personal access token, used to trigger the deploy workflow automatically when the build workflow is successful. (Leave empty to disable automatic deploys.)

You are now ready to run the "Deploy" workflow mentioned above. This workflow will SSH in to the CCASH_DOMAIN machine, using the CCASH_SSH_KEY and docker run the latest entiretwix/ccash image, binding to port 80 and 443, setting the appropriate volumes and environment variables.

Run curl https://$CCASH_DOMAIN/BankF/ping to verify that the server has been deployed correctly.