This repository includes a GitHub Actions workflow that automatically builds and deploys the application using Docker Compose.
The workflow uses appleboy/ssh-action and appleboy/scp-action for reliable SSH operations.
To use the CI/CD pipeline, you need to configure the following secrets in your GitHub repository:
Go to: Repository Settings → Secrets and variables → Actions → New repository secret
Add the following secrets:
| Secret Name | Description | Required | Example |
|---|---|---|---|
SSH_PRIVATE_KEY |
Your SSH private key for server access | ✅ Yes | Contents of ~/.ssh/id_rsa |
SSH_USER |
SSH username for the remote server | ✅ Yes | ubuntu or root |
SSH_HOST |
IP address or hostname of your server | ✅ Yes | 192.168.1.100 or example.com |
REMOTE_PROJECT_DIR |
Full path to the project directory on the server | ✅ Yes | /home/ubuntu/REFRAG-SYSTEM |
SSH_PORT |
SSH port (defaults to 22 if not set) | ❌ No | 22 or 2222 |
The workflow performs the following steps:
- Archive Source: Compresses the source code into a
tar.gzfile on the GitHub runnner (excluding.gitand build artifacts). - Transfer: Copies the source archive to your remote server using
appleboy/scp-action. - Deploy & Build: Connects via SSH (
appleboy/ssh-action) to:- Extract the source code in the project directory.
- Run
docker compose downto stop existing containers. - Run
docker compose up -d --buildto build the Docker image on the server and start containers.
This approach minimizes disk usage on the GitHub runner by offloading the build process to your server.
The workflow runs automatically on:
- Push to
mainormasterbranch - Manual trigger via GitHub Actions UI (workflow_dispatch)
Your remote server must have:
- Docker installed
- Docker Compose installed (v2 recommended)
- SSH access configured
- The project directory created at
REMOTE_PROJECT_DIR - A
.envfile in the project directory (if required by your application)
ssh-keygen -t ed25519 -C "github-actions-deploy"ssh-copy-id -i ~/.ssh/id_ed25519.pub user@your-server# Display your private key
cat ~/.ssh/id_ed25519
# Copy the entire output (including BEGIN and END lines) to GitHub Secrets- Make a change to your code
- Commit and push to the main branch
- Go to Actions tab in GitHub to monitor the deployment
- Check your server to verify the application is running
- Verify SSH_PRIVATE_KEY is correctly formatted (includes header/footer)
- Ensure the public key is in
~/.ssh/authorized_keyson the server - Check firewall rules allow SSH connections
- Verify Docker and Docker Compose are installed:
docker --version && docker compose version - Check Docker daemon is running:
sudo systemctl status docker - Ensure user has Docker permissions:
sudo usermod -aG docker $USER
- Check GitHub Actions logs for detailed error messages
- Verify all secrets are correctly configured
- Ensure
.envfile exists on the server if required - Check server disk space:
df -h
If you need to deploy manually:
# SSH into your server
ssh user@your-server
# Navigate to project directory
cd /path/to/REFRAG-SYSTEM
# Pull latest changes (if using git on server)
git pull
# Rebuild and restart
docker compose down
docker compose up -d --build
# Check status
docker compose ps
docker compose logs -f