Simple deploy using docker compose and reproxy

deploy_compose.yml

# NOTE: github actions at ./.github/workflows/ folder
# NOTE: generate ssh keypair at server, put pub key into authorized_keys at server and private key as SERVER github secrets
name: 'Build docker image, run tests and deploy'

on:
  push:

jobs:
  build:
    name: Deploy docker-compose.prod.yml
    runs-on: ubuntu-latest
    steps:
      - name: Check out the repo
        uses: actions/checkout@v3

      - name: Build Docker image
        run: |
          docker build --target production \
                        --tag app:${{ github.sha }} \
                        --tag app:latest \
                        .

      - name: Run rspec tests
        run: |
          touch .env
          docker compose run -e RAILS_ENV=test \
                             -e RACK_ENV=test \
                             app bundle exec rspec

      - name: Rebuild docker image at production docker-compose.prod.yml
        if: ${{ github.ref == 'refs/heads/main' &&  contains(github.event.head_commit.message, 'rebuild') }}
        uses: appleboy/[email protected]
        with:
          host: server_ip_or_hostname
          username: username
          key: ${{ secrets.SERVER_KEY }}
          port: 22
          script: |
            cd ~/app
            git pull
            docker compose -f docker-compose.prod.yml build app

      - name: Deploy docker-compose.prod.yml
        if: ${{ github.ref == 'refs/heads/main' }}
        uses: appleboy/[email protected]
        with:
          host: server_ip_or_hostname
          username: username
          key: ${{ secrets.SERVER_KEY }}
          port: 22
          script: |
            cd ~/app
            git pull
            docker compose -f docker-compose.prod.yml restart app

docker-compose.prod.yml

services:
  app:
    image: app-prod
    container_name: app
    build:
      context: .
      dockerfile: Dockerfile
      target: production
    depends_on:
      - postgres
      - redis
    env_file:
      - .docker.env
      - .env
    tty: true
    stdin_open: true
    volumes:
      - .:/app
      - data:/app/public/storage:c
      - bundle:/usr/local/bundle:c
    command: bin/prod-start.sh

  redis:
    image: redis
    container_name: app-redis-prod
    volumes:
      - redis:/data:delegated
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 1s
      timeout: 3s
      retries: 30
    entrypoint: redis-server --appendonly yes
    restart: always

  postgres:
    image: postgres:14.0
    container_name: postgres-prod
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_HOST: 0.0.0.0
    volumes:
      - postgres:/var/lib/postgresql/data:cached
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -h postgres -U postgres"]
      interval: 10s
      timeout: 5s
      retries: 5

  reproxy:
    container_name: reproxy-prod
    image: umputun/reproxy
    ports:
      - 80:8080
      - 443:8443
    environment:
      SSL_TYPE: auto
      SSL_ACME_FQDN: domain.com
      SSL_ACME_LOCATION: /srv/var/acme
      SSL_ACME_EMAIL: [email protected]
      FILE_ENABLED: true
      DEBUG: false
    volumes:
      - ./reproxy.conf:/srv/reproxy.yml
      - certs:/srv/var/acme

volumes:
  node_modules:
  redis:
  data:
  postgres:
  bundle:
  certs:
  cache:
  assets:

prod-start.sh

#!/usr/bin/env sh

set +x pipefail

bundle check || bundle install

bundle exec rake db:create db:migrate
bundle exec rake seed:migrate
bundle exec rails assets:precompile

bundle exec puma -C config/puma.rb

reproxy.conf

domain.com:
  - { route: "^/(.*)", dest: "http://app:3000/$1" }