xiaoquan
c243300670
## 新增文件 - deploy/scripts/deploy.sh - 自动化部署脚本 - deploy/docker/WEBHOOK_SETUP.md - Webhook 配置完整指南 ## 方案说明 放弃使用 Gitea Runner(Docker 容器环境限制太多) 改用 Webhook 直接在宿主机上执行部署脚本 ## 工作流程 1. git push 触发 Gitea Webhook 2. Webhook 服务调用 deploy.sh 3. 脚本自动 git pull + docker-compose build + up ## 优点 - 简单可靠,不依赖容器环境 - 直接在宿主机执行,有完整的 Docker 访问权限 - 容易调试和维护 - 支持两种 Webhook 方式:webhook 工具或 PHP 脚本 ## 配置方式 详见 WEBHOOK_SETUP.md 文档 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
5.5 KiB
5.5 KiB
Webhook 部署方案
由于 Gitea Runner 容器环境限制,采用更简单可靠的 Webhook 方式触发部署。
🚀 配置步骤
第一步:在服务器上配置部署脚本
SSH 登录服务器后执行:
# 1. 克隆代码(如果还没有)
cd /www/dk_project/dk_app
git clone https://gitea.pinzhuhui.com/xiaoquan/rent.git
cd rent
# 2. 配置 Git 凭证
git config credential.helper store
git pull origin test # 输入用户名和 Gitea Token
# 3. 赋予部署脚本执行权限
chmod +x deploy/scripts/deploy.sh
# 4. 创建环境变量文件
cat > /root/.env.test << 'EOF'
export TEST_DB_PASSWORD="your_password"
export TEST_JWT_SECRET="your_jwt_secret"
export ENCRYPTION_KEY="your_encryption_key"
EOF
cat > /root/.env.prod << 'EOF'
export PROD_DB_PASSWORD="your_password"
export PROD_JWT_SECRET="your_jwt_secret"
export ENCRYPTION_KEY="your_encryption_key"
EOF
# 5. 测试部署脚本
/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh test
第二步:配置 Webhook 服务
方法1:使用 webhook (推荐)
# 安装 webhook
cd /root
wget https://github.com/adnanh/webhook/releases/download/2.8.1/webhook-linux-amd64.tar.gz
tar -xzf webhook-linux-amd64.tar.gz
mv webhook-linux-amd64/webhook /usr/local/bin/
chmod +x /usr/local/bin/webhook
# 创建 webhook 配置
mkdir -p /root/webhooks
cat > /root/webhooks/hooks.json << 'EOF'
[
{
"id": "rent-deploy-test",
"execute-command": "/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh",
"command-working-directory": "/www/dk_project/dk_app/rent",
"pass-arguments-to-command": [
{
"source": "string",
"name": "test"
}
],
"trigger-rule": {
"and": [
{
"match": {
"type": "payload-hash-sha256",
"secret": "your-webhook-secret",
"parameter": {
"source": "header",
"name": "X-Gitea-Signature"
}
}
},
{
"match": {
"type": "value",
"value": "refs/heads/test",
"parameter": {
"source": "payload",
"name": "ref"
}
}
}
]
}
},
{
"id": "rent-deploy-prod",
"execute-command": "/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh",
"command-working-directory": "/www/dk_project/dk_app/rent",
"pass-arguments-to-command": [
{
"source": "string",
"name": "prod"
}
],
"trigger-rule": {
"and": [
{
"match": {
"type": "payload-hash-sha256",
"secret": "your-webhook-secret",
"parameter": {
"source": "header",
"name": "X-Gitea-Signature"
}
}
},
{
"match": {
"type": "value",
"value": "refs/heads/prod",
"parameter": {
"source": "payload",
"name": "ref"
}
}
}
]
}
}
]
EOF
# 启动 webhook 服务
nohup webhook -hooks /root/webhooks/hooks.json -verbose -port 9000 > /root/webhooks/webhook.log 2>&1 &
# 设置开机自启
cat > /etc/systemd/system/webhook.service << 'EOF'
[Unit]
Description=Webhook Service
After=network.target
[Service]
Type=simple
User=root
ExecStart=/usr/local/bin/webhook -hooks /root/webhooks/hooks.json -verbose -port 9000
Restart=always
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable webhook
systemctl start webhook
方法2:使用简单的 PHP 脚本(如果有宝塔面板)
在宝塔面板创建一个站点,添加 webhook.php:
<?php
// webhook.php
$secret = 'your-webhook-secret';
$branch = $_POST['ref'] ?? '';
// 验证签名
$signature = $_SERVER['HTTP_X_GITEA_SIGNATURE'] ?? '';
$payload = file_get_contents('php://input');
$expected = hash_hmac('sha256', $payload, $secret);
if (!hash_equals($expected, $signature)) {
http_response_code(403);
die('Invalid signature');
}
// 执行部署
if ($branch === 'refs/heads/test') {
$output = shell_exec('/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh test 2>&1');
} elseif ($branch === 'refs/heads/prod') {
$output = shell_exec('/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh prod 2>&1');
} else {
http_response_code(400);
die('Unknown branch');
}
echo $output;
?>
第三步:在 Gitea 中配置 Webhook
- 登录 Gitea
- 进入仓库 → Settings → Webhooks
- 点击 "添加 Webhook" → "Gitea"
- 配置:
- 目标 URL:
- webhook 方式:
http://your-server:9000/hooks/rent-deploy-test - PHP 方式:
http://your-server/webhook.php
- webhook 方式:
- HTTP 方法: POST
- POST Content Type: application/json
- 密钥:
your-webhook-secret(与上面配置的一致) - 触发条件: 勾选 "推送事件"
- 分支过滤:
test或prod
- 目标 URL:
- 点击 "添加 Webhook"
- 点击 "测试推送" 验证
🔄 工作流程
1. git push origin test
↓
2. Gitea 触发 Webhook
↓
3. Webhook 服务调用 deploy.sh
↓
4. 脚本自动:
- git pull 更新代码
- docker-compose build 构建
- docker-compose up 部署
↓
5. 完成!
🔍 查看日志
webhook 方式
tail -f /root/webhooks/webhook.log
手动测试
/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh test
✅ 优点
- ✅ 不依赖 Runner 容器
- ✅ 直接在宿主机执行
- ✅ 简单可靠
- ✅ 容易调试
维护者:开发团队
最后更新:2026-06-10