update dev server to debian

Makefile

@@ -131,7 +131,7 @@ terraform:
 	terraform -chdir=iac/terraform $(PARAMS)
 
 ansible:
-	ansible-playbook -i iac/ansible/inventory.ini iac/ansible/playbook-alpine.yml $(PARAMS)
+	ansible-playbook -i iac/ansible/inventory.ini iac/ansible/playbook-debian.yml $(PARAMS)
 
 # docker build|docker push|docker clean
 docker:

README.MD

@@ -113,6 +113,35 @@ make run node
 ```
 It has another default folder `/srv/web` - root WordPress folder. Use `cd` command to go to your theme and run any command.
 
+## CI/CD Deployments
+Use GitHub Actions, GitLab CI/CD or other pipelines.
+
+1. Add secrets variables to repo options:
+
+- `SSH_KEY` - Private key that used for servers access. Do not forget to add public key from this pair to `~/authorized_keys` file on servers (use `make ansible` command for this)
+- `SSH_CONFIG_DEV` - SSH config for develop server with address, port, user, etc. See the example
+- `SSH_CONFIG_STAGE` - Same for staging
+- `SSH_CONFIG_PROD` - SSH config for production server
+
+SSH config example:
+```conf
+Host *
+   IdentitiesOnly yes
+   StrictHostKeyChecking no
+
+Host ssh_alias
+  HostName starter-kit.io
+  User serverusername
+  Port 22
+
+Host github.com
+   HostName github.com
+   User git
+```
+
+2. Check CI/CD jobs config file, use `.github` for GitHub Actions
+3. Push some changes to deployment branch and check pipelines logs
+
 ## Production Launch with HTTPS
 
 1. Place your certificate files in `./config/nginx/ssl/` with the names `<your-app-domain.com>.crt` and `<your-app-domain.com>.key`.

iac/ansible/inventory.ini

@@ -2,7 +2,7 @@
 develop.starter-kit.io ansible_user=ubuntu
 
 [development2]
-develop2.starter-kit.io ansible_user=alpine
+develop2.starter-kit.io ansible_user=admin
 
 [staging]
 staging.starter-kit.io ansible_user=ubuntu

iac/ansible/pllaybook-debian.yml → iac/ansible/playbook-debian.yml

@@ -1,7 +1,6 @@
-- name: Install Docker with docker compose plugin on Ubuntu Server
+- name: Install Docker with docker compose plugin on Debian/Ubuntu Server
   hosts:
-    - development
-    - production
+    - development2
   become: yes
   tasks:
     - name: Update apt cache
@@ -14,21 +13,19 @@
         name: "{{ packages }}"
       vars:
         packages:
-          - apt-transport-https
           - ca-certificates
           - curl
-          - gnupg-agent
-          - software-properties-common
+          - gnupg
           - make
 
     - name: Add Docker’s official GPG key
       apt_key:
-        url: https://download.docker.com/linux/ubuntu/gpg
+        url: https://download.docker.com/linux/debian/gpg
         state: present
 
     - name: Set up the stable repository
       apt_repository:
-        repo: deb [arch=arm64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
+        repo: "deb [arch=arm64] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
         state: present
 
     - name: Install Docker Engine

iac/terraform/instances.tf

@@ -1,6 +1,6 @@
 # Create an EC2 instances
 resource "aws_instance" "develop-server" {
-  ami                    = "ami-0fc02b454efabb390" # Ubuntu Server 22.04 LTS (HVM) 64-bit (Arm), SSD Volume Type
+  ami                    = "ami-0fc02b454efabb390" # Ubuntu Server 22.04 LTS (HVM) 64-bit (Arm), SSD Volume Type, user 'ubuntu', become 'sudo'
   instance_type          = "t4g.micro"
   vpc_security_group_ids = [aws_security_group.allow_http_s.id, aws_security_group.allow_ssh.id]
   key_name               = aws_key_pair.deploy.key_name
@@ -17,7 +17,8 @@ resource "aws_instance" "develop-server" {
 }
 
 resource "aws_instance" "develop2-server" {
-  ami                    = "ami-01c3c86584374c23b" # alpine-3.19.1-aarch64-uefi-cloudinit-r0 64-bit (Arm), SSD Volume Type
+  //ami                    = "ami-01c3c86584374c23b" # alpine-3.19.1-aarch64-uefi-cloudinit-r0 64-bit (Arm), SSD Volume Type, user 'alpine', become 'doas'
+  ami                    = "ami-04bd057ffbd865312" # Debian 12 (HVM), SSD Volume Type, user 'admin', become 'sudo'
   instance_type          = "t4g.nano"
   vpc_security_group_ids = [aws_security_group.allow_http_s.id, aws_security_group.allow_ssh.id]
   key_name               = aws_key_pair.deploy.key_name
@@ -50,7 +51,7 @@ resource "aws_instance" "develop2-server" {
   }
 }*/
 
-output "develop_ip_addr" {
+output "develop2_ip_addr" {
   value = aws_instance.develop2-server.public_ip
 }