Implement infrastructure and workflows

.github/workflows/prod.yml

@@ -0,0 +1,79 @@
+name: Deploy To Prod
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+
+
+jobs:
+  build:
+    environment: prod
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js
+      uses: actions/setup-node@v1
+      with:
+        node-version: 20.x
+    - run: yarn install --frozen-lockfile
+    - run: yarn build
+    - run: yarn test
+
+    - name: RSync to Prod Server
+      uses: D3rHase/rsync-deploy-action@v0.2
+      with:
+        HOST: ${{ secrets.SSH_HOST }}
+        PORT: ${{ secrets.SSH_PORT }}
+        USER: ${{ secrets.SSH_USER }}
+        PRIVATE_SSH_KEY: ${{ secrets.SSH_KEY }}
+        REPOSITORY_PATH: ${{ secrets.SSH_REPO_PATH }}
+        SERVER_PATH: ${{ secrets.SSH_SERVER_PATH }}
+
+  deploy:
+    environment: prod
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - uses: appleboy/ssh-action@v1.0.0
+      env:
+        DB_NAME: ${{ secrets.DB_NAME }}
+        DB_AUTH_USER: ${{ secrets.DB_AUTH_USER }}
+        DB_AUTH_PASS: ${{ secrets.DB_AUTH_PASS }}
+        DB_HOST: ${{ secrets.DB_HOST }}
+        DB_PORT: ${{ secrets.DB_PORT }}
+        DB_ROOT_HOST: ${{ secrets.DB_ROOT_HOST }}
+        DB_SYNC: ${{ secrets.DB_SYNC }}
+        DB_LOGGING: ${{ secrets.DB_LOGGING }}
+        DB_DATA_LOCATION: ${{ secrets.DB_DATA_LOCATION }}
+        DB_CARD_FILE: ${{ secrets.DB_CARD_FILE }}
+        BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
+        BOT_VER: ${{ vars.BOT_VER }}
+        BOT_AUTHOR: ${{ vars.BOT_AUTHOR }}
+        BOT_OWNERID: ${{ vars.BOT_OWNERID }}
+        BOT_CLIENTID: ${{ vars.BOT_CLIENTID }}
+        ABOUT_FUNDING: ${{ vars.ABOUT_FUNDING }}
+        ABOUT_REPO: ${{ vars.ABOUT_REPO }}
+        DATA_DIR: ${{ secrets.DATA_DIR }}
+        EXPRESS_PORT: ${{ secrets.EXPRESS_PORT }}
+        GDRIVESYNC_AUTO: ${{ vars.GDRIVESYNC_AUTO }}
+        BOT_ADMINS: ${{ vars.BOT_ADMINS }}
+        BOT_ENV: ${{ vars.BOT_ENV }}
+      with:
+        host: ${{ secrets.SSH_HOST }}
+        username: ${{ secrets.SSH_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        port: ${{ secrets.SSH_PORT }}
+        envs: DB_NAME,DB_AUTH_USER,DB_AUTH_PASS,DB_HOST,DB_PORT,DB_ROOT_HOST,DB_CARD_FILE,DB_SYNC,DB_LOGGING,DB_DATA_LOCATION,BOT_TOKEN,BOT_VER,BOT_AUTHOR,BOT_OWNERID,BOT_CLIENTID,ABOUT_FUNDING,ABOUT_REPO,DATA_DIR,EXPRESS_PORT,GDRIVESYNC_AUTO,BOT_ADMINS,BOT_ENV
+        script: |
+          cd ${{ secrets.SSH_SERVER_PATH }} \
+          && docker compose down \
+          && (pm2 stop carddrop_prod || true) \
+          && (pm2 delete carddrop_prod || true) \
+          && docker compose up -d \
+          && sleep 10 \
+          && yarn run db:up \
+          && pm2 start --name carddrop_prod dist/bot.js

