feat: add admin login auth + fix root redirect to console #12

Workflow file for this run

	name: Deploy to Azure VM

	on:
	push:
	branches: [ main ]
	workflow_dispatch:
	inputs:
	domain:
	description: '自定义域名（留空则自动生成 nip.io 域名）'
	required: false
	default: ''

	env:
	REGISTRY: ghcr.io
	IMAGE_PREFIX: ghcr.io/kaneliu120/lead-mining-system

	jobs:
	# ── 构建并推送镜像到 GitHub Container Registry ──────────────────────────────
	build-and-push:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Log in to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build & Push lead-miner
	uses: docker/build-push-action@v5
	with:
	context: ./lead-mining-engine
	file: ./lead-mining-engine/Dockerfile
	push: true
	tags: ${{ env.IMAGE_PREFIX }}/lead-miner:latest
	cache-from: type=gha
	cache-to: type=gha,mode=max

	- name: Build & Push sales-outreach
	uses: docker/build-push-action@v5
	with:
	context: ./sales-outreach-engine
	file: ./sales-outreach-engine/Dockerfile
	push: true
	tags: ${{ env.IMAGE_PREFIX }}/sales-outreach:latest
	cache-from: type=gha
	cache-to: type=gha,mode=max

	# ── SSH 部署到 Azure VM ────────────────────────────────────────────────────
	deploy:
	runs-on: ubuntu-latest
	needs: build-and-push

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Deploy via SSH
	uses: appleboy/ssh-action@v1.0.3
	with:
	host: ${{ secrets.VM_HOST }}
	username: ${{ secrets.VM_USER }}
	key: ${{ secrets.VM_SSH_KEY }}
	script: \|
	# 进入项目目录（首次部署时 git clone，已存在但非 git 仓库则修复）
	if [ ! -d "/opt/lead-mining-system/.git" ]; then
	if [ -d "/opt/lead-mining-system" ]; then
	cp /opt/lead-mining-system/.env /tmp/lead-mining-backup.env 2>/dev/null \|\| true
	sudo rm -rf /opt/lead-mining-system
	fi
	sudo git clone https://github.com/kaneliu120/lead-mining-system.git /opt/lead-mining-system
	sudo chown -R $USER:$USER /opt/lead-mining-system
	[ -f /tmp/lead-mining-backup.env ] && cp /tmp/lead-mining-backup.env /opt/lead-mining-system/.env
	fi

	cd /opt/lead-mining-system
	git pull origin main

	# 登录 GHCR
	echo "${{ secrets.GITHUB_TOKEN }}" \| docker login ghcr.io -u kaneliu120 --password-stdin

	# 拉取最新镜像
	docker pull ghcr.io/kaneliu120/lead-mining-system/lead-miner:latest
	docker pull ghcr.io/kaneliu120/lead-mining-system/sales-outreach:latest

	# 用生产配置（预构建镜像）零停机滚动重启
	docker compose -f docker-compose.prod.yml pull lead-miner sales-outreach
	docker compose -f docker-compose.prod.yml up -d postgres chromadb
	sleep 15
	docker compose -f docker-compose.prod.yml up -d lead-miner
	sleep 10
	docker compose -f docker-compose.prod.yml up -d sales-outreach n8n

	# 启动 nginx（HTTP 模式，等待 SSL 脚本处理）
	docker compose -f docker-compose.prod.yml up -d nginx certbot

	# 清理旧镜像
	docker image prune -f

	- name: Setup domain & SSL
	uses: appleboy/ssh-action@v1.0.3
	with:
	host: ${{ secrets.VM_HOST }}
	username: ${{ secrets.VM_USER }}
	key: ${{ secrets.VM_SSH_KEY }}
	script: \|
	cd /opt/lead-mining-system

	# workflow_dispatch 可传入自定义域名，默认使用 myskillstore.run
	CUSTOM_DOMAIN="${{ github.event.inputs.domain }}"
	TARGET_DOMAIN="${CUSTOM_DOMAIN:-myskillstore.run}"
	bash scripts/setup-ssl.sh "$TARGET_DOMAIN"

	- name: Import n8n workflows
	uses: appleboy/ssh-action@v1.0.3
	with:
	host: ${{ secrets.VM_HOST }}
	username: ${{ secrets.VM_USER }}
	key: ${{ secrets.VM_SSH_KEY }}
	script: \|
	cd /opt/lead-mining-system
	# 等待 n8n 就绪后导入工作流
	sleep 20
	bash import_n8n_workflows.sh \|\| true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: add admin login auth + fix root redirect to console #12

Workflow file

feat: add admin login auth + fix root redirect to console #12

Uh oh!

Workflow file for this run