# SFP Server Management Template GitHub Actions workflow for updating self-hosted SFP server instances. ## Prerequisites - Running SFP server instance ([Installation Guide](https://docs.flxbl.io/running-sfp-as-a-server/installing-sfp-server/)) - SSH access to your SFP server - Access token from `source.flxbl.io` with `read:packages` scope - GitHub repository with Actions enabled ## Setup ### 1. Clone This Template ```bash # Clone this repository git clone https://source.flxbl.io/flxbl/sfp-server-mangement-template.git cd sfp-server-management-template # Create your own repository and push git remote set-url origin https://github.com/your-org/your-sfp-server-management.git git push -u origin main ``` ### 2. Configure Repository Secrets Navigate to your repository's **Settings → Secrets and variables → Actions** and add these secrets: #### Required Secrets | Secret Name | Description | Example | |-------------|-------------|---------| | `GITEA_TOKEN` | Access token from source.flxbl.io | `ghp_xxxxxxxxxxxxxxxxxxxx` | | `SSH_PRIVATE_KEY` | Private SSH key for server access | `-----BEGIN OPENSSH PRIVATE KEY-----...` | | `SSH_HOST` | Server hostname or IP address | `sfp-server.company.com` | | `SSH_USER` | SSH username (typically `ubuntu`) | `ubuntu` | | `TENANT_NAME` | Your SFP server tenant name | `company-sfp` | #### Optional Secrets | Secret Name | Description | Default | |-------------|-------------|---------| | `SSH_PORT` | SSH port if not standard | `22` | ### 3. Run Deployment 1. Go to the **Actions** tab in your repository 2. Click on **"SFP Server Deployment"** workflow 3. Click **"Run workflow"** 4. Optionally specify: - **Image tag**: Specific version to deploy - **CLI version**: SFP CLI version to use 5. Click **"Run workflow"** to start ## How It Works The workflow: 1. **Update Process** - Stops the server - Pulls new Docker image - Starts server with new version 2. **Health Check** - Verifies server is running - Confirms service availability 3. **Summary** - Reports deployment status ## Rollback If deployment fails, SSH to your server and run: ```bash # Find the backup directory (latest timestamp) ls -t /opt/sfp-backups/ # Rollback to previous version BACKUP_DIR=$(ls -t /opt/sfp-backups/ | head -1) sfp server stop --tenant your-tenant # Restore configuration from backup if needed sfp server start --tenant your-tenant --daemon ``` ## Configuration ### Multiple Environments Set `DEPLOYMENT_ENVIRONMENTS` variable to deploy to multiple environments: ```json ["staging", "production"] ``` ### Custom CLI Versions Specify CLI version in workflow input or set default in workflow file. ## Troubleshooting ### Deployment Logs Monitor deployment in **Actions** tab → workflow run → expand steps for logs. ### Common Issues **SSH Connection Failed**: Verify `SSH_PRIVATE_KEY` secret and public key in server's `~/.ssh/authorized_keys`. **Authentication Failed**: Verify `GITEA_TOKEN` is valid with `read:packages` scope. **Health Check Failed**: Check server logs via SSH: ```bash ssh your-user@your-server sfp server logs --tenant your-tenant --tail 100 ``` **Version Not Found**: Verify version exists in registry or use `latest`. ## Security - Use GitHub repository secrets (never commit sensitive data) - Regularly rotate SSH keys and access tokens - Use private repositories for server management workflows - Restrict SSH access to known IP ranges when possible - Enable SSH key-only authentication (disable password auth) ## Documentation - [SFP Server Installation Guide](https://docs.flxbl.io/running-sfp-as-a-server/installing-sfp-server/) - [SFP CLI Reference - Server Commands](https://docs.flxbl.io/cli-reference/server/)