Add GitHub Actions workflow for S3 deployment

- Automated deployment script upload to public S3 bucket - Uses GitHub OIDC for secure AWS authentication - Updates README with current S3 URLs automatically - Enables deployment from private repository - Uploads systemd service and Caddyfile configurations
2025-07-02 23:56:18 -04:00 · 2025-07-02 23:56:18 -04:00 · 08a8ded5f9
commit 08a8ded5f9
parent 5af83966d6
3 changed files with 115 additions and 7 deletions
--- a/scripts/deploy.sh
+++ b/scripts/deploy.sh
@ -32,10 +32,51 @@ sudo chown $USER:$USER /opt/icewatch
 # Navigate to app directory
 cd /opt/icewatch

+# Create icewatch user for security
+echo "👤 Creating icewatch user..."
+sudo useradd --system --shell /bin/false --home /opt/icewatch --create-home icewatch
+
+# Download additional configuration files from S3
+echo "📥 Downloading configuration files..."
+S3_BASE_URL="https://your-bucket-name.s3.amazonaws.com/icewatch"
+
+# Download systemd service file
+echo "📥 Downloading systemd service..."
+curl -sSL "$S3_BASE_URL/icewatch.service" | sudo tee /etc/systemd/system/icewatch.service > /dev/null
+
+# Download Caddyfile template
+echo "📥 Downloading Caddy configuration..."
+curl -sSL "$S3_BASE_URL/Caddyfile" | sudo tee /etc/caddy/Caddyfile.template > /dev/null
+
 echo "✅ Server setup complete!"
-echo "Next steps:"
-echo "1. Upload your app files to /opt/icewatch"
-echo "2. Run: npm install"
-echo "3. Configure your .env file"
-echo "4. Set up systemd service"
-echo "5. Configure Caddy"
+echo ""
+echo "🚀 Next steps to deploy ICE Watch:"
+echo ""
+echo "1. Clone your repository:"
+echo "   git clone https://github.com/yourusername/icewatch.git /opt/icewatch"
+echo ""
+echo "2. Set up the application:"
+echo "   cd /opt/icewatch"
+echo "   npm install"
+echo "   cp .env.example .env"
+echo "   nano .env  # Add your MapBox token and admin password"
+echo ""
+echo "3. Configure domain in Caddyfile:"
+echo "   sudo nano /etc/caddy/Caddyfile.template"
+echo "   # Replace 'yourdomain.com' with your actual domain"
+echo "   sudo mv /etc/caddy/Caddyfile.template /etc/caddy/Caddyfile"
+echo ""
+echo "4. Set permissions:"
+echo "   sudo chown -R icewatch:icewatch /opt/icewatch"
+echo "   sudo chmod 660 /opt/icewatch/.env"
+echo ""
+echo "5. Start services:"
+echo "   sudo systemctl daemon-reload"
+echo "   sudo systemctl enable icewatch caddy"
+echo "   sudo systemctl start icewatch caddy"
+echo ""
+echo "6. Check status:"
+echo "   sudo systemctl status icewatch"
+echo "   sudo systemctl status caddy"
+echo ""
+echo "🌐 Your ICE Watch app will be available at: https://yourdomain.com"