From 2c54e5eec16bd94e12b2e430ada50c654aa8c494 Mon Sep 17 00:00:00 2001 From: nichenqin Date: Sat, 9 May 2026 08:23:41 +0800 Subject: [PATCH] feat: sync self-host console bootstrap --- README.md | 25 ++++++++++++++++--------- action.yml | 9 +++++++-- scripts/run-deploy.sh | 25 +++++++++++++++++++++++-- 3 files changed, 46 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index f93c481..2679350 100644 --- a/README.md +++ b/README.md @@ -86,18 +86,22 @@ jobs: ssh-user: ${{ secrets.APPALOFT_CONSOLE_SSH_USER }} ssh-private-key: ${{ secrets.APPALOFT_CONSOLE_SSH_PRIVATE_KEY }} console-domain: console.example.com - console-database: pglite + console-database: postgres + console-proxy: traefik console-orchestrator: compose console-skip-docker-install: true ``` The action connects to the SSH host, downloads the matching Appaloft release `install.sh`, runs the self-hosted Docker installer with the selected public console origin and Docker orchestrator, and -verifies `/api/health`. `console-url` may be supplied directly when the public origin is not -`https://`. Set `console-orchestrator: swarm` to deploy the console as a Docker +verifies `/api/health`. The installer defaults to PostgreSQL, direct host access on port `3721`, +and an Appaloft-managed Traefik edge proxy. `console-domain` is passed to the installer as the +Appaloft instance console route. `console-url` may be supplied directly when the public origin is +not `https://`. Set `console-orchestrator: swarm` to deploy the console as a Docker Swarm stack; `console-swarm-init: true` may initialize a single-node Swarm manager when the host is -not already a manager. This command is separate from `deploy`, so the original pure SSH CLI -deployment path remains available. +not already a manager. Use `console-proxy: none` only when another reverse proxy owns public +routing. This command is separate from `deploy`, so the original pure SSH CLI deployment path +remains available. Non-secret console install settings can live in the selected config file. SSH host, SSH key, API tokens, and raw database credentials still come from trusted workflow inputs or secrets. @@ -107,9 +111,11 @@ controlPlane: mode: self-hosted url: https://console.example.com install: - database: pglite + database: postgres + domain: console.example.com + proxy: traefik orchestrator: swarm - httpPort: 3001 + httpPort: 3721 swarmStackName: appaloft-console swarmInit: true ``` @@ -365,10 +371,11 @@ source-link state, or the Appaloft server, not from committed config. | `ssh-private-key-file` | empty | Existing runner-local private key path. Mutually exclusive with `ssh-private-key`. | | `console-url` | empty | Public console origin for `command: install-console`. Defaults to `https://` or `http://:`. | | `console-domain` | empty | Public console domain used to derive `console-url` when `console-url` is empty. | -| `console-database` | config or `pglite` | Self-hosted console database backend for `command: install-console`; `pglite` or `postgres`. | +| `console-database` | config or `postgres` | Self-hosted console database backend for `command: install-console`; `pglite` or `postgres`. | | `console-orchestrator` | config or `compose` | Self-hosted Docker orchestrator for `command: install-console`; `compose` or `swarm`. | +| `console-proxy` | config or `traefik` | Self-hosted console proxy mode for `command: install-console`; `traefik` or `none`. | | `console-http-host` | config or `0.0.0.0` | Host bind address passed to the self-hosted console installer. | -| `console-http-port` | config or `3001` | Host HTTP port passed to the self-hosted console installer. | +| `console-http-port` | config or `3721` | Host HTTP port passed to the self-hosted console installer. | | `console-install-dir` | empty | Remote install directory passed to the self-hosted console installer. Empty uses the installer default. | | `console-compose-project-name` | config or `appaloft` | Docker Compose project name passed to the self-hosted console installer. | | `console-swarm-stack-name` | config or `appaloft` | Docker Swarm stack name passed to the self-hosted console installer. | diff --git a/action.yml b/action.yml index 421a607..7134cfe 100644 --- a/action.yml +++ b/action.yml @@ -51,19 +51,23 @@ inputs: required: false default: "" console-database: - description: Self-hosted console database backend for command=install-console. Defaults to controlPlane.install.database or pglite. + description: Self-hosted console database backend for command=install-console. Defaults to controlPlane.install.database or postgres. required: false default: "" console-orchestrator: description: Self-hosted console Docker orchestrator for command=install-console. Defaults to controlPlane.install.orchestrator or compose. required: false default: "" + console-proxy: + description: Managed self-hosted proxy for command=install-console. Defaults to controlPlane.install.proxy or traefik. + required: false + default: "" console-http-host: description: Host bind address passed to the self-hosted console installer. Defaults to controlPlane.install.httpHost or 0.0.0.0. required: false default: "" console-http-port: - description: Host HTTP port passed to the self-hosted console installer. Defaults to controlPlane.install.httpPort or 3001. + description: Host HTTP port passed to the self-hosted console installer. Defaults to controlPlane.install.httpPort or 3721. required: false default: "" console-install-dir: @@ -250,6 +254,7 @@ runs: INPUT_CONSOLE_DOMAIN: ${{ inputs.console-domain }} INPUT_CONSOLE_DATABASE: ${{ inputs.console-database }} INPUT_CONSOLE_ORCHESTRATOR: ${{ inputs.console-orchestrator }} + INPUT_CONSOLE_PROXY: ${{ inputs.console-proxy }} INPUT_CONSOLE_HTTP_HOST: ${{ inputs.console-http-host }} INPUT_CONSOLE_HTTP_PORT: ${{ inputs.console-http-port }} INPUT_CONSOLE_INSTALL_DIR: ${{ inputs.console-install-dir }} diff --git a/scripts/run-deploy.sh b/scripts/run-deploy.sh index dcaf646..6a62003 100755 --- a/scripts/run-deploy.sh +++ b/scripts/run-deploy.sh @@ -539,6 +539,9 @@ append_step_summary() { if [ "$wrapper_command" = "install-console" ] && [ -n "${console_database:-}" ]; then printf -- '- Database: `%s`\n' "$console_database" fi + if [ "$wrapper_command" = "install-console" ] && [ -n "${console_proxy:-}" ]; then + printf -- '- Proxy: `%s`\n' "$console_proxy" + fi if [ -n "${deployment_id:-}" ]; then if [ -n "${deployment_url:-}" ]; then printf -- '- Deployment: [%s](%s)\n' "$deployment_id" "$deployment_url" @@ -592,6 +595,15 @@ validate_console_install_inputs() { ;; esac + case "$console_proxy" in + traefik|none) + ;; + *) + error "console-proxy must be traefik or none" + exit 1 + ;; + esac + case "$console_http_port" in ''|*[!0-9]*) error "console-http-port must be a positive integer" @@ -637,6 +649,12 @@ run_console_install() { installer_url="$(console_installer_url_for_version "$input_version")" install_args="--version $(shell_quote "$input_version") --web-origin $(shell_quote "$console_url") --database $(shell_quote "$console_database") --orchestrator $(shell_quote "$console_orchestrator") --host $(shell_quote "$console_http_host") --port $(shell_quote "$console_http_port") --image $(shell_quote "$console_image")" + if [ -n "$console_domain" ]; then + install_args="$install_args --domain $(shell_quote "$console_domain")" + fi + if [ -n "$console_proxy" ]; then + install_args="$install_args --proxy $(shell_quote "$console_proxy")" + fi if [ -n "$console_install_dir" ]; then install_args="$install_args --home $(shell_quote "$console_install_dir")" fi @@ -851,6 +869,7 @@ console_url="${INPUT_CONSOLE_URL:-}" console_domain="${INPUT_CONSOLE_DOMAIN:-}" console_database="${INPUT_CONSOLE_DATABASE:-}" console_orchestrator="${INPUT_CONSOLE_ORCHESTRATOR:-}" +console_proxy="${INPUT_CONSOLE_PROXY:-}" console_http_host="${INPUT_CONSOLE_HTTP_HOST:-}" console_http_port="${INPUT_CONSOLE_HTTP_PORT:-}" console_install_dir="${INPUT_CONSOLE_INSTALL_DIR:-}" @@ -897,6 +916,7 @@ if [ -n "$selected_config_path" ] && [ -f "$selected_config_path" ]; then config_console_domain="$(read_control_plane_install_value "$selected_config_path" domain)" config_console_database="$(read_control_plane_install_value "$selected_config_path" database)" config_console_orchestrator="$(read_control_plane_install_value "$selected_config_path" orchestrator)" + config_console_proxy="$(read_control_plane_install_value "$selected_config_path" proxy)" config_console_http_host="$(read_control_plane_install_value "$selected_config_path" httpHost)" config_console_http_port="$(read_control_plane_install_value "$selected_config_path" httpPort)" config_console_install_dir="$(read_control_plane_install_value "$selected_config_path" installDir)" @@ -919,10 +939,11 @@ fi if [ -z "$console_domain" ]; then console_domain="${config_console_domain:-}" fi -console_database="${console_database:-${config_console_database:-pglite}}" +console_database="${console_database:-${config_console_database:-postgres}}" console_orchestrator="${console_orchestrator:-${config_console_orchestrator:-compose}}" +console_proxy="${console_proxy:-${config_console_proxy:-traefik}}" console_http_host="${console_http_host:-${config_console_http_host:-0.0.0.0}}" -console_http_port="${console_http_port:-${config_console_http_port:-3001}}" +console_http_port="${console_http_port:-${config_console_http_port:-3721}}" console_install_dir="${console_install_dir:-${config_console_install_dir:-}}" console_compose_project_name="${console_compose_project_name:-${config_console_compose_project_name:-appaloft}}" console_swarm_stack_name="${console_swarm_stack_name:-${config_console_swarm_stack_name:-appaloft}}"