diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..1f81181 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,41 @@ +name: CI/CD Pipeline + +on: + push: + branches: + - main + +jobs: + build-and-deploy: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Log in to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Build and push Docker image + run: | + docker build -t sachawildcode/projet-poec:latest . + docker push sachawildcode/projet-poec:latest + + - name: Deploy to server + uses: appleboy/ssh-action@v0.1.3 + with: + host: ${{ secrets.SSH_HOST }} + username: ${{ secrets.SSH_USERNAME }} + port: ${{ secrets.SSH_PORT }} + key: ${{ secrets.SSH_PRIVATE_KEY }} + passphrase: ${{ secrets.SSH_PASSPHRASE }} + script: | + docker pull sachawildcode/projet-poec:latest && + docker-compose down && + docker-compose up -d diff --git a/Dockerfile b/Dockerfile index 845dc0a..7e729a6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,10 +11,16 @@ RUN npm install -g pnpm && \ FROM nginx:stable COPY --from=build-stage /app/dist/PROJET-POEC/browser /usr/share/nginx/html -COPY nginx.conf /etc/nginx/conf.d/default.conf +COPY nginx.conf /etc/nginx/nginx.conf # Create a non-root user and use it -RUN adduser -D -H -s /bin/bash nginxuser +RUN groupadd -r nginxuser && useradd -r -g nginxuser nginxuser + +# Create necessary directories and set permissions +RUN mkdir -p /var/cache/nginx/client_temp && \ + chown -R nginxuser:nginxuser /var/cache/nginx + +# Switch to the new user USER nginxuser EXPOSE 80 diff --git a/nginx.conf b/nginx.conf index 60aa534..8f31e38 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,6 +1,22 @@ -server { - listen 80; - server_name localhost; +# nginx.conf +user nginxuser; +pid /var/cache/nginx/nginx.pid; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + sendfile on; + keepalive_timeout 65; + + server { + listen 80; + server_name localhost; + location / { root /usr/share/nginx/html; @@ -8,12 +24,9 @@ server { try_files $uri $uri/ /index.html; } - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - location /health { - return 200; + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; } + } } \ No newline at end of file