.github/workflows/stage.yml

@@ -0,0 +1,78 @@
+name: Deploy To Stage
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - develop
+
+jobs:
+  build:
+    environment: stage
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+    - name: Use Node.js
+      uses: actions/setup-node@v3
+      with:
+        node-version: 20.x
+    - run: yarn install --frozen-lockfile
+    - run: yarn build
+    - run: yarn test
+
+    - name: RSync to Stage Server
+      uses: D3rHase/rsync-deploy-action@v0.2
+      with:
+        HOST: ${{ secrets.SSH_HOST }}
+        PORT: ${{ secrets.SSH_PORT }}
+        USER: ${{ secrets.SSH_USER }}
+        PRIVATE_SSH_KEY: ${{ secrets.SSH_KEY }}
+        REPOSITORY_PATH: ${{ secrets.SSH_REPO_PATH }}
+        SERVER_PATH: ${{ secrets.SSH_SERVER_PATH }}
+
+  deploy:
+    environment: stage
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - uses: appleboy/ssh-action@v1.0.0
+      env:
+        DB_NAME: ${{ secrets.DB_NAME }}
+        DB_AUTH_USER: ${{ secrets.DB_AUTH_USER }}
+        DB_AUTH_PASS: ${{ secrets.DB_AUTH_PASS }}
+        DB_HOST: ${{ secrets.DB_HOST }}
+        DB_PORT: ${{ secrets.DB_PORT }}
+        DB_ROOT_HOST: ${{ secrets.DB_ROOT_HOST }}
+        DB_SYNC: ${{ secrets.DB_SYNC }}
+        DB_LOGGING: ${{ secrets.DB_LOGGING }}
+        DB_DATA_LOCATION: ${{ secrets.DB_DATA_LOCATION }}
+        DB_CARD_FILE: ${{ secrets.DB_CARD_FILE }}
+        BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
+        BOT_VER: ${{ vars.BOT_VER }}
+        BOT_AUTHOR: ${{ vars.BOT_AUTHOR }}
+        BOT_OWNERID: ${{ vars.BOT_OWNERID }}
+        BOT_CLIENTID: ${{ vars.BOT_CLIENTID }}
+        ABOUT_FUNDING: ${{ vars.ABOUT_FUNDING }}
+        ABOUT_REPO: ${{ vars.ABOUT_REPO }}
+        DATA_DIR: ${{ secrets.DATA_DIR }}
+        EXPRESS_PORT: ${{ secrets.EXPRESS_PORT }}
+        GDRIVESYNC_AUTO: ${{ vars.GDRIVESYNC_AUTO }}
+        BOT_ADMINS: ${{ vars.BOT_ADMINS }}
+        BOT_ENV: ${{ vars.BOT_ENV }}
+      with:
+        host: ${{ secrets.SSH_HOST }}
+        username: ${{ secrets.SSH_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        port: ${{ secrets.SSH_PORT }}
+        envs: DB_NAME,DB_AUTH_USER,DB_AUTH_PASS,DB_HOST,DB_PORT,DB_ROOT_HOST,DB_CARD_FILE,DB_SYNC,DB_LOGGING,DB_DATA_LOCATION,BOT_TOKEN,BOT_VER,BOT_AUTHOR,BOT_OWNERID,BOT_CLIENTID,ABOUT_FUNDING,ABOUT_REPO,DATA_DIR,EXPRESS_PORT,GDRIVESYNC_AUTO,BOT_ADMINS,BOT_ENV
+        script: |
+          cd ${{ secrets.SSH_SERVER_PATH }} \
+          && docker compose down \
+          && (pm2 stop carddrop_stage || true) \
+          && (pm2 delete carddrop_stage || true) \
+          && docker compose up -d \
+          && sleep 10 \
+          && yarn run db:up \
+          && pm2 start --name carddrop_stage dist/bot.js

.github/workflows/test.yml

@@ -0,0 +1,23 @@
+name: Test
+
+on:
+  push:
+    branches:
+      - feature/*
+      - hotfix/*
+      - renovate/*
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js
+      uses: actions/setup-node@v1
+      with:
+        node-version: 20.x
+    - run: yarn install --frozen-lockfile
+    - run: yarn build
+    - run: yarn test

