diff --git a/Dockerfile b/Dockerfile index af2e951..5683d8b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:latest # Install NGINX and tools -RUN apk add --no-cache nginx nginx-mod-http-brotli nginx-mod-http-headers-more bind-tools openssl curl certbot +RUN apk add --no-cache nginx nginx-mod-http-brotli nginx-mod-http-headers-more bind-tools openssl curl certbot git # Copy custom config COPY nginx.conf /etc/nginx/nginx.conf diff --git a/docker-compose.yml b/docker-compose.yml index 1996f71..94a2cb1 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -54,6 +54,7 @@ services: - nginx_logs:/var/log/nginx - ./certbot/conf:/etc/letsencrypt - ./certbot/www:/var/www/certbot + - ./:/opt/repo extra_hosts: - "host.docker.internal:host-gateway" - "server-254:10.10.253.254" diff --git a/scripts/git_sync.sh b/scripts/git_sync.sh new file mode 100644 index 0000000..24e476f --- /dev/null +++ b/scripts/git_sync.sh @@ -0,0 +1,55 @@ +#!/bin/sh +# ============================================================================== +# SCRIPT: git_sync.sh +# AUTHOR: Gemini (Automated) +# PURPOSE: Pull latest changes from git and reload Nginx if successful +# CRON: Scheduled in pre-flight.sh +# ============================================================================== + +REPO_DIR="/opt/repo" +# URL Encoded Password for 'o3!VV3H6qBg^rucv2UvF6mdK$NWyNj@3' +# ! = %21, ^ = %5E, $ = %24, @ = %40 +GIT_USER="gitea-deploy" +GIT_PASS="o3%21VV3H6qBg%5Erucv2UvF6mdK%24NWyNj%403" +GIT_REPO="git.itguys.com.br/joao.goncalves/NgixProxy_Pathfinder.git" +BRANCH="producao" +GIT_URL="https://${GIT_USER}:${GIT_PASS}@${GIT_REPO}" + +echo "[Git-Sync] $(date): Starting sync process..." + +if [ ! -d "$REPO_DIR" ]; then + echo "[Git-Sync] ERROR: Repository directory $REPO_DIR does not exist." + exit 1 +fi + +# Trust the directory (fix for 'dubious ownership' in container) +git config --global --add safe.directory "$REPO_DIR" + +cd "$REPO_DIR" + +# Fetch and Pull +OUTPUT=$(git pull "$GIT_URL" "$BRANCH" 2>&1) +EXIT_CODE=$? + +echo "[Git-Sync] Output: $OUTPUT" + +if [ $EXIT_CODE -ne 0 ]; then + echo "[Git-Sync] ERROR: Git pull failed." + exit $EXIT_CODE +fi + +if echo "$OUTPUT" | grep -q "Already up to date"; then + echo "[Git-Sync] No changes detected." + exit 0 +else + echo "[Git-Sync] Changes detected. Validating Nginx config..." + + if nginx -t; then + echo "[Git-Sync] Configuration valid. Reloading Nginx..." + nginx -s reload + echo "[Git-Sync] Reload successful." + else + echo "[Git-Sync] CRITICAL: Nginx configuration test failed! Not reloading." + exit 1 + fi +fi diff --git a/scripts/pre-flight.sh b/scripts/pre-flight.sh index 2cea9ec..37a4cba 100644 --- a/scripts/pre-flight.sh +++ b/scripts/pre-flight.sh @@ -35,7 +35,9 @@ echo "[Pre-Flight] Running SSL renewal check..." /scripts/renew_ssl.sh # Setup Daily Cron for Renewal (run at 01:00) -echo "0 1 * * * /scripts/renew_ssl.sh >> /var/log/nginx/ssl_renew.log 2>&1" > /etc/crontabs/root +# Sync Git Repo every 5 minutes +echo "*/5 * * * * /scripts/git_sync.sh >> /var/log/nginx/git_sync.log 2>&1" >> /etc/crontabs/root + # Start Crond in background crond -b -l 8