- All Node Dockerfiles rewritten with NODE_IMAGE + NPM_REGISTRY build args
defaulting to local Nexus proxies (171.22.25.73:5000/library/node:20-alpine
and http://mirror:8081/repository/npm-group/)
- Add extra_hosts: mirror:host-gateway to every build section so the
mirror hostname resolves during docker build
- Replace nuget.org with nuget.docker.config (Nexus mirror) in api/admin-api
Dockerfiles to fix NuGet restore in Iranian network
- Rewrite admin-web and website Dockerfiles (were referencing non-existent
meezi-node:20-alpine base image with no npm install step)
- Update dotnet image defaults to 171.22.25.73:5002 MCR proxy in admin-api
and docker-compose.admin.yml
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
act runner (host mode) inherits a minimal PATH from the process
environment — docker is not found even though it is installed.
Explicitly include all standard locations plus /snap/bin.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Node.js is not in PATH on the self-hosted:host runner, so JS actions
(actions/checkout@v4) fail with "cannot find node". Use the same shell
git init/fetch/checkout pattern used in all other jobs.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
All hardcoded passwords/keys replaced with env vars so .env controls
everything in both dev and production:
- DB_PASSWORD, DB_CONNECTION_STRING, JWT_KEY
- CORS_ORIGIN_*, ASPNETCORE_ENVIRONMENT
- All ZarinPal/Kavenegar/Snappfood secrets
New files for tomorrow's domain setup:
- Caddyfile → routes all subdomains with auto TLS
- docker-compose.caddy.yml → adds Caddy service to the stack
.env.example now has clear TODAY (IP) vs TOMORROW (domain) sections.
Fixed hardcoded ZarinPal MerchantId in docker-compose.full.yml.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Initial commit of the Super-Admin web panel (Next.js + TypeScript).
CI admin-web-check job was failing because the directory was never
tracked in git.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
python3 is not in PATH inside dotnet/sdk:10.0 container — replace the
"Write NuGet config" step with a cat heredoc which works in any container.
Also syncs GitHub with the Gitea-side changes:
- All images pulled from local Nexus mirrors (no internet round-trip)
171.22.25.73:5000 → docker-hub-proxy (node, postgres, redis)
171.22.25.73:5002 → mcr-proxy (dotnet/sdk)
- npm steps already on npm-group (Liara + Runflare fallback)
- docker-compose.mirror.yml: expose port 5002 for mcr-proxy
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
apk add git downloads from dl-cdn.alpinelinux.org (Fastly CDN) which is
slow/blocked in Iran — caused 6m+ checkout times.
New approach: wget the repo tarball from Gitea's archive API endpoint.
wget + tar (busybox) are already in node:20-alpine — no package install.
Gitea is on the same machine as the runner = download is instant.
GET /api/v1/repos/{owner}/{repo}/archive/{sha}.tar.gz
Authorization: Bearer {token}
dotnet/sdk jobs unchanged — Debian base has git pre-installed.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
NuGet 10 blocks HTTP sources by default. allowInsecureConnections=true
must be set in a config file — the --source CLI flag doesn't support it.
Write the config to /tmp/nuget.ci.config inline in the step so there is
no dependency on any file existing in the workspace.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
--configfile nuget.mirror.config fails when the file isn't present in
the workspace (e.g. when Gitea is behind GitHub on commits).
--source inline URL is simpler, self-contained, and replaces all
configured sources — no extra file dependency in CI.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
nuget-group aggregates nuget.org-proxy (Liara) and nuget-runflare-proxy
(Runflare) — automatic fallback if one upstream is down.
npm-proxy and docker-hub-proxy names match exactly, no changes needed.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
provision.sh: Docker proxy defaults to registry-1.docker.io (works directly
from VPS). Set DOCKER_MIRROR_URL/USER/PASS env vars to route through
docker-mirror.liara.ir once Liara credentials are obtained.
update-docker-upstream.sh: swap Docker proxy upstream at any time without
re-running the full provision (useful after getting Liara credentials).
indexType auto-selects: HUB for docker.io direct, REGISTRY for Liara/Harbor.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
github.server_url returns 'http://gitea:3000' (Gitea ROOT_URL using Docker
service name). CI job containers run on an isolated network and can't resolve
the 'gitea' hostname.
host-gateway maps to the Docker bridge IP (172.17.0.1). Gitea publishes
port 3000 on all interfaces, so http://gitea:3000 becomes reachable inside
every job container via the bridge.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
actions/checkout@v4 is a JS action executed inside the job container:
- dotnet/sdk:10.0 has no Node.js → exit 127
- node:20-alpine has no git → checkout fails
Fix: manual git clone via shell using http.extraheader for token auth.
