soroushdes/HokmPlay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Soroush CI/CD (Gitea + Nexus) + self-host fonts for offline build
CI/CD / CI - API (dotnet build + engine sim) (push) Failing after 1m40s
Details
CI/CD / CI - Web (tsc + next build) (push) Failing after 1m20s
Details
CI/CD / Deploy - local stack (db + server + web) (push) Has been skipped
Details

Browse Source 
Pipeline (.gitea/workflows/ci-cd.yml), all images/packages via Nexus mirror:
- CI api-build: dotnet restore/build server/Hokm.slnx + run Hokm.Sim (rules).
- CI web-check: npm install + tsc --noEmit + next build (static export).
- deploy (self-hosted): pre-deploy pg_dump backup, rollback image tag, build,
  bring up db -> server -> web with stop+rm+up --no-deps (no force-recreate,
  no bare compose down), health-wait each, prune.

Local stack (docker-compose.yml), ports in 1500-1600 so it coexists with manual
dev on 3000/5005:  web :1500 (nginx static) -> server :1505 (.NET) -> db :1510
(postgres, named volume + backups). Dockerfiles: server (.NET, NuGet via
nuget.docker.config, binds 0.0.0.0, busybox wget healthcheck) + web (Next static
export -> nginx, NEXT_PUBLIC_* baked as build args). nginx.conf SPA fallback.

Config: server CORS is now config-driven (Cors__Origins) so the deployed web
origin is allowed without code edits. deploy/ENV_FILE.example documents the
Gitea ENV_FILE secret; DEPLOY.md covers setup/run/LAN-IP/rollback/migrations.

Fonts: switch Vazirmatn + Plus Jakarta Sans from next/font/google (build-time
Google fetch -> fails on the Iran CI runner) to self-hosted @fontsource-variable
packages. Build is offline and ~3x faster; 7 woff2 emitted into out/.

Verified locally: dotnet build slnx + Hokm.Sim (300 matches, exit 0); tsc clean;
next build clean with self-hosted fonts.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
2026-06-04 19:09:31 +03:30
parent e778e8b5bd
commit 89d42184a1
15 changed files with 534 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docker-compose.yml
+86
View File
@@ -0,0 +1,86 @@
# Barg-e Vasat — local/self-hosted stack.
# Ports live in the 15001600 range so this stack can run alongside a manual
# `npm run dev` (:3000) and `dotnet run` (:5005) without colliding.
# web → http://localhost:1500
# api → http://localhost:1505
# db → localhost:1510 (postgres)
# All values come from .env (the deploy job writes it from the ENV_FILE secret).
services:
db:
image: mirror.soroushasadi.com/postgres:16-alpine
container_name: hokm-db
restart: unless-stopped
environment:
POSTGRES_DB: hokm
POSTGRES_USER: hokm
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-hokm_dev_pass}
volumes:
- hokm_db_data:/var/lib/postgresql/data
ports:
- "${DB_PORT:-1510}:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U hokm -d hokm"]
interval: 5s
timeout: 5s
retries: 10
server:
build:
context: ./server
dockerfile: Dockerfile
image: hokm-server:latest
container_name: hokm-server
restart: unless-stopped
depends_on:
db:
condition: service_healthy
environment:
ASPNETCORE_ENVIRONMENT: Production
ASPNETCORE_URLS: http://0.0.0.0:5005
Database__Provider: postgres
ConnectionStrings__Default: "Host=db;Port=5432;Database=hokm;Username=hokm;Password=${POSTGRES_PASSWORD:-hokm_dev_pass}"
Jwt__Key: ${JWT_KEY:?set JWT_KEY in .env}
Jwt__Issuer: ${JWT_ISSUER:-hokm}
Jwt__Audience: ${JWT_AUDIENCE:-hokm-clients}
# Comma-separated origins the browser uses to reach the web app.
Cors__Origins: ${CORS_ORIGINS:-http://localhost:1500}
Zarinpal__MerchantId: ${ZARINPAL_MERCHANT_ID:-299685fb-cadf-4dfc-98e2-d4af5d81528d}
Zarinpal__Sandbox: ${ZARINPAL_SANDBOX:-true}
Zarinpal__CallbackUrl: ${ZARINPAL_CALLBACK_URL:-http://localhost:1505/api/coins/pay/callback}
Zarinpal__ClientReturnUrl: ${ZARINPAL_CLIENT_RETURN_URL:-http://localhost:1500}
ports:
- "${API_PORT:-1505}:5005"
healthcheck:
test: ["CMD", "wget", "-q", "-O-", "http://127.0.0.1:5005/"]
interval: 10s
timeout: 5s
retries: 12
start_period: 20s
web:
build:
context: .
dockerfile: Dockerfile
args:
# Baked into the static bundle at build time. Must be the address the
# BROWSER uses to reach the API (host-mapped api port, or LAN IP).
NEXT_PUBLIC_USE_SERVER: "1"
NEXT_PUBLIC_SERVER_URL: ${NEXT_PUBLIC_SERVER_URL:-http://localhost:1505}
image: hokm-web:latest
container_name: hokm-web
restart: unless-stopped
depends_on:
server:
condition: service_healthy
ports:
- "${WEB_PORT:-1500}:80"
healthcheck:
test: ["CMD", "wget", "-q", "-O-", "http://127.0.0.1/"]
interval: 10s
timeout: 5s
retries: 6
start_period: 10s
volumes:
hokm_db_data: