diff --git a/.github/workflows/deploy-scripts.yml b/.github/workflows/deploy-scripts.yml index b124876..f822b3d 100644 --- a/.github/workflows/deploy-scripts.yml +++ b/.github/workflows/deploy-scripts.yml @@ -30,29 +30,32 @@ jobs: - name: Upload deployment script to S3 run: | # Upload the main deployment script - aws s3 cp scripts/deploy.sh s3://${{ secrets.S3_BUCKET_NAME }}/icewatch/deploy.sh \ + aws s3 cp scripts/deploy.sh s3://${{ secrets.S3_BUCKET_NAME }}/scripts/deploy.sh \ --acl public-read \ --content-type "text/plain" \ + --cache-control "max-age=300" \ --metadata-directive REPLACE \ --metadata "version=$(git rev-parse --short HEAD),updated=$(date -u +%Y-%m-%dT%H:%M:%SZ)" # Upload systemd service file - aws s3 cp scripts/icewatch.service s3://${{ secrets.S3_BUCKET_NAME }}/icewatch/icewatch.service \ + aws s3 cp scripts/icewatch.service s3://${{ secrets.S3_BUCKET_NAME }}/scripts/icewatch.service \ --acl public-read \ - --content-type "text/plain" + --content-type "text/plain" \ + --cache-control "max-age=3600" # Upload Caddyfile - aws s3 cp scripts/Caddyfile s3://${{ secrets.S3_BUCKET_NAME }}/icewatch/Caddyfile \ + aws s3 cp scripts/Caddyfile s3://${{ secrets.S3_BUCKET_NAME }}/scripts/Caddyfile \ --acl public-read \ - --content-type "text/plain" + --content-type "text/plain" \ + --cache-control "max-age=3600" echo "✅ Scripts uploaded successfully!" - echo "📁 Deploy script URL: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/icewatch/deploy.sh" + echo "📁 Deploy script URL: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh" - name: Update README with current URLs run: | # Update README with current S3 URLs - sed -i "s|curl -sSL.*deploy.sh|curl -sSL https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/icewatch/deploy.sh|g" README.md + sed -i "s|curl -sSL.*deploy.sh|curl -sSL https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh|g" README.md # Check if README was modified if git diff --quiet README.md; then diff --git a/README.md b/README.md index e5c0d85..7ba849e 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,7 @@ PORT=3000 1. **Run the deployment script on your server:** ```bash - curl -sSL https://ice.puremichigan.lol.s3.amazonaws.com/icewatch/deploy.sh | bash + curl -sSL https://ice.puremichigan.lol.s3.amazonaws.com/scripts/deploy.sh | bash ``` 2. **Deploy your application:** diff --git a/s3-bucket-policy.json b/s3-bucket-policy.json new file mode 100644 index 0000000..eab9508 --- /dev/null +++ b/s3-bucket-policy.json @@ -0,0 +1,12 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "PublicReadGetObject", + "Effect": "Allow", + "Principal": "*", + "Action": "s3:GetObject", + "Resource": "arn:aws:s3:::ice.puremichigan.lol/scripts/*" + } + ] +} diff --git a/scripts/deploy.sh b/scripts/deploy.sh index c2ea645..cc2ab3d 100644 --- a/scripts/deploy.sh +++ b/scripts/deploy.sh @@ -38,7 +38,7 @@ sudo useradd --system --shell /bin/false --home /opt/icewatch --create-home icew # Download additional configuration files from S3 echo "📥 Downloading configuration files..." -S3_BASE_URL="https://ice.puremichigan.lol.s3.amazonaws.com/icewatch" +S3_BASE_URL="https://ice.puremichigan.lol.s3.amazonaws.com/scripts" # Download systemd service file echo "📥 Downloading systemd service..."