cesnimda/jobtrackingapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: restore shared production env during deploy

Browse Source
This commit is contained in:
cesnimda
2026-03-22 21:24:05 +01:00
parent 9914de19f4
commit 8014c1e890
2 changed files with 27 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/README.md
+14 -2
View File
@@ -5,6 +5,7 @@ This repo includes `.gitea/workflows/ci-deploy.yml` for:
- backend build
- backend tests
- frontend tests
- frontend production build
- deployment to Ubuntu after successful tests on `main`
### Required secrets in Gitea
@