Initial commit

2026-02-08 16:36:36 -08:00
commit 5508e4befa
3 changed files with 85 additions and 0 deletions
--- a/.github/workflows/deploy-homelab.yml
+++ b/.github/workflows/deploy-homelab.yml
@@ -0,0 +1,45 @@
+name: "Deploy to Homelab"
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v3
+
+    - name: Set up SSH key
+      run: |
+        mkdir -p ~/.ssh
+        echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
+        chmod 600 ~/.ssh/id_ed25519
+        ssh-keyscan ${{ vars.HOST }} >> ~/.ssh/known_hosts
+
+    - name: Remove directory from server
+      run: |
+        ssh -i ~/.ssh/id_ed25519 github@${{ vars.HOST }} << 'EOF'
+          rm -rf ~/homelab-static
+        EOF
+
+    # Avoid needing to set up SSH access to GitHub for this user
+    - name: Transfer repository files to server
+      run: |
+        scp -i ~/.ssh/id_ed25519 -r ./* github@${{ vars.HOST }}:~/homelab-static
+
+    - name: Deploy on server with Docker
+      run: |
+        ssh -i ~/.ssh/id_ed25519 github@${{ vars.HOST }} << 'EOF'
+          cd ~/homelab-static
+          export TS_AUTHKEY=${{ secrets.TS_CONTAINER_AUTHKEY }}
+          docker compose -f docker-compose.yml down
+          docker compose -f docker-compose.yml up -d --build
+        EOF
+
+
+
--- a/config/tailscale-serve-config.json
+++ b/config/tailscale-serve-config.json
@@ -0,0 +1,20 @@
+{
+  "TCP": {
+    "443": {
+      "HTTPS": true
+    }
+  },
+  "Web": {
+    "static.tail8f43b.ts.net:443": {
+      "Handlers": {
+        "/data-structures-tutoring": {
+          "Path": "/shared/data-structures-tutoring"
+        }
+      }
+    }
+  },
+  "AllowFunnel": {
+    "static.tail8f43b.ts.net:443": true
+  }
+}
+
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,20 @@
+services:
+  tailscale:
+    image: tailscale/tailscale:stable
+    container_name: tailscale-static
+    hostname: static
+    environment:
+      - TS_AUTHKEY=${TS_AUTHKEY}
+      - TS_STATE_DIR=/var/lib/tailscale
+      - TS_SERVE_CONFIG=/config/tailscale-serve-config.json
+    volumes:
+      - tailscale-jellyfin-state:/var/lib/tailscale
+      - /dev/net/tun:/dev/net/tun   # shared interface across all Tailscale instances
+      - ./config:/config
+      - ./shared:/shared
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    restart: unless-stopped
+
+