Initial commit: SFP server deployment template

- GitHub Actions workflow for SFP server deployment with multi-environment support - Comprehensive README with setup instructions and troubleshooting guide - Codacy instructions for code quality checks 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-08 12:36:11 +10:00
commit 4d97fa3033
3 changed files with 385 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,134 @@
+# SFP Server Management Template
+
+GitHub Actions workflow for updating self-hosted SFP server instances.
+
+
+## Prerequisites
+
+- Running SFP server instance ([Installation Guide](https://docs.flxbl.io/running-sfp-as-a-server/installing-sfp-server/))
+- SSH access to your SFP server
+- Access token from `source.flxbl.io` with `read:packages` scope
+- GitHub repository with Actions enabled
+
+## Setup
+
+### 1. Clone This Template
+
+```bash
+# Clone this repository
+git clone  https://source.flxbl.io/flxbl/sfp-server-mangement-template.git
+cd sfp-server-management-template
+
+# Create your own repository and push
+git remote set-url origin https://github.com/your-org/your-sfp-server-management.git
+git push -u origin main
+```
+
+### 2. Configure Repository Secrets
+
+Navigate to your repository's **Settings → Secrets and variables → Actions** and add these secrets:
+
+#### Required Secrets
+
+| Secret Name | Description | Example |
+|-------------|-------------|---------|
+| `GITEA_TOKEN` | Access token from source.flxbl.io | `ghp_xxxxxxxxxxxxxxxxxxxx` |
+| `SSH_PRIVATE_KEY` | Private SSH key for server access | `-----BEGIN OPENSSH PRIVATE KEY-----...` |
+| `SSH_HOST` | Server hostname or IP address | `sfp-server.company.com` |
+| `SSH_USER` | SSH username (typically `ubuntu`) | `ubuntu` |
+| `TENANT_NAME` | Your SFP server tenant name | `company-sfp` |
+
+#### Optional Secrets
+
+| Secret Name | Description | Default |
+|-------------|-------------|---------|
+| `SSH_PORT` | SSH port if not standard | `22` |
+
+### 3. Run Deployment
+
+1. Go to the **Actions** tab in your repository
+2. Click on **"SFP Server Deployment"** workflow  
+3. Click **"Run workflow"**
+4. Optionally specify:
+   - **Image tag**: Specific version to deploy
+   - **CLI version**: SFP CLI version to use
+5. Click **"Run workflow"** to start
+
+## How It Works
+
+The workflow:
+
+1. **Update Process**
+   - Stops the server
+   - Pulls new Docker image
+   - Starts server with new version
+
+2. **Health Check**
+   - Verifies server is running
+   - Confirms service availability
+
+3. **Summary**
+   - Reports deployment status
+
+## Rollback
+
+If deployment fails, SSH to your server and run:
+
+```bash
+# Find the backup directory (latest timestamp)
+ls -t /opt/sfp-backups/
+
+# Rollback to previous version
+BACKUP_DIR=$(ls -t /opt/sfp-backups/ | head -1)
+sfp server stop --tenant your-tenant
+# Restore configuration from backup if needed
+sfp server start --tenant your-tenant --daemon
+```
+
+## Configuration
+
+### Multiple Environments
+
+Set `DEPLOYMENT_ENVIRONMENTS` variable to deploy to multiple environments:
+
+```json
+["staging", "production"]
+```
+
+### Custom CLI Versions
+
+Specify CLI version in workflow input or set default in workflow file.
+
+
+## Troubleshooting
+
+### Deployment Logs
+
+Monitor deployment in **Actions** tab → workflow run → expand steps for logs.
+
+### Common Issues
+
+**SSH Connection Failed**: Verify `SSH_PRIVATE_KEY` secret and public key in server's `~/.ssh/authorized_keys`.
+
+**Authentication Failed**: Verify `GITEA_TOKEN` is valid with `read:packages` scope.
+
+**Health Check Failed**: Check server logs via SSH:
+```bash
+ssh your-user@your-server
+sfp server logs --tenant your-tenant --tail 100
+```
+
+**Version Not Found**: Verify version exists in registry or use `latest`.
+
+## Security
+
+- Use GitHub repository secrets (never commit sensitive data)
+- Regularly rotate SSH keys and access tokens  
+- Use private repositories for server management workflows
+- Restrict SSH access to known IP ranges when possible
+- Enable SSH key-only authentication (disable password auth)
+
+## Documentation
+
+- [SFP Server Installation Guide](https://docs.flxbl.io/running-sfp-as-a-server/installing-sfp-server/)
+- [SFP CLI Reference - Server Commands](https://docs.flxbl.io/cli-reference/server/)