flatrender

soroushdes/flatrender

Fork 0

Commit Graph

Author	SHA1	Message	Date
soroush.asadi	514cd3705f	ci(deploy): mount postgres init as a DIRECTORY (fix 'Is a directory') CI/CD / CI · Web (tsc) (push) Successful in 1m8s Details CI/CD / Deploy · full stack (push) Successful in 2m50s Details The single-file bind mount ./scripts/init-db.sh left a stale empty dir in the reused act_runner workspace → mounted as a directory → migrations never ran → empty schemas → backend 28P01/connection failures. Move the init script to deploy/postgres-initdb/00-init.sh and mount the whole DIR at /docker-entrypoint-initdb.d (robust, like the migrations dir). Deploy checkout now 'git clean -ffd' to purge stale workspace dirs. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-12 21:39:15 +03:30
soroush.asadi	12588b65df	ci(deploy): integrate with mirror-nginx instead of Caddy CI/CD / CI · Web (tsc) (push) Successful in 1m6s Details CI/CD / Deploy · full stack (push) Has been cancelled Details The server's central mirror-nginx already owns 80/443 + manages TLS, so FlatRender can't run its own Caddy there. Adapt the deploy to the host-port + reverse-proxy model: - compose: Caddy moved behind `profiles: [edge]` (not started by default); frontend/ gateway/minio host ports are now EDGE_BIND + FRONTEND_PORT/GATEWAY_PORT/MINIO_PORT (so they can avoid Gitea's :3000 etc.); postgres/render stay on HOST_BIND loopback. - deploy/ENV_FILE.production.example: nginx model, pre-filled for flatrender.ir, host ports 1600/1605/1610, no Caddy/ACME vars. - deploy/mirror-nginx-flatrender.conf: ready-to-paste server blocks routing flatrender.ir / api / storage → 171.22.25.73:{1600,1605,1610}. - deploy/README.md: nginx integration + cert step. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-12 14:42:14 +03:30
soroush.asadi	127f40e1c1	ci: Gitea CI/CD pipeline + server deploy (Nexus mirror, Caddy HTTPS) CI/CD / CI · Web (tsc) (push) Successful in 1m8s Details CI/CD / Deploy · full stack (push) Failing after 1m41s Details - .gitea/workflows/ci-cd.yml: frontend tsc check → self-hosted deploy job that builds the full compose stack and brings it up behind Caddy. Locks COMPOSE_PROJECT_NAME=flatrender (stable volumes), backs up the DB before each deploy, health-waits gateway+frontend, no `down -v`. - Route all package installs through mirror.soroushasadi.com: frontend Dockerfile npm registry → NPM_REGISTRY build arg (Nexus default); 3× NuGet.Config (content/identity/studio) → HTTPS nuget-group (were a bare IP). - Harden host ports: ${HOST_BIND:-0.0.0.0} prefix on postgres/minio/render/gateway/ frontend so prod (HOST_BIND=127.0.0.1) keeps them off the public internet — only Caddy 80/443 is public. Dev (unset → 0.0.0.0) unchanged. - render-svc MINIO_USE_SSL now env-driven (MINIO_HOST_USE_SSL) for HTTPS storage domain. - deploy/ENV_FILE.production.example (the Gitea secret template) + deploy/README.md (one-time setup + go-live checklist). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-12 13:29:09 +03:30

Author

SHA1

Message

Date

soroush.asadi

514cd3705f

ci(deploy): mount postgres init as a DIRECTORY (fix 'Is a directory')

CI/CD / CI · Web (tsc) (push) Successful in 1m8s

Details

CI/CD / Deploy · full stack (push) Successful in 2m50s

Details

The single-file bind mount ./scripts/init-db.sh left a stale empty dir in the
reused act_runner workspace → mounted as a directory → migrations never ran →
empty schemas → backend 28P01/connection failures. Move the init script to
deploy/postgres-initdb/00-init.sh and mount the whole DIR at
/docker-entrypoint-initdb.d (robust, like the migrations dir). Deploy checkout
now 'git clean -ffd' to purge stale workspace dirs.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-12 21:39:15 +03:30

soroush.asadi

12588b65df

ci(deploy): integrate with mirror-nginx instead of Caddy

CI/CD / CI · Web (tsc) (push) Successful in 1m6s

Details

CI/CD / Deploy · full stack (push) Has been cancelled

Details

The server's central mirror-nginx already owns 80/443 + manages TLS, so FlatRender
can't run its own Caddy there. Adapt the deploy to the host-port + reverse-proxy model:

- compose: Caddy moved behind `profiles: [edge]` (not started by default); frontend/
  gateway/minio host ports are now EDGE_BIND + FRONTEND_PORT/GATEWAY_PORT/MINIO_PORT
  (so they can avoid Gitea's :3000 etc.); postgres/render stay on HOST_BIND loopback.
- deploy/ENV_FILE.production.example: nginx model, pre-filled for flatrender.ir,
  host ports 1600/1605/1610, no Caddy/ACME vars.
- deploy/mirror-nginx-flatrender.conf: ready-to-paste server blocks routing
  flatrender.ir / api / storage → 171.22.25.73:{1600,1605,1610}.
- deploy/README.md: nginx integration + cert step.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-12 14:42:14 +03:30

soroush.asadi

127f40e1c1

ci: Gitea CI/CD pipeline + server deploy (Nexus mirror, Caddy HTTPS)

CI/CD / CI · Web (tsc) (push) Successful in 1m8s

Details

CI/CD / Deploy · full stack (push) Failing after 1m41s

Details

- .gitea/workflows/ci-cd.yml: frontend tsc check → self-hosted deploy job that
  builds the full compose stack and brings it up behind Caddy. Locks
  COMPOSE_PROJECT_NAME=flatrender (stable volumes), backs up the DB before each
  deploy, health-waits gateway+frontend, no `down -v`.
- Route all package installs through mirror.soroushasadi.com:
  frontend Dockerfile npm registry → NPM_REGISTRY build arg (Nexus default);
  3× NuGet.Config (content/identity/studio) → HTTPS nuget-group (were a bare IP).
- Harden host ports: ${HOST_BIND:-0.0.0.0} prefix on postgres/minio/render/gateway/
  frontend so prod (HOST_BIND=127.0.0.1) keeps them off the public internet — only
  Caddy 80/443 is public. Dev (unset → 0.0.0.0) unchanged.
- render-svc MINIO_USE_SSL now env-driven (MINIO_HOST_USE_SSL) for HTTPS storage domain.
- deploy/ENV_FILE.production.example (the Gitea secret template) + deploy/README.md
  (one-time setup + go-live checklist).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-12 13:29:09 +03:30

3 Commits