nik/watch-party
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: nik:main
Branches Tags
nik:main
nik:develop
nik:feature/perma-delete-button
nik:feature/add-admin
nik:feature/auth-domain-renaming
nik:feature/delete-button-redesign
..
compare: nik:develop
Branches Tags
nik:main
nik:develop
nik:feature/perma-delete-button
nik:feature/add-admin
nik:feature/auth-domain-renaming
nik:feature/delete-button-redesign

No commits in common. "main" and "develop" have entirely different histories.
main ... develop

2 changed files with 25 additions and 67 deletions
Show Stats Expand all files Collapse all files

61
.gitea/workflows/ci.yaml
View File

@ -1,61 +0,0 @@
name: Build and Deploy
on:
push:
branches:
- main
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
run: |
rm -rf /tmp/watch-party
git clone https://gitea.home.arpa/nik/watch-party /tmp/watch-party
- name: Write deploy key
run: |
echo "${{ secrets.DEPLOY_KEY }}" > /tmp/deploy_key
chmod 600 /tmp/deploy_key
- name: Log in to Gitea registry
run: |
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login gitea.home.arpa \
--username ${{ secrets.REGISTRY_USERNAME }} \
--password-stdin
- name: Inject CA into buildkit
run: |
cat /etc/ssl/certs/homelab-ca.pem | docker exec -i buildx_buildkit_multiarch0 \
sh -c 'cat >> /etc/ssl/certs/ca-certificates.crt && cat >> /etc/ssl/cert.pem'
- name: Set up Docker Buildx
run: |
docker buildx create --use --name multiarch || docker buildx use multiarch
- name: Build and push backend
run: |
docker buildx build \
--platform linux/amd64,linux/arm64 \
-t gitea.home.arpa/nik/watch-party-backend:latest \
--push \
/tmp/watch-party/backend
- name: Build and push frontend
run: |
docker buildx build \
--platform linux/amd64,linux/arm64 \
-t gitea.home.arpa/nik/watch-party-frontend:latest \
--push \
/tmp/watch-party/frontend
- name: Deploy to Mac Mini
run: |
ssh -o StrictHostKeyChecking=no \
-i /tmp/deploy_key \
${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }} \
"export PATH=/usr/local/bin:/opt/homebrew/bin:\$PATH && \
cd ~/repo/watch-party && \
docker compose pull && \
docker compose up -d"

29
docker-compose.yml
View File

@ -1,8 +1,21 @@
name: watch-party name: watch-party
services: services:
# Frontend (Vite built → nginx). Only public-facing service on LAN.
web: web:
image: gitea.home.arpa/nik/watch-party-frontend:latest build:
context: ./frontend
dockerfile: Dockerfile
args:
PUBLIC_BASE_PATH: ${PUBLIC_BASE_PATH}
FRONTEND_MODE: ${FRONTEND_MODE:-production}
VITE_AUTH_ENABLED: ${VITE_AUTH_ENABLED:-true}
VITE_FIREBASE_API_KEY: ${VITE_FIREBASE_API_KEY}
VITE_FIREBASE_AUTH_DOMAIN: ${VITE_FIREBASE_AUTH_DOMAIN}
VITE_FIREBASE_PROJECT_ID: ${VITE_FIREBASE_PROJECT_ID}
VITE_FIREBASE_APP_ID: ${VITE_FIREBASE_APP_ID}
VITE_BACKEND_ORIGIN: ${VITE_BACKEND_ORIGIN:-/api}
image: watchparty-frontend:prod
container_name: watchparty-frontend container_name: watchparty-frontend
environment: environment:
BACKEND_ORIGIN: ${BACKEND_ORIGIN} BACKEND_ORIGIN: ${BACKEND_ORIGIN}
@ -19,6 +32,7 @@ services:
timeout: 5s timeout: 5s
retries: 5 retries: 5
# Backend DB (internal only)
db: db:
image: postgres:16-alpine image: postgres:16-alpine
platform: ${COMPOSE_PLATFORM} platform: ${COMPOSE_PLATFORM}
@ -28,7 +42,7 @@ services:
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
TZ: ${TZ} TZ: ${TZ}
ports: ports:
- "${POSTGRES_PORT:-5432}:5432" - "${POSTGRES_PORT:-5432}:5432" ####### TEMPORARY EXPOSE #########
volumes: volumes:
- pgdata:/var/lib/postgresql/data - pgdata:/var/lib/postgresql/data
command: > command: >
@ -48,8 +62,12 @@ services:
restart: unless-stopped restart: unless-stopped
networks: [internal] networks: [internal]
# One-off migration job (idempotent)
migrate: migrate:
image: gitea.home.arpa/nik/watch-party-backend:latest build:
context: ./backend
dockerfile: Dockerfile
image: watchparty-backend:latest
entrypoint: ["/app/migrate"] entrypoint: ["/app/migrate"]
env_file: env_file:
- ./.env - ./.env
@ -61,8 +79,9 @@ services:
restart: "no" restart: "no"
networks: [internal] networks: [internal]
# API server (internal port only; reached via web → proxy)
api: api:
image: gitea.home.arpa/nik/watch-party-backend:latest image: watchparty-backend:latest
env_file: env_file:
- ./.env - ./.env
depends_on: depends_on:
@ -82,7 +101,7 @@ services:
timeout: 5s timeout: 5s
retries: 10 retries: 10
ports: ports:
- "${APP_PORT:-8082}:8082" - "${APP_PORT:-8082}:8082" ####### TEMPORARY EXPOSE #########
networks: networks:
internal: internal: