Compare commits
17 Commits
feature/pe
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 6a945fb8b7 | |||
| 7937c4ee6a | |||
| 204611e6ca | |||
| 52a0b6df45 | |||
| 23e7c88f1d | |||
| d4f25a0e1d | |||
| 6f55ccc442 | |||
| 7c7514e7c1 | |||
| 57db6afc1f | |||
| f87a430bbe | |||
| 53442cece2 | |||
| 1881e088d8 | |||
| 0ba3239ec9 | |||
| c9ac2c2968 | |||
| ee4cf9c608 | |||
| 6e9b032e64 | |||
| 5c088974d8 |
61
.gitea/workflows/ci.yaml
Normal file
61
.gitea/workflows/ci.yaml
Normal file
@ -0,0 +1,61 @@
|
||||
name: Build and Deploy
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
jobs:
|
||||
build-and-deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
run: |
|
||||
rm -rf /tmp/watch-party
|
||||
git clone https://gitea.home.arpa/nik/watch-party /tmp/watch-party
|
||||
|
||||
- name: Write deploy key
|
||||
run: |
|
||||
echo "${{ secrets.DEPLOY_KEY }}" > /tmp/deploy_key
|
||||
chmod 600 /tmp/deploy_key
|
||||
|
||||
- name: Log in to Gitea registry
|
||||
run: |
|
||||
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login gitea.home.arpa \
|
||||
--username ${{ secrets.REGISTRY_USERNAME }} \
|
||||
--password-stdin
|
||||
|
||||
- name: Inject CA into buildkit
|
||||
run: |
|
||||
cat /etc/ssl/certs/homelab-ca.pem | docker exec -i buildx_buildkit_multiarch0 \
|
||||
sh -c 'cat >> /etc/ssl/certs/ca-certificates.crt && cat >> /etc/ssl/cert.pem'
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
run: |
|
||||
docker buildx create --use --name multiarch || docker buildx use multiarch
|
||||
|
||||
- name: Build and push backend
|
||||
run: |
|
||||
docker buildx build \
|
||||
--platform linux/amd64,linux/arm64 \
|
||||
-t gitea.home.arpa/nik/watch-party-backend:latest \
|
||||
--push \
|
||||
/tmp/watch-party/backend
|
||||
|
||||
- name: Build and push frontend
|
||||
run: |
|
||||
docker buildx build \
|
||||
--platform linux/amd64,linux/arm64 \
|
||||
-t gitea.home.arpa/nik/watch-party-frontend:latest \
|
||||
--push \
|
||||
/tmp/watch-party/frontend
|
||||
|
||||
- name: Deploy to Mac Mini
|
||||
run: |
|
||||
ssh -o StrictHostKeyChecking=no \
|
||||
-i /tmp/deploy_key \
|
||||
${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }} \
|
||||
"export PATH=/usr/local/bin:/opt/homebrew/bin:\$PATH && \
|
||||
cd ~/repo/watch-party && \
|
||||
docker compose pull && \
|
||||
docker compose up -d"
|
||||
@ -1,21 +1,8 @@
|
||||
name: watch-party
|
||||
|
||||
services:
|
||||
# Frontend (Vite built → nginx). Only public-facing service on LAN.
|
||||
web:
|
||||
build:
|
||||
context: ./frontend
|
||||
dockerfile: Dockerfile
|
||||
args:
|
||||
PUBLIC_BASE_PATH: ${PUBLIC_BASE_PATH}
|
||||
FRONTEND_MODE: ${FRONTEND_MODE:-production}
|
||||
VITE_AUTH_ENABLED: ${VITE_AUTH_ENABLED:-true}
|
||||
VITE_FIREBASE_API_KEY: ${VITE_FIREBASE_API_KEY}
|
||||
VITE_FIREBASE_AUTH_DOMAIN: ${VITE_FIREBASE_AUTH_DOMAIN}
|
||||
VITE_FIREBASE_PROJECT_ID: ${VITE_FIREBASE_PROJECT_ID}
|
||||
VITE_FIREBASE_APP_ID: ${VITE_FIREBASE_APP_ID}
|
||||
VITE_BACKEND_ORIGIN: ${VITE_BACKEND_ORIGIN:-/api}
|
||||
image: watchparty-frontend:prod
|
||||
image: gitea.home.arpa/nik/watch-party-frontend:latest
|
||||
container_name: watchparty-frontend
|
||||
environment:
|
||||
BACKEND_ORIGIN: ${BACKEND_ORIGIN}
|
||||
@ -32,7 +19,6 @@ services:
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
|
||||
# Backend DB (internal only)
|
||||
db:
|
||||
image: postgres:16-alpine
|
||||
platform: ${COMPOSE_PLATFORM}
|
||||
@ -42,7 +28,7 @@ services:
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
||||
TZ: ${TZ}
|
||||
ports:
|
||||
- "${POSTGRES_PORT:-5432}:5432" ####### TEMPORARY EXPOSE #########
|
||||
- "${POSTGRES_PORT:-5432}:5432"
|
||||
volumes:
|
||||
- pgdata:/var/lib/postgresql/data
|
||||
command: >
|
||||
@ -62,12 +48,8 @@ services:
|
||||
restart: unless-stopped
|
||||
networks: [internal]
|
||||
|
||||
# One-off migration job (idempotent)
|
||||
migrate:
|
||||
build:
|
||||
context: ./backend
|
||||
dockerfile: Dockerfile
|
||||
image: watchparty-backend:latest
|
||||
image: gitea.home.arpa/nik/watch-party-backend:latest
|
||||
entrypoint: ["/app/migrate"]
|
||||
env_file:
|
||||
- ./.env
|
||||
@ -79,9 +61,8 @@ services:
|
||||
restart: "no"
|
||||
networks: [internal]
|
||||
|
||||
# API server (internal port only; reached via web → proxy)
|
||||
api:
|
||||
image: watchparty-backend:latest
|
||||
image: gitea.home.arpa/nik/watch-party-backend:latest
|
||||
env_file:
|
||||
- ./.env
|
||||
depends_on:
|
||||
@ -101,11 +82,11 @@ services:
|
||||
timeout: 5s
|
||||
retries: 10
|
||||
ports:
|
||||
- "${APP_PORT:-8082}:8082" ####### TEMPORARY EXPOSE #########
|
||||
- "${APP_PORT:-8082}:8082"
|
||||
|
||||
networks:
|
||||
internal:
|
||||
driver: bridge
|
||||
|
||||
volumes:
|
||||
pgdata:
|
||||
pgdata:
|
||||
Loading…
x
Reference in New Issue
Block a user