gitadmin/sass-imobiliaria
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
sass-imobiliaria/.forgejo/workflows
History
MatheusAlves96 caf541d750
Some checks failed
CI/CD → Deploy via SSH / Build & Push Docker Images (push) Failing after 30s
Details
CI/CD → Deploy via SSH / Deploy via SSH (push) Has been skipped
Details
CI/CD → Deploy via SSH / Validate HTTPS & Endpoints (push) Has been skipped
Details
ci: use dind container for build, alpine+ssh for deploy, fix runner label
2026-04-21 00:49:05 -03:00
..
deploy.yml ci: use dind container for build, alpine+ssh for deploy, fix runner label 2026-04-21 00:49:05 -03:00
README.md ci: replace portainer webhook with ssh deploy (portainer free) 2026-04-21 00:09:30 -03:00

README.md

CI/CD Pipeline — SaaS Imobiliária

Fluxo

push main → Build images → Push registry → SSH no servidor → docker compose up → Health checks HTTPS

Configurar no Forgejo (Settings → Secrets & Variables)

Secrets

Secret Descrição
REGISTRY_USER Usuário do registry (ex: gitadmin)
REGISTRY_PASSWORD Senha ou token do registry
SSH_PRIVATE_KEY Chave privada SSH para acessar o servidor
POSTGRES_DB Nome do banco de dados
POSTGRES_USER Usuário do PostgreSQL
POSTGRES_PASSWORD Senha do PostgreSQL
SECRET_KEY Flask SECRET_KEY
JWT_SECRET_KEY Chave JWT (mín. 32 chars)

Variables

Variable Exemplo
REGISTRY git.matheussouza.com.br/gitadmin
DOMAIN imobiliaria.matheussouza.com.br
SSH_HOST IP ou hostname do servidor
SSH_USER Usuário SSH (ex: root ou deploy)
SSH_PORT Porta SSH (padrão: 22)

Gerar chave SSH para o deploy

No seu computador:

ssh-keygen -t ed25519 -C "forgejo-deploy" -f ~/.ssh/forgejo_deploy -N ""
  • Conteúdo de ~/.ssh/forgejo_deploy → cole em SSH_PRIVATE_KEY (secret)
  • Conteúdo de ~/.ssh/forgejo_deploy.pub → adicione em ~/.ssh/authorized_keys no servidor

Pré-requisitos no servidor

  1. Docker + Docker Compose instalados
  2. Rede Traefik criada: 
    docker network create traefik-public
  3. Traefik rodando com entrypoints web (80), websecure (443) e certresolver letsencrypt
  4. Usuário SSH com permissão para rodar docker

Traefik — configuração mínima

# /opt/traefik/traefik.yml
entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"

certificatesResolvers:
  letsencrypt:
    acme:
      email: seu@email.com
      storage: /letsencrypt/acme.json
      httpChallenge:
        entryPoint: web

providers:
  docker:
    exposedByDefault: false
    network: traefik-public