Last active
August 29, 2019 13:21
-
-
Save karl-gustav/e2e48250e7ff68f7681069bc0f0cce00 to your computer and use it in GitHub Desktop.
Makefile for deploying with password environment variables on remote ssh server (and 8080->80, 4443->443 port forwarding)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SSH_SERVER=45.46.47.48 | |
| PROJECT_NAME=some-power | |
| EXECUTABLE=some_power | |
| ENV_FILE=.env_file | |
| build: | |
| GOOS=linux GOARCH=amd64 go build -o $(EXECUTABLE) . | |
| deploy: build | |
| $(eval IS_SUITE_PASSWORD := $(shell gopass api/some_more_power/password)) | |
| $(eval SMS_PASSWORD := $(shell gopass api/sms_service/password)) | |
| @tar czf - $(EXECUTABLE) | ssh $(SSH_SERVER) 'echo ≫ Backing up old executable...\ | |
| && test -f /srv/$(PROJECT_NAME)/$(EXECUTABLE)\ | |
| && mv /srv/$(PROJECT_NAME)/$(EXECUTABLE){,.old}\ | |
| && echo ≫ Extracting into /srv/$(PROJECT_NAME)/...\ | |
| ; tar xzf - -C /srv/$(PROJECT_NAME)/\ | |
| && echo ≫ Generating environment file...\ | |
| && echo "IS_SUITE_PASSWORD=$(IS_SUITE_PASSWORD)" > /srv/$(PROJECT_NAME)/$(ENV_FILE)\ | |
| && echo "SMS_PASSWORD=$(SMS_PASSWORD)" >> /srv/$(PROJECT_NAME)/$(ENV_FILE)\ | |
| && echo ≫ Restarting service...\ | |
| && sudo service $(PROJECT_NAME) restart\ | |
| && echo ≫ Checking status...\ | |
| && sudo service $(PROJECT_NAME) status\ | |
| && echo ≫ Done' | |
| rm -f $(EXECUTABLE) | |
| setup-server: | |
| @ssh $(SSH_SERVER) 'echo ≫ Making directory\ | |
| && sudo mkdir -p /srv/$(PROJECT_NAME)/\ | |
| && cd /srv/$(PROJECT_NAME)\ | |
| && echo ≫ Setting permissions\ | |
| && sudo chown -R $$(id -u):$$(id -g) /srv/$(PROJECT_NAME)/\ | |
| && echo ≫ Add port forwarding 8080 --\> 80\ | |
| && sudo iptables -t nat -C PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 2>/dev/null\ | |
| && echo Already exists, skipping...\ | |
| || sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080\ | |
| && echo ≫ Add port forwarding 4443 --\> 443\ | |
| && sudo iptables -t nat -C PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 4443 2>/dev/null\ | |
| && echo Already exists, skipping...\ | |
| || sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 4443\ | |
| && echo "[Unit]" > $(PROJECT_NAME).service\ | |
| && echo "Description=$(PROJECT_NAME)" >> $(PROJECT_NAME).service\ | |
| && echo "" >> $(PROJECT_NAME).service\ | |
| && echo "[Service]" >> $(PROJECT_NAME).service\ | |
| && echo "Type=simple" >> $(PROJECT_NAME).service\ | |
| && echo "WorkingDirectory=/srv/$(PROJECT_NAME)/" >> $(PROJECT_NAME).service\ | |
| && echo "EnvironmentFile=/srv/$(PROJECT_NAME)/$(ENV_FILE)" >> $(PROJECT_NAME).service\ | |
| && echo "ExecStart=/srv/$(PROJECT_NAME)/$(EXECUTABLE)" >> $(PROJECT_NAME).service\ | |
| && echo "Restart=always" >> $(PROJECT_NAME).service\ | |
| && echo "RestartSec=5" >> $(PROJECT_NAME).service\ | |
| && echo "" >> $(PROJECT_NAME).service\ | |
| && echo "[Install]" >> $(PROJECT_NAME).service\ | |
| && echo "WantedBy=multi-user.target" >> $(PROJECT_NAME).service\ | |
| && echo ≫ Enabling service\ | |
| && sudo systemctl enable /srv/$(PROJECT_NAME)/$(PROJECT_NAME).service\ | |
| && sudo systemctl daemon-reload\ | |
| && echo ≫ Done' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment