deploy: rules: !reference [.rules:release, rules] stage: deploy image: debian:${DEBIAN_VERSION}-slim id_tokens: TBOT_GITLAB_JWT: aud: tp.unjx.de script: - apt-get update && apt-get install curl -y - cd /tmp - 'curl -O https://cdn.teleport.dev/teleport-v${TELEPORT_VERSION}-linux-amd64-bin.tar.gz' - tar -xvf teleport-v${TELEPORT_VERSION}-linux-amd64-bin.tar.gz - ./teleport/install - 'tbot start --token=gitlab --destination-dir=/tmp/tbot-user --data-dir=/tmp/tbot-data --auth-server=tp.unjx.de:443 --join-method=gitlab --oneshot' - 'tsh -i /tmp/tbot-user/identity --proxy tp.unjx.de:443 ssh gitlab@berg "docker compose -f /opt/docker/home/compose.yml up -d --pull always"' - 'tsh -i /tmp/tbot-user/identity --proxy tp.unjx.de:443 ssh gitlab@berg "docker system prune --force"' environment: name: production url: $PRODUCTION_URL