CI/CD: webhook receiver + deploy automatico su push

- deploy.sh: git pull, pip install, migrate, collectstatic, restart gunicorn - webhook_receiver.py: HTTP server con verifica HMAC-SHA256 Gitea - olimpic-nastri-webhook.service: systemd unit per il receiver - Nginx: aggiunto proxy /webhook/deploy → porta 9000 - sudoers: restart gunicorn senza password per deploy automatico
2026-04-05 15:02:25 +00:00
parent 312db89a6a
commit 006bb24215
4 changed files with 143 additions and 0 deletions
--- a/deploy.sh
+++ b/deploy.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+# Deploy automatico — Diario Conversazioni Olimpic Nastri
+# Chiamato dal webhook receiver dopo ogni push su main
+
+set -e
+
+PROJECT_DIR="/home/marco/olimpic_nastri"
+VENV="$PROJECT_DIR/nastrivenv/bin"
+LOG="/home/marco/olimpic_nastri/deploy.log"
+
+echo "========================================" >> "$LOG"
+echo "Deploy avviato: $(date '+%Y-%m-%d %H:%M:%S')" >> "$LOG"
+
+cd "$PROJECT_DIR"
+
+# Pull ultime modifiche
+echo "[1/5] Git pull..." >> "$LOG"
+git pull origin main >> "$LOG" 2>&1
+
+# Installa eventuali nuove dipendenze
+echo "[2/5] Pip install..." >> "$LOG"
+"$VENV/pip" install -r requirements.txt --quiet >> "$LOG" 2>&1
+
+# Applica migrazioni database
+echo "[3/5] Migrazioni..." >> "$LOG"
+"$VENV/python" manage.py migrate --noinput >> "$LOG" 2>&1
+
+# Raccoglie file statici
+echo "[4/5] Collectstatic..." >> "$LOG"
+"$VENV/python" manage.py collectstatic --noinput >> "$LOG" 2>&1
+
+# Riavvia Gunicorn
+echo "[5/5] Restart Gunicorn..." >> "$LOG"
+sudo systemctl restart olimpic-nastri-gunicorn.service >> "$LOG" 2>&1
+
+echo "Deploy completato: $(date '+%Y-%m-%d %H:%M:%S')" >> "$LOG"
+echo "========================================" >> "$LOG"