Fix critical vulnerability LMAO #106
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Server | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Create SSH key | |
| run: | | |
| mkdir -p ~/.ssh/ | |
| echo "$SSH_PRIVATE_KEY" | base64 -d > ../private.key | |
| sudo chmod 600 ../private.key | |
| echo "$SSH_KNOWN_HOSTS" | base64 -d > ~/.ssh/known_hosts | |
| shell: bash | |
| env: | |
| SSH_PRIVATE_KEY: ${{secrets.SSH_PRIVATE_KEY}} | |
| SSH_KNOWN_HOSTS: ${{secrets.SSH_KNOWN_HOSTS}} | |
| SSH_KEY_PATH: ${{ github.workspace }}/../private.key | |
| - name: Check out repository code | |
| uses: actions/checkout@v2 | |
| - name: Install OpenVPN | |
| run: | | |
| sudo apt update | |
| sudo apt install openvpn openvpn-systemd-resolved | |
| - name: Connect to OpenVPN server | |
| run: | | |
| echo "$OPENVPN_CONFIG" > ~/vpn.ovpn | |
| sudo openvpn --config ~/vpn.ovpn --log "vpn.log" --daemon | |
| sleep 15 | |
| env: | |
| OPENVPN_CONFIG: ${{ secrets.OPENVPN_CONFIG }} | |
| - name: Redeploy pwnybot | |
| run: | | |
| cat deploy.sh | ssh -i $SSH_KEY_PATH "$SERVER_USER@$SERVER_IP" | |
| shell: bash | |
| env: | |
| VPN_PASSWORD: ${{secrets.VPN_PASSWORD}} | |
| VPN_USERNAME: ${{secrets.VPN_USERNAME}} | |
| SSH_KEY_PATH: ${{ github.workspace }}/../private.key | |
| SERVER_USER: ${{ secrets.SERVER_USER }} | |
| SERVER_IP: ${{ secrets.SERVER_IP }} | |
| - name: Kill VPN connection | |
| if: always() | |
| run: | | |
| sudo chmod 777 vpn.log | |
| sudo killall openvpn |