.gitignore

@@ -103,6 +103,12 @@ dist
 # TernJS port file
 .tern-port
 
+# Terraform files
+.terraform
+*.tfvars
+*.tfstate.*
+s3key
+
 config.json
 .DS_Store
 ormconfig.json

infrastructure/cloud-config.yml

@@ -0,0 +1,46 @@
+#cloud-config
+
+users:
+  - default
+  - name: vylpes
+    primary-group: vylpes
+    shell: /bin/bash
+    groups: users, docker, sudo
+    ssh-authorized-keys:
+      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIExjBL5StgItBG853s9ffDmdLEzssj8l2p1RdfhoT/vU vylpes@Ethans-Mac-mini.lan
+    sudo: ['ALL=(ALL) NOPASSWD:ALL']
+
+apt:
+  sources:
+    docker.list:
+      source: deb [arch=amd64] https://download.docker.com/linux/debian $RELEASE stable
+      keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
+    nodejs.list:
+      source: deb [signed-by=$KEY_FILE] https://deb.nodesource.com/node_18.x $RELEASE main
+      keyid: 9FD3B784BC1C6FC31A8A0A1C1655A0AB68576280
+
+packages:
+  - git
+  - rclone
+  - rsync
+  - docker-ce
+  - docker-ce-cli
+  - containerd.io
+  - docker-buildx-plugin
+  - docker-compose-plugin
+  - nodejs
+  - npm
+  - python3
+  - python3-pip
+
+runcmd:
+  - ufw limit ssh
+  - ufw enable
+  - npm install -g yarn pm2
+  - git clone https://github.com/timothymiller/cloudflare-ddns.git /home/vylpes/ddns
+  - cp /home/vylpes/ddns/config-example.json /home/vylpes/ddns/config.json
+  - chown -R vylpes:vylpes /home/vylpes/ddns
+  - chmod +x /home/vylpes/ddns/start-sync.sh
+  - echo "*/15 * * * * /home/vylpes/ddns/start-sync.sh" > /home/vylpes/COPY-TO-CRONTAB.txt
+  - mkdir /home/vylpes/app && chown -R vylpes:vylpes /home/vylpes/app
+  - mkdir /home/vylpes/data && chown -R vylpes:vylpes /home/vylpes/data

infrastructure/main.tf

@@ -0,0 +1,37 @@
+# Providers
+terraform {
+  required_providers {
+    vultr = {
+        source = "vultr/vultr"
+        version = "2.16.1"
+    }
+  }
+}
+
+provider "vultr" {
+  api_key = var.VULTR_API_KEY
+  rate_limit = 100
+  retry_limit = 3
+}
+
+# Resources
+resource "vultr_instance" "vps-app" {
+    label = "vps-${var.INSTANCE_NAME}-${var.INSTANCE_ENV}-${var.INSTANCE_LOCATION}-app"
+    hostname = "vps-${var.INSTANCE_NAME}-${var.INSTANCE_ENV}-${var.INSTANCE_LOCATION}-app"
+    plan = "vc2-1c-1gb"
+    region = var.INSTANCE_LOCATION
+    os_id = "2136"
+    enable_ipv6 = false
+    user_data = file("./cloud-config.yml")
+    backups = "enabled"
+    backups_schedule {
+      type = "daily"
+      hour = 1
+    }
+    activation_email = false
+}
+
+# Outputs
+output "instance_ip" {
+    value = vultr_instance.vps-app.main_ip
+}

infrastructure/variables.tf

@@ -0,0 +1,17 @@
+variable "VULTR_API_KEY" {
+  description = "The Vultr API Key"
+}
+
+variable "INSTANCE_NAME" {
+  description = "The name of the project this instance is for"
+}
+
+variable "INSTANCE_ENV" {
+  description = "The environment this project will be running"
+  default = "prod"
+}
+
+variable "INSTANCE_LOCATION" {
+  description = "The location all instances will be generated in"
+  default = "lhr"
+}