Set up 03-deploy

docs/03-deploy.md

@@ -1,67 +1,49 @@
 # Deploy
 
-## Old instructions
+## Initial deploy
 
-- **Sentry**: Create a project and note down the **DSN**.
-
-Run server start script:
+> When the docker containers are not running yet, copy the compose files and start the containers.
 
 ```sh
-export GITHUB_USER=<user-name-from-step-4>
-export GITHUB_REPO=<repo-name-from-step-4>
-export GITHUB_TOKEN=<github-token-from-step-4>
-export SENTRY_DSN=<sentry-dsn-from-step-4>
-
-echo "GITHUB_USER=$GITHUB_USER" >> deploy/.config
-echo "GITHUB_REPO=$GITHUB_REPO" >> deploy/.config
-mkdir -p ~/.docker
-echo '{
-  "auths": {
-    "ghcr.io": {
-      "auth": "'$(echo -n "$GITHUB_USER:$GITHUB_TOKEN" | base64)'"
-    }
-  }
-}' > ~/.docker/config.json
-echo "N8N_SHORTLINK_SENTRY_DSN=$SENTRY_DSN" >> deploy/.env.production
-
-docker network create n8n-shortlink-network
-deploy/scripts/start-services.sh
+cd infrastructure/03-deploy
+scp -r * n8n-shortlink-infra:~/.n8n-shortlink/deploy/
+
+ssh n8n-shortlink-infra
+docker-compose --file ~/.n8n-shortlink/deploy/docker-compose.monitoring.yml up --detach
+docker-compose --file ~/.n8n-shortlink/deploy/docker-compose.yml --profile production up --detach
 ```
 
-Log in to `https://grafana.domain.com` and set a password for the Grafana admin user.
+Log in to `https://grafana.domain.com` with `admin/admin credentials` and set a new secure password for the Grafana admin user.
 
+## Deploy on release
 
-## Old: Release
+> When the docker containers are already running, release a new version of the image.
 
-Ensure local and remote `master` branches are in sync:
+1. Ensure local and remote `master` branches are in sync:
 
 ```sh
 git fetch origin
 git status
 # -> Your branch is up to date with 'origin/master'.
 ```
 
-Create tag (following semver) and push it:
+2. Create a tag (following semver) and push it to remote:
 
 ```sh
-git tag v1.0.0
-git push origin v1.0.0
+git tag v1.2.3
+git push origin v1.2.3
 ```
 
-Monitor the release on GitHub:
-
-- https://github.com/ivov/n8n-shortlink/actions/workflows/release-on-tag-push.yml
+3. This triggers the [`release` workflow](https://github.com/ivov/n8n-shortlink/actions/workflows/release.yml). On completion, the new image will be [listed](https://github.com/ivov/n8n-shortlink/pkgs/container/n8n-shortlink) on GHCR. Watchtower will discover for the image and deploy it to production. (Watchtower polls every six hours.)
 
-On completion, this release is listed as `latest` on GHCR:
+To prompt Watchtower to check immediately:
 
-- https://github.com/ivov/n8n-shortlink/pkgs/container/n8n-shortlink
+```sh
+ssh n8n-shortlink-infra "docker kill --signal=SIGHUP watchtower"
+```
 
-Deploy the release to production:
+Then wait for Watchtower to pull the new image and start the container:
 
 ```sh
-ssh shortlink_vps
-
-COMPOSE_PROJECT_NAME=n8n_shortlink docker-compose --file deploy/docker-compose.monitoring.yml down
-COMPOSE_PROJECT_NAME=n8n_shortlink docker-compose --file deploy/docker-compose.yml down
-deploy/scripts/start-services.sh
+ssh n8n-shortlink-infra "docker ps | grep n8n-shortlink"
 ```

infrastructure/02-configure/04-app-dir-setup.yml

@@ -4,25 +4,35 @@
   vars:
     app_dir: "{{ ansible_user_dir }}/.n8n-shortlink"
     app_db: "{{ app_dir }}/n8n-shortlink.sqlite"
+    backup_dir: "{{ app_dir }}/backup"
+    deploy_dir: "{{ app_dir }}/deploy"
+
   vars_prompt:
     - name: sentry_dsn
       prompt: Enter Sentry DSN
       private: no
 
   tasks:
-    - name: Create app dir
+    - name: Create required directories
       file:
-        path: "{{ app_dir }}"
+        path: "{{ item }}"
         state: directory
         mode: "0700"
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+      loop:
+        - "{{ app_dir }}"
+        - "{{ deploy_dir }}"
+        - "{{ backup_dir }}"
+        - "{{ ansible_user_dir }}/.aws"
 
     - name: Create empty SQLite database
       shell: "sqlite3 {{ app_db }} ''"
       args:
         creates: "{{ app_db }}" # run `shell` _if and only if_ this file does not yet exist
 
-    - name: Create .env.production file with Sentry DSN
+    - name: Create `.env.production` file
       copy:
-        dest: "{{ app_dir }}/.env.production"
+        dest: "{{ deploy_dir }}/.env.production"
         content: "N8N_SHORTLINK_SENTRY_DSN={{ sentry_dsn }}"
-        mode: "0600"
+        mode: "0600"

infrastructure/02-configure/05-backup-setup.yml

@@ -26,21 +26,6 @@
         state: present
         update_cache: yes
 
-    # ==================================
-    #       backup and aws dirs
-    # ==================================
-
-    - name: Create dirs
-      file:
-        path: "{{ item }}"
-        state: directory
-        mode: "0700"
-        owner: "{{ ansible_user }}"
-        group: "{{ ansible_user }}"
-      loop:
-        - "{{ backup_dir }}"
-        - "{{ ansible_user_dir }}/.aws"
-
     # ==================================
     #         encryption key
     # ==================================

deploy/docker-compose.monitoring.yml → infrastructure/03-deploy/docker-compose.monitoring.yml

@@ -1,3 +1,4 @@
+name: n8n_shortlink_monitoring_compose
 services:
   grafana:
     image: grafana/grafana-oss:latest

deploy/docker-compose.yml → infrastructure/03-deploy/docker-compose.yml

@@ -1,4 +1,4 @@
-name: n8n-shortlink
+name: n8n_shortlink_compose
 services:
   n8n-shortlink: 
     image: ghcr.io/ivov/n8n-shortlink:latest