deploy fix 7
Build & Deploy / Build & Push Docker Image (push) Failing after 3s
Build & Deploy / Deploy to VPS (push) Has been skipped

This commit is contained in:
root
2026-07-04 15:29:09 -04:00
parent a45b318d5e
commit fbbd5e4c1c
+35
View File
@@ -231,6 +231,41 @@ Supported private key formats:
If your key is passphrase-protected, generate a dedicated deploy key without a passphrase for CI instead of reusing an interactive workstation key.
To create a new dedicated deploy key, run this on your workstation or another trusted admin machine, not inside Gitea:
```bash
ssh-keygen -t ed25519 -f ./rentaldrivego_gitea_deploy -C "gitea-actions-rentaldrivego" -N ""
ssh-keygen -lf ./rentaldrivego_gitea_deploy.pub
base64 < ./rentaldrivego_gitea_deploy | tr -d '\n'
```
Use the generated files like this:
- `rentaldrivego_gitea_deploy`: private key. Store this in Gitea as either raw `VPS_SSH_KEY` or base64-encoded `VPS_SSH_KEY_B64`.
- `rentaldrivego_gitea_deploy.pub`: public key. Install this on the VPS in `~/.ssh/authorized_keys` for the account configured as `VPS_USER`.
Do not put the `.pub` file or an `authorized_keys` line into `VPS_SSH_KEY` or `VPS_SSH_KEY_B64`. Gitea needs the private key; the VPS needs the public key.
To install the public key on the VPS, SSH into the server as the same account configured in `VPS_USER`, then run:
```bash
mkdir -p ~/.ssh
chmod 700 ~/.ssh
printf '%s\n' '<contents-of-rentaldrivego_gitea_deploy.pub>' >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
ssh-keygen -lf ~/.ssh/authorized_keys
```
If you are logged in as `root` but `VPS_USER` is a different account such as `deploy`, install the public key under that user's home directory instead:
```bash
install -d -m 700 -o deploy -g deploy /home/deploy/.ssh
printf '%s\n' '<contents-of-rentaldrivego_gitea_deploy.pub>' >> /home/deploy/.ssh/authorized_keys
chown deploy:deploy /home/deploy/.ssh/authorized_keys
chmod 600 /home/deploy/.ssh/authorized_keys
ssh-keygen -lf /home/deploy/.ssh/authorized_keys
```
If SSH authentication fails after the workflow loads the key, compare the logged deploy key fingerprint with the key installed on the server:
```bash