From b8d33f4f8cbdb6a81f5c4acd4bfeba7e86b77839 Mon Sep 17 00:00:00 2001 From: fahed Date: Mon, 6 Apr 2026 17:59:34 +0300 Subject: [PATCH] feat: deploy Express server via CI/CD with systemd + nginx proxy - Update deploy.yml to rsync server/, install deps, write .env from Gitea secrets, and restart hihala-dashboard.service - Move tsx to regular dependencies for production use - Remove unused SESSION_SECRET from config - Accept PORT env var as fallback for SERVER_PORT Co-Authored-By: Claude Sonnet 4.6 --- .gitea/workflows/deploy.yml | 46 +++++++++++++++++++++++++++++++++---- server/package.json | 4 ++-- server/src/config.ts | 1 - 3 files changed, 43 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index b1f7361..5fc22e3 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -8,11 +8,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - + - uses: actions/setup-node@v4 with: node-version: '20' - + + # --- Frontend --- - name: Build frontend env: VITE_NOCODB_URL: ${{ secrets.VITE_NOCODB_URL }} @@ -21,7 +22,42 @@ jobs: run: | npm ci npm run build - - - name: Deploy to server + + - name: Deploy frontend + run: rsync -a --delete build/ /opt/apps/hihala-dashboard/build/ + + # --- Backend --- + - name: Deploy server + run: rsync -a --delete --exclude='.env' --exclude='node_modules' server/ /opt/apps/hihala-dashboard/server/ + + - name: Install server dependencies + run: cd /opt/apps/hihala-dashboard/server && npm ci + + - name: Write server .env + env: + ADMIN_PIN: ${{ secrets.ADMIN_PIN }} + NOCODB_URL: ${{ secrets.VITE_NOCODB_URL }} + NOCODB_TOKEN: ${{ secrets.VITE_NOCODB_TOKEN }} + NOCODB_BASE_ID: ${{ secrets.VITE_NOCODB_BASE_ID }} + ERP_API_URL: ${{ secrets.ERP_API_URL }} + ERP_API_CODE: ${{ secrets.ERP_API_CODE }} + ERP_USERNAME: ${{ secrets.ERP_USERNAME }} + ERP_PASSWORD: ${{ secrets.ERP_PASSWORD }} + ETL_SECRET: ${{ secrets.ETL_SECRET }} run: | - rsync -a --delete build/ /opt/apps/hihala-dashboard/build/ + cat > /opt/apps/hihala-dashboard/server/.env << EOF + NODE_ENV=production + SERVER_PORT=3002 + ADMIN_PIN=${ADMIN_PIN} + NOCODB_URL=${NOCODB_URL} + NOCODB_TOKEN=${NOCODB_TOKEN} + NOCODB_BASE_ID=${NOCODB_BASE_ID} + ERP_API_URL=${ERP_API_URL} + ERP_API_CODE=${ERP_API_CODE} + ERP_USERNAME=${ERP_USERNAME} + ERP_PASSWORD=${ERP_PASSWORD} + ETL_SECRET=${ETL_SECRET} + EOF + + - name: Restart server service + run: sudo systemctl restart hihala-dashboard.service diff --git a/server/package.json b/server/package.json index ee4ef89..a25f18f 100644 --- a/server/package.json +++ b/server/package.json @@ -13,13 +13,13 @@ "cookie-parser": "^1.4.7", "cors": "^2.8.5", "dotenv": "^16.3.1", - "express": "^4.18.2" + "express": "^4.18.2", + "tsx": "^4.19.0" }, "devDependencies": { "@types/cookie-parser": "^1.4.10", "@types/cors": "^2.8.17", "@types/express": "^4.17.21", - "tsx": "^4.19.0", "typescript": "^5.9.3" } } diff --git a/server/src/config.ts b/server/src/config.ts index d8b5885..57cd9a8 100644 --- a/server/src/config.ts +++ b/server/src/config.ts @@ -36,5 +36,4 @@ export const etl = { export const auth = { adminPin: process.env.ADMIN_PIN || '', - sessionSecret: process.env.SESSION_SECRET || 'hihala-dev-session-secret', };