Token never appears in process list or git log. deploy job (self-hosted:host)
keeps actions/checkout — the act_runner image has both node and git.
Also removes defaults.run.working-directory from Node.js jobs (the checkout
step must start in workspace root, not web/<app>).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Switch CI jobs to container: image: overrides so jobs run inside official
SDK containers (dotnet/sdk:10.0, node:20-alpine) instead of the bare
runner container. This bypasses blocked CDN downloads for dotnet/node.
Deploy job stays on self-hosted:host where Docker CLI is available.
Update workflow comments to explain the required runner label config:
ubuntu-latest:docker://node:20-alpine (CI jobs)
self-hosted:host (deploy)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Root cause: actions/setup-dotnet@v4 downloads .NET from
download.visualstudio.microsoft.com and actions/setup-node@v4 downloads
Node from nodejs.org — both CDNs are blocked from Iran so jobs hang at 0s.
Fix:
- All .NET jobs: add container: mcr.microsoft.com/dotnet/sdk:10.0
so .NET is already inside the image — no download needed.
Remove actions/setup-dotnet step entirely.
- All Node.js jobs: add container: node:20-alpine
so Node/npm are already inside the image — no download needed.
Remove actions/setup-node step entirely.
- api-build: add postgres + redis service containers + env vars so
dotnet test can actually connect to a database (was silently failing).
- deploy job: change back to runs-on: self-hosted
ubuntu-latest containers don't have Docker CLI — docker compose
commands would fail immediately. Deploy MUST run on the server.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add OrderTypePicker screen: Table / Counter / Takeaway cards shown when no
active session, replacing the old always-visible table board
- Move PosTableBoard into a modal overlay (opens on Table selection or
"Assign Table" for counter orders)
- Add orderType field + setOrderType action to cart store
- Counter and Takeaway orders no longer require a table to submit
- Add "Assign Table →" button in cart for counter orders with active session
- Rewrite category tabs as horizontal scrollable row (no wrapping)
- Larger product cards with 4:3 thumbnail + quantity badge overlay
- Bigger quantity controls (h-8 w-8) and "New order" back button in header
- Add i18n keys for order types in en/fa/ar
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
.gitea/workflows/ci-cd.yml:
- Triggers on push to main and PRs
- CI jobs: dotnet build/test, dashboard tsc, finder tsc (all self-hosted)
- Deploy job: only on push to main, needs all CI jobs to pass
- Writes .env from ENV_FILE secret (set in Gitea repo settings)
- docker compose build --parallel with BuildKit
- Rolling restart (postgres/redis untouched)
- Health-check poll: waits up to 2min for meezi-api healthy
- Auto-prunes old images on success
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
ci.yml — runs on GitHub's servers (free):
- API: dotnet build + test with Postgres/Redis service containers
- Dashboard + Finder: TypeScript typecheck (tsc --noEmit)
deploy.yml — runs on YOUR Linux server (self-hosted runner):
- Triggers on every push to main
- docker compose build --parallel (BuildKit cache)
- Rolling restart with --no-deps --remove-orphans
- Health-check poll: waits up to 2min for API healthy
- Auto-prunes old images after successful deploy
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Public cafe discovery app:
- SEO-optimised pages: home, /cafe/[slug], /search, /city/[city]
- AI search bar with natural language queries
- Structured data (JSON-LD) for Google rich results
- City browsing, rating/filter sidebar, similar cafes
- Review listing, full menu preview, working-hours card
- Web App Manifest + offline fallback page (PWA)
- Next.js 16: params/searchParams typed as Promise<{}>
- Fix Lucide icon title→aria-label (type removed upstream)
- "use client" on offline page (onClick handler)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Full backend implementation:
- Multi-tenant cafe/restaurant management (menus, orders, tables, staff)
- POS order flow with ZarinPal and Snappfood payment integration
- OTP authentication via Kavenegar SMS
- QR digital menu with public discover/finder endpoints
- Customer loyalty, coupons, CRM
- PostgreSQL via EF Core, Redis for caching/sessions
- Background jobs, webhook handlers
- Full migration history
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Rewrites dashboard and finder Dockerfiles to use a clean multi-stage
build (deps → builder → runner) that installs npm packages inside
Alpine Linux, avoiding the SWC musl binary issue when building from
Windows host. Uses registry.npmmirror.com for reliable installs from
restricted networks (Iran).
- docker/api/Dockerfile: .NET 10 multi-stage build
- docker/web/Dockerfile: Node 20-alpine multi-stage, npmmirror
- docker/finder/Dockerfile: Node 20-alpine multi-stage, npmmirror
- docker/website/Dockerfile: marketing website build
- scripts/: PowerShell helper scripts for local dev
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
soroush.asadi