name: Build & Deploy Dashboard on: push: branches: [main] jobs: deploy: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Build Docker image run: | docker build -t digital-home-dashboard:latest . - name: Stop old container run: | docker stop digital-home-dashboard 2>/dev/null || true docker rm digital-home-dashboard 2>/dev/null || true - name: Run new container run: | docker run -d \ --name digital-home-dashboard \ --restart unless-stopped \ --network coolify \ --add-host=host.docker.internal:host-gateway \ -p 3005:3000 \ -e NEXTAUTH_SECRET=digital-home-jwt-secret-2026-cosmo \ -e NEXTAUTH_URL=https://home.digital-home.site \ -e AUTH_TRUST_HOST=true \ -e NODE_ENV=production \ -e GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} \ -e GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }} \ -e GOOGLE_REFRESH_TOKEN=${{ secrets.GOOGLE_REFRESH_TOKEN }} \ -e GOOGLE_CALENDAR_ID=daniilklimov25@gmail.com \ --label 'traefik.enable=true' \ --label 'traefik.http.middlewares.gzip.compress=true' \ --label 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https' \ --label 'traefik.http.routers.http-0-dashboard.entryPoints=http' \ --label 'traefik.http.routers.http-0-dashboard.middlewares=redirect-to-https' \ --label 'traefik.http.routers.http-0-dashboard.rule=Host(`home.digital-home.site`) && PathPrefix(`/`)' \ --label 'traefik.http.routers.https-0-dashboard.entryPoints=https' \ --label 'traefik.http.routers.https-0-dashboard.middlewares=gzip' \ --label 'traefik.http.routers.https-0-dashboard.rule=Host(`home.digital-home.site`) && PathPrefix(`/`)' \ --label 'traefik.http.routers.https-0-dashboard.tls=true' \ --label 'traefik.http.routers.https-0-dashboard.tls.certresolver=letsencrypt' \ --label 'traefik.http.services.dashboard.loadbalancer.server.port=3000' \ digital-home-dashboard:latest - name: Health check run: | sleep 5 curl -sf http://localhost:3005/ -o /dev/null -w "%{http_code}" | grep -E "200|307" echo "✅ Dashboard is up"