xiaoquan/rent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d26a9595d341ff4fd8426ac72e0261c979149a07
rent/deploy/docker/WEBHOOK_SETUP.md
T
xiaoquan c243300670 feat: 添加 Webhook 部署方案 
## 新增文件
- deploy/scripts/deploy.sh - 自动化部署脚本
- deploy/docker/WEBHOOK_SETUP.md - Webhook 配置完整指南

## 方案说明
放弃使用 Gitea Runner(Docker 容器环境限制太多)
改用 Webhook 直接在宿主机上执行部署脚本

## 工作流程
1. git push 触发 Gitea Webhook
2. Webhook 服务调用 deploy.sh
3. 脚本自动 git pull + docker-compose build + up

## 优点
- 简单可靠,不依赖容器环境
- 直接在宿主机执行,有完整的 Docker 访问权限
- 容易调试和维护
- 支持两种 Webhook 方式:webhook 工具或 PHP 脚本

## 配置方式
详见 WEBHOOK_SETUP.md 文档

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-10 18:05:05 +08:00

5.5 KiB
Raw Blame History

Webhook 部署方案

由于 Gitea Runner 容器环境限制,采用更简单可靠的 Webhook 方式触发部署。

🚀 配置步骤

第一步:在服务器上配置部署脚本

SSH 登录服务器后执行:

# 1. 克隆代码(如果还没有)
cd /www/dk_project/dk_app
git clone https://gitea.pinzhuhui.com/xiaoquan/rent.git
cd rent

# 2. 配置 Git 凭证
git config credential.helper store
git pull origin test  # 输入用户名和 Gitea Token

# 3. 赋予部署脚本执行权限
chmod +x deploy/scripts/deploy.sh

# 4. 创建环境变量文件
cat > /root/.env.test << 'EOF'
export TEST_DB_PASSWORD="your_password"
export TEST_JWT_SECRET="your_jwt_secret"
export ENCRYPTION_KEY="your_encryption_key"
EOF

cat > /root/.env.prod << 'EOF'
export PROD_DB_PASSWORD="your_password"
export PROD_JWT_SECRET="your_jwt_secret"
export ENCRYPTION_KEY="your_encryption_key"
EOF

# 5. 测试部署脚本
/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh test

第二步:配置 Webhook 服务

方法1:使用 webhook (推荐)

# 安装 webhook
cd /root
wget https://github.com/adnanh/webhook/releases/download/2.8.1/webhook-linux-amd64.tar.gz
tar -xzf webhook-linux-amd64.tar.gz
mv webhook-linux-amd64/webhook /usr/local/bin/
chmod +x /usr/local/bin/webhook

# 创建 webhook 配置
mkdir -p /root/webhooks
cat > /root/webhooks/hooks.json << 'EOF'
[
  {
    "id": "rent-deploy-test",
    "execute-command": "/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh",
    "command-working-directory": "/www/dk_project/dk_app/rent",
    "pass-arguments-to-command": [
      {
        "source": "string",
        "name": "test"
      }
    ],
    "trigger-rule": {
      "and": [
        {
          "match": {
            "type": "payload-hash-sha256",
            "secret": "your-webhook-secret",
            "parameter": {
              "source": "header",
              "name": "X-Gitea-Signature"
            }
          }
        },
        {
          "match": {
            "type": "value",
            "value": "refs/heads/test",
            "parameter": {
              "source": "payload",
              "name": "ref"
            }
          }
        }
      ]
    }
  },
  {
    "id": "rent-deploy-prod",
    "execute-command": "/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh",
    "command-working-directory": "/www/dk_project/dk_app/rent",
    "pass-arguments-to-command": [
      {
        "source": "string",
        "name": "prod"
      }
    ],
    "trigger-rule": {
      "and": [
        {
          "match": {
            "type": "payload-hash-sha256",
            "secret": "your-webhook-secret",
            "parameter": {
              "source": "header",
              "name": "X-Gitea-Signature"
            }
          }
        },
        {
          "match": {
            "type": "value",
            "value": "refs/heads/prod",
            "parameter": {
              "source": "payload",
              "name": "ref"
            }
          }
        }
      ]
    }
  }
]
EOF

# 启动 webhook 服务
nohup webhook -hooks /root/webhooks/hooks.json -verbose -port 9000 > /root/webhooks/webhook.log 2>&1 &

# 设置开机自启
cat > /etc/systemd/system/webhook.service << 'EOF'
[Unit]
Description=Webhook Service
After=network.target

[Service]
Type=simple
User=root
ExecStart=/usr/local/bin/webhook -hooks /root/webhooks/hooks.json -verbose -port 9000
Restart=always

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable webhook
systemctl start webhook

方法2:使用简单的 PHP 脚本(如果有宝塔面板)

在宝塔面板创建一个站点,添加 webhook.php

<?php
// webhook.php
$secret = 'your-webhook-secret';
$branch = $_POST['ref'] ?? '';

// 验证签名
$signature = $_SERVER['HTTP_X_GITEA_SIGNATURE'] ?? '';
$payload = file_get_contents('php://input');
$expected = hash_hmac('sha256', $payload, $secret);

if (!hash_equals($expected, $signature)) {
    http_response_code(403);
    die('Invalid signature');
}

// 执行部署
if ($branch === 'refs/heads/test') {
    $output = shell_exec('/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh test 2>&1');
} elseif ($branch === 'refs/heads/prod') {
    $output = shell_exec('/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh prod 2>&1');
} else {
    http_response_code(400);
    die('Unknown branch');
}

echo $output;
?>

第三步:在 Gitea 中配置 Webhook

  1. 登录 Gitea
  2. 进入仓库 → Settings → Webhooks
  3. 点击 "添加 Webhook" → "Gitea"
  4. 配置:
    • 目标 URL:
      • webhook 方式:http://your-server:9000/hooks/rent-deploy-test
      • PHP 方式:http://your-server/webhook.php
    • HTTP 方法: POST
    • POST Content Type: application/json
    • 密钥: your-webhook-secret(与上面配置的一致)
    • 触发条件: 勾选 "推送事件"
    • 分支过滤: testprod
  5. 点击 "添加 Webhook"
  6. 点击 "测试推送" 验证

🔄 工作流程

1. git push origin test
   ↓
2. Gitea 触发 Webhook
   ↓
3. Webhook 服务调用 deploy.sh
   ↓
4. 脚本自动:
   - git pull 更新代码
   - docker-compose build 构建
   - docker-compose up 部署
   ↓
5. 完成!

🔍 查看日志

webhook 方式

tail -f /root/webhooks/webhook.log

手动测试

/www/dk_project/dk_app/rent/deploy/scripts/deploy.sh test

优点

  • 不依赖 Runner 容器
  • 直接在宿主机执行
  • 简单可靠
  • 容易调试

维护者:开发团队
最后更新2026-06-10

Reference in New Issue View Git Blame Copy Permalink