alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ci/gitea-docker-template
tiny-forge/docker-compose.yml
T
alexei.dolgolyov 80868e0f7a ci: align Gitea CI/CD + Docker with the notify-bridge template 
Adopt the proven notify-bridge pipeline pattern and fix deployment bugs.

Workflows:
- build.yml: split into parallel frontend / backend / build-image jobs.
  Run svelte-check + vitest + `go vet ./...` + `go test ./internal/...`
  (tests were never executed in CI). Use buildx with GHA layer cache and
  pin Go to 1.25. Quote the `if:` skip-guard so it is valid YAML.
- release.yml: gate the release on a passing test job, then build & push
  the image, then create the Gitea release LAST so a failed image build
  can no longer leave an orphan release. Use buildx + registry buildcache,
  a hard registry login (a push failure now fails the release), and
  auto-generate a changelog between tags.

Docker:
- Dockerfile: pin golang to 1.25 (matches go.mod's `go 1.25.0`), add
  BuildKit cache mounts for the module + build caches, an OCI source
  label, VOLUME /app/data, and a HEALTHCHECK on /readyz.
- docker-compose.yml: fix the healthcheck — it targeted POST-only
  /api/auth/login (405 -> always unhealthy); now /readyz. Point the image
  name at the Gitea registry tag with build-from-source as the default.
- .dockerignore: exclude ~95 MB of stray binaries, logs, env, and CI/doc
  files from the build context.
2026-06-21 20:51:13 +03:00

58 lines
2.3 KiB
YAML
Raw Permalink Blame History

services:
tinyforge:
# Default: build from source so a fresh clone works out of the box.
build: .
# Image name doubles as the Gitea registry tag. To DEPLOY the pre-built
# image instead of building (e.g. Portainer pulling on a webhook), comment
# out `build:` above — compose will then pull this tag. `:latest` is pushed
# only for stable (non pre-release) releases, and the registry may require
# `docker login git.dolgolyov-family.by` first if the package is private.
image: git.dolgolyov-family.by/alexei.dolgolyov/tiny-forge:latest
container_name: tinyforge
restart: unless-stopped
ports:
- "8080:8080"
volumes:
# Mount Docker socket for container management.
- /var/run/docker.sock:/var/run/docker.sock
# Persistent data (SQLite database).
- tinyforge-data:/app/data
# Optional seed config (read on first launch only).
- ./tinyforge.yaml:/app/tinyforge.yaml:ro
environment:
# Required: protects all credentials stored in the database.
- ENCRYPTION_KEY=${ENCRYPTION_KEY:?Set ENCRYPTION_KEY in .env}
# Required on first launch: password for the default admin user.
- ADMIN_PASSWORD=${ADMIN_PASSWORD:?Set ADMIN_PASSWORD in .env}
# Optional: override seed file location.
- SEED_FILE=/app/tinyforge.yaml
# Optional: override data directory.
- DATA_DIR=/app/data
# Optional: override listen address.
- LISTEN_ADDR=:8080
# Optional: override NPM URL (otherwise uses value from settings).
# - NPM_URL=http://npm:81
# Optional: override polling interval.
# - POLLING_INTERVAL=5m
networks:
- staging-net
healthcheck:
# /readyz is the public readiness probe (pings the DB, rate-limited).
# The previous target (/api/auth/login) is POST-only, so a GET/spider
# request returned 405 and the container was always reported unhealthy.
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/readyz"]
interval: 30s
timeout: 5s
retries: 3
start_period: 10s
volumes:
tinyforge-data:
driver: local
# NOTE: The staging-net network must exist before starting.
# Create it with: docker network create staging-net
networks:
staging-net:
external: true
Reference in New Issue View Git Blame Copy Permalink