Skip to content
This repository has been archived by the owner on Feb 17, 2024. It is now read-only.

Merge pull request #879 from aosus/renovate/awesometechnologies-synap… #204

Merge pull request #879 from aosus/renovate/awesometechnologies-synap…

Merge pull request #879 from aosus/renovate/awesometechnologies-synap… #204

Workflow file for this run

name: deploy-matrix
on:
push:
paths:
- '.github/workflows/matrix.yml'
- 'matrix/**'
branches: [main]
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
environment:
name: Matrix
url: https://matrix.aosus.org
steps:
- name: checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Tailscale
uses: tailscale/github-action@65cdd9a05d7ebe4ef4e8c70141f5d84e1cd4cab4
with:
oauth-client-id: ${{ secrets.TAILSCALE_CLIENT_ID }}
oauth-secret: ${{ secrets.TAILSCALE_SECRET }}
tags: tag:deploy-ci
hostname: Github-actions
version: ${{ vars.TAILSCALE_VERSION }}
- name: Add secrets to homeserver.yml
env:
MATRIX_TURN_SHARED_SECRET: ${{ secrets.matrix_turn_shared_secret }}
MATRIX_REGISTRATION_SHARED_SECRET: ${{ secrets.matrix_registration_shared_secret }}
MATRIX_MACAROON_SECRET_KEY: ${{ secrets.matrix_macaroon_secret_key }}
MATRIX_FORM_SECRET: ${{ secrets.matrix_form_secret }}
MATRIX_OIDC_ISSUER: ${{ secrets.matrix_oidc_issuer }}
MATRIX_OIDC_CLIENT_ID: ${{ secrets.matrix_oidc_client_id }}
MATRIX_OIDC_CLIENT_SECRET: ${{ secrets.matrix_oidc_client_secret }}
MATRIX_POSTGRES_PASSWORD: ${{ secrets.matrix_postgres_password }}
MATRIX_SMTP_PASS: ${{ secrets.matrix_smtp_pass }}
run: |
sed -i "s|(matrix_turn_shared_secret)|$MATRIX_TURN_SHARED_SECRET|g" $GITHUB_WORKSPACE/matrix/homeserver.yaml
sed -i "s|(matrix_registration_shared_secret)|$MATRIX_REGISTRATION_SHARED_SECRET|g" $GITHUB_WORKSPACE/matrix/homeserver.yaml
sed -i "s|(matrix_macaroon_secret_key)|$MATRIX_MACAROON_SECRET_KEY|g" $GITHUB_WORKSPACE/matrix/homeserver.yaml
sed -i "s|(matrix_oidc_issuer)|$MATRIX_OIDC_ISSUER|g" $GITHUB_WORKSPACE/matrix/homeserver.yaml
sed -i "s|(matrix_oidc_client_id)|$MATRIX_OIDC_CLIENT_ID|g" $GITHUB_WORKSPACE/matrix/homeserver.yaml
sed -i "s|(matrix_oidc_client_secret)|$MATRIX_OIDC_CLIENT_SECRET|g" $GITHUB_WORKSPACE/matrix/homeserver.yaml
sed -i "s|(matrix_postgres_password)|$MATRIX_POSTGRES_PASSWORD|g" $GITHUB_WORKSPACE/matrix/homeserver.yaml
sed -i "s|(matrix_smtp_pass)|$MATRIX_SMTP_PASS|g" $GITHUB_WORKSPACE/matrix/homeserver.yaml
- name: Add secrets to eturnal.yml
env:
MATRIX_TURN_SHARED_SECRET: ${{ secrets.matrix_turn_shared_secret }}
run: |
sed -i "s|(matrix_turn_shared_secret)|$MATRIX_TURN_SHARED_SECRET|g" $GITHUB_WORKSPACE/matrix/eturnal.yml
- name: Add secrets to mautrix-telegram config files
env:
MATRIX_TELEGRAM_AS_TOKEN: ${{ secrets.matrix_telegram_as_token }}
MATRIX_TELEGRAM_HS_TOKEN: ${{ secrets.matrix_telegram_hs_token }}
MATRIX_TELEGRAM_SENDER_LOCALPART: ${{ secrets.matrix_telegram_sender_localpart }}
MATRIX_TELEGRAM_POSTGRES_PASSWORD: ${{ secrets.matrix_telegram_postgres_password }}
MATRIX_TELEGRAM_API_ID: ${{ secrets.matrix_telegram_api_id }}
MATRIX_TELEGRAM_API_HASH: ${{ secrets.matrix_telegram_api_hash }}
MATRIX_TELEGRAM_BOT_TOKEN: ${{ secrets.matrix_telegram_bot_token }}
run: |
sed -i "s|(matrix_telegram_as_token)|$MATRIX_TELEGRAM_AS_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/app-service-registration.yaml
sed -i "s|(matrix_telegram_hs_token)|$MATRIX_TELEGRAM_HS_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/app-service-registration.yaml
sed -i "s|(matrix_telegram_sender_localpart)|$MATRIX_TELEGRAM_SENDER_LOCALPART|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/app-service-registration.yaml
sed -i "s|(matrix_telegram_postgres_password)|$MATRIX_TELEGRAM_POSTGRES_PASSWORD|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/config.yaml
sed -i "s|(matrix_telegram_as_token)|$MATRIX_TELEGRAM_AS_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/config.yaml
sed -i "s|(matrix_telegram_hs_token)|$MATRIX_TELEGRAM_HS_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/config.yaml
sed -i "s|(matrix_telegram_api_id)|$MATRIX_TELEGRAM_API_ID|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/config.yaml
sed -i "s|(matrix_telegram_api_hash)|$MATRIX_TELEGRAM_API_HASH|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/config.yaml
sed -i "s|(matrix_telegram_bot_token)|$MATRIX_TELEGRAM_BOT_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-telegram/config.yaml
- name: Add secrets to mautrix-discord config files
env:
MATRIX_DISCORD_AS_TOKEN: ${{ secrets.matrix_discord_as_token }}
MATRIX_DISCORD_HS_TOKEN: ${{ secrets.matrix_discord_hs_token }}
MATRIX_DISCORD_SENDER_LOCALPART: ${{ secrets.matrix_discord_sender_localpart }}
MATRIX_DISCORD_POSTGRES_PASSWORD: ${{ secrets.matrix_discord_postgres_password }}
run: |
sed -i "s|(matrix_discord_as_token)|$MATRIX_DISCORD_AS_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-discord/app-service-registration.yaml
sed -i "s|(matrix_discord_hs_token)|$MATRIX_DISCORD_HS_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-discord/app-service-registration.yaml
sed -i "s|(matrix_discord_sender_localpart)|$MATRIX_DISCORD_SENDER_LOCALPART|g" $GITHUB_WORKSPACE/matrix/mautrix-discord/app-service-registration.yaml
sed -i "s|(matrix_discord_postgres_password)|$MATRIX_DISCORD_POSTGRES_PASSWORD|g" $GITHUB_WORKSPACE/matrix/mautrix-discord/config.yaml
sed -i "s|(matrix_discord_as_token)|$MATRIX_DISCORD_AS_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-discord/config.yaml
sed -i "s|(matrix_discord_hs_token)|$MATRIX_DISCORD_HS_TOKEN|g" $GITHUB_WORKSPACE/matrix/mautrix-discord/config.yaml
- name: Start Deployment
uses: FarisZR/[email protected]
env:
POSTGRES_PASSWORD: ${{ secrets.matrix_postgres_password }}
MATRIX_TELEGRAM_POSTGRES_PASSWORD: ${{ secrets.matrix_telegram_postgres_password }}
MATRIX_DISCORD_POSTGRES_PASSWORD: ${{ secrets.matrix_discord_postgres_password }}
MATRIX_SIGNING_KEY: ${{ secrets.matrix_signing_key }}
MATRIX_SLIDING_SYNC_POSTGRES_PASSWORD: ${{ secrets.MATRIX_SLIDING_SYNC_POSTGRES_PASSWORD }}
MATRIX_SLIDING_SYNC_POSTGRES_CONNECTION_STRING: ${{ secrets.MATRIX_SLIDING_SYNC_POSTGRES_CONNECTION_STRING }}
MATRIX_SLIDING_SYNC_SECRET: ${{ secrets.MATRIX_SLIDING_SYNC_SECRET }}
with:
remote_docker_host: ${{ secrets.server_address }}
tailscale_ssh: true # no need for manual private and public keys
compose_file_path: matrix/docker-compose.yml
args: -p matrix up -d --remove-orphans
upload_directory: true
docker_compose_directory: matrix