Add config file and private roles (#32) #105
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to Server | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Create SSH key | |
run: | | |
mkdir -p ~/.ssh/ | |
echo "$SSH_PRIVATE_KEY" | base64 -d > ../private.key | |
sudo chmod 600 ../private.key | |
echo "$SSH_KNOWN_HOSTS" | base64 -d > ~/.ssh/known_hosts | |
shell: bash | |
env: | |
SSH_PRIVATE_KEY: ${{secrets.SSH_PRIVATE_KEY}} | |
SSH_KNOWN_HOSTS: ${{secrets.SSH_KNOWN_HOSTS}} | |
SSH_KEY_PATH: ${{ github.workspace }}/../private.key | |
- name: Check out repository code | |
uses: actions/checkout@v2 | |
- name: Install OpenVPN | |
run: | | |
sudo apt update | |
sudo apt install openvpn openvpn-systemd-resolved | |
- name: Connect to OpenVPN server | |
run: | | |
echo "$OPENVPN_CONFIG" > ~/vpn.ovpn | |
sudo openvpn --config ~/vpn.ovpn --log "vpn.log" --daemon | |
sleep 15 | |
env: | |
OPENVPN_CONFIG: ${{ secrets.OPENVPN_CONFIG }} | |
- name: Redeploy pwnybot | |
run: | | |
cat deploy.sh | ssh -i $SSH_KEY_PATH "$SERVER_USER@$SERVER_IP" | |
shell: bash | |
env: | |
VPN_PASSWORD: ${{secrets.VPN_PASSWORD}} | |
VPN_USERNAME: ${{secrets.VPN_USERNAME}} | |
SSH_KEY_PATH: ${{ github.workspace }}/../private.key | |
SERVER_USER: ${{ secrets.SERVER_USER }} | |
SERVER_IP: ${{ secrets.SERVER_IP }} | |
- name: Kill VPN connection | |
if: always() | |
run: | | |
sudo chmod 777 vpn.log | |
sudo killall openvpn |