fix docker compose prod

.github/workflows/production_deploy.yaml

@@ -85,11 +85,96 @@ jobs:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
       - name: Build and push Docker image for Production
-        if: github.ref == 'refs/heads/master'
         uses: docker/build-push-action@v5
         with:
           context: .
           file: infra/prod/prod.Dockerfile
           push: true
           tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+  deploy:
+    name: Deploy changes on server
+    runs-on: ubuntu-latest
+    environment:
+      name: stage_deploy
+    needs: [pytest, code_style_pep8, build_and_push]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          ref: dev
+
+      - name: Set up SSH
+        run: |
+          mkdir -p ~/.ssh
+          chmod 700 ~/.ssh
+          ssh-keyscan -H ${{ secrets.HOST }} > ~/.ssh/known_hosts
+          chmod 644 ~/.ssh/known_hosts
+          echo "${{ secrets.TEST_RSA_SECRET_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+      - name: Create folder for deploy
+        run: ssh -vvv ${{ secrets.USERNAME }}@${{ secrets.HOST }} mkdir -p ${{ env.DEPLOY_PATH }}/infra
+
+      - name: Copy dev folder to VPS
+        run: |
+          scp -r $GITHUB_WORKSPACE/infra/prod/ ${{ secrets.USERNAME }}@${{ secrets.HOST }}:${{ env.DEPLOY_PATH }}/infra/
+          scp -r $GITHUB_WORKSPACE/infra/nginx/ ${{ secrets.USERNAME }}@${{ secrets.HOST }}:${{ env.DEPLOY_PATH }}/infra/
+
+      - name: Execute commands on VPS
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.TEST_RSA_SECRET_KEY }}
+          script: |
+            cd ${{ env.DEPLOY_PATH }}
+            rm .env
+            touch .env
+
+            echo HOST=${{ secrets.HOST }} >> .env
+            echo PORT=${{ secrets.PORT }} >> .env
+            echo IMAGE_COMPOSE=${{ secrets.IMAGE_COMPOSE }} >> .env
+            echo ST=${{ secrets.ST }} >> .env
+
+            echo SECRET_KEY=${{ secrets.SECRET_KEY }} >> .env
+            echo DEBUG=${{ secrets.DEBUG }} >> .env
+            echo ALLOWED_HOSTS=${{ secrets.ALLOWED_HOSTS }} >> .env
+            echo CSRF_TRUSTED_ORIGINS=${{ secrets.CSRF_TRUSTED_ORIGINS }} >> .env
+
+            echo DB_ENGINE=${{ secrets.DB_ENGINE }} >> .env
+            echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} >> .env
+            echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env
+            echo POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} >> .env
+            echo DB_HOST=${{ secrets.DB_HOST }} >> .env
+            echo DB_PORT=${{ secrets.DB_PORT }} >> .env
+
+            echo EMAIL_BACKEND=${{ secrets.EMAIL_BACKEND }} >> .env
+            echo EMAIL_HOST=${{ secrets.EMAIL_HOST }} >> .env
+            echo EMAIL_PORT=${{ secrets.EMAIL_PORT }} >> .env
+            echo EMAIL_HOST_USER=${{ secrets.EMAIL_HOST_USER }} >> .env
+            echo EMAIL_HOST_PASSWORD=${{ secrets.EMAIL_HOST_PASSWORD }} >> .env
+            echo EMAIL_USE_TLS=${{ secrets.EMAIL_USE_TLS }} >> .env
+
+            # TODO Добавить копирование переменных с конфигами для Celery и Redis
+
+            cd infra/prod/
+            sudo systemctl stop adaptive_hockey_federation.service
+            docker system prune --force
+
+            # Installing defend service for app
+            sudo cp -f /home/production/adaptive_hockey_federation/infra/prod/adaptive_hockey_federation.service /etc/systemd/system/adaptive_hockey_federation.service
+            sudo systemctl daemon-reload
+            sudo systemctl start adaptive_hockey_federation.service
+
+            sudo systemctl is-active --quiet adaptive_hockey_federation.service
+            until [ $? -eq 0 ]; do
+              echo "Waiting for adaptive_hockey_federation.service to be active..."
+              sleep 5
+              sudo systemctl is-active --quiet adaptive_hockey_federation.service
+            done
+
+            echo "adaptive_hockey_federation.service is active"
+
+            docker exec adaptive_hockey_federation python manage.py collectstatic --noinput
+            docker exec adaptive_hockey_federation python manage.py migrate

infra/nginx/nginx_prod.conf

@@ -0,0 +1,34 @@
+server{
+    listen 80;
+    listen [::]:80;
+    server_name _;
+    return 308 https://$host$request_uri;
+}
+
+server{
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name ${HOST};
+    include /config/nginx/ssl.conf;
+    location / {
+        proxy_pass http://site:8000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    location /admin/ {
+        proxy_pass http://site:8000/admin/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    location /media/ {
+        root /var/html/;
+    }
+
+    location /static/ {
+        root /var/html/;
+    }
+}