# ────────────────────────────────────────────────────────────────────────────── # CrowdSec Admin — Gitea Actions CI/CD # # Triggers on push to main. Runner builds image + brings stack up via docker # compose on the host. Image stays local (no registry push), same pattern as # flight-radar. # # PREREQUISITES (one-time): # 1. Host LAPI machine registered: # sudo cscli machines add crowdsec-admin --password '' # 2. Repo secrets set in Gitea → Settings → Secrets: # LAPI_MACHINE_ID=crowdsec-admin # LAPI_MACHINE_PASSWORD= # 3. DNS: crowdsec.domverse-berlin.eu → host IP. # 4. Authentik wildcard forward_domain already covers *.domverse-berlin.eu. # ────────────────────────────────────────────────────────────────────────────── name: Deploy on: push: branches: - main workflow_dispatch: env: COMPOSE_PROJECT: crowdsec-admin COMPOSE_FILE: docker-compose.yml jobs: deploy: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Write .env for compose run: | cat > .env <