GitHub Actions Setup Guide for MBPanel Documentation¶
Overview¶
This GitHub Actions workflow automatically builds and deploys your documentation: - Main branch → Production deployment - Develop branch → Staging deployment - Pull Requests → Preview deployments - Manual triggers → Choose environment
🚀 Setup Instructions¶
1. Repository Settings¶
Go to your GitHub repository → Settings → Secrets and variables → Actions
2. Add Repository Secrets¶
Add these secrets for your deployment configuration:
Production Secrets¶
PRODUCTION_HOST=your-production-server.com
PRODUCTION_USER=deploy
PRODUCTION_SSH_KEY=(your full OpenSSH private key with BEGIN/END headers)
PRODUCTION_PATH=/var/www/mbpanel-docs
PRODUCTION_URL=https://docs.yourdomain.com
Staging Secrets¶
STAGING_HOST=your-staging-server.com
STAGING_USER=deploy
STAGING_SSH_KEY=(your full OpenSSH private key with BEGIN/END headers)
STAGING_PATH=/var/www/mbpanel-docs-staging
STAGING_URL=https://staging-docs.yourdomain.com
3. Server Setup¶
On Your Server(s):¶
-
Create deployment user:
-
Setup SSH key:
-
Configure nginx directories:
-
Setup sudoers for deploy user:
-
Configure nginx for multiple environments:
Production config (/etc/nginx/sites-available/mbpanel-docs-prod):
server {
listen 80;
server_name docs.yourdomain.com;
root /var/www/mbpanel-docs/current;
index index.html;
# Include common configuration
include /etc/nginx/conf.d/mbpanel-docs-common.conf;
}
Staging config (/etc/nginx/sites-available/mbpanel-docs-staging):
server {
listen 80;
server_name staging-docs.yourdomain.com;
root /var/www/mbpanel-docs-staging/staging;
index index.html;
# Include common configuration
include /etc/nginx/conf.d/mbpanel-docs-common.conf;
}
Preview config (/etc/nginx/sites-available/mbpanel-docs-preview):
server {
listen 80;
server_name preview-docs.yourdomain.com;
root /var/www/mbpanel-docs-staging;
index index.html;
# Handle preview URLs
location ~ ^/preview-pr-(\d+)/(.*)$ {
alias /var/www/mbpanel-docs-staging/preview-pr-$1/$2;
try_files $uri $uri/ $uri.html =404;
}
# Default to latest staging
location / {
alias /var/www/mbpanel-docs-staging/staging/;
try_files $uri $uri/ $uri.html =404;
}
include /etc/nginx/conf.d/mbpanel-docs-common.conf;
}
Common config (/etc/nginx/conf.d/mbpanel-docs-common.conf):
# Copy from nginx-docs.conf (without server block)
gzip on;
gzip_vary on;
gzip_min_length 1024;
# ... rest of common configuration
- Enable sites:
4. Test the Setup¶
Test SSH Connection:¶
Test Manual Deployment:¶
# On your local machine
rsync -avz -e "ssh -i ~/.ssh/deploy-key" site/ deploy@your-server.com:/var/www/mbpanel-docs/current/
🔄 Workflow Triggers¶
Automatic Triggers:¶
- Push to main → Production deployment
- Push to develop → Staging deployment
- Pull Request → Preview deployment
Manual Triggers:¶
- Go to Actions → Deploy Documentation → Run workflow
- Choose environment: staging or production
📊 Workflow Features¶
Build Stage:¶
- ✅ Validates MkDocs configuration
- ✅ Builds documentation with strict mode
- ✅ Generates semantic search index (on main branch)
- ✅ Uploads build artifacts
- ✅ Generates build summary
Deployment Stages:¶
- ✅ Atomic deployments with backup
- ✅ Permission management
- ✅ Nginx configuration testing
- ✅ Health checks
- ✅ Rollback on failure
Preview Features:¶
- ✅ PR preview deployments
- ✅ Automatic preview links in PR comments
- ✅ Isolated preview environments
🛡️ Security Best Practices¶
SSH Key Security:¶
- Use ed25519 keys (more secure than RSA)
- Limit key permissions to deployment user only
- Use GitHub secrets (never commit keys)
- Rotate keys regularly
Server Security:¶
- Minimal sudo permissions for deploy user
- Separate environments (prod/staging/preview)
- Regular backups before deployments
- Nginx security headers configured
GitHub Security:¶
- Environment protection rules
- Required reviewers for production
- Branch protection on main
- Secret scanning enabled
🔧 Monitoring & Troubleshooting¶
View Workflow Status:¶
- Go to Actions tab in GitHub
- Click on Deploy Documentation workflow
- View individual job logs
Common Issues:¶
SSH Connection Failed:¶
# Test SSH manually
ssh -i ~/.ssh/deploy-key deploy@your-server.com
# Check server logs
sudo journalctl -u sshd
Permission Denied:¶
# Check file permissions on server
ls -la /var/www/mbpanel-docs/
# Fix permissions
sudo chown -R deploy:deploy /var/www/mbpanel-docs/
Nginx Configuration Error:¶
Health Checks:¶
The workflow includes automatic health checks. You can also test manually:
# Production health
curl -I https://docs.yourdomain.com/health
# Staging health
curl -I http://staging-docs.yourdomain.com/health
📈 Advanced Features¶
Custom Domains:¶
Update nginx configs with your custom domains and SSL certificates.
CDN Integration:¶
Add Cloudflare or similar CDN in front of nginx for better performance.
Analytics:¶
Add Google Analytics or similar tracking to your MkDocs configuration.
Semantic Search:¶
Enable semantic search API by adding backend proxy to nginx configuration.
🚀 Going Live¶
Once everything is set up:
- Push to develop to test staging deployment
- Create PR to test preview deployment
- Merge to main for production deployment
Your documentation will now automatically update on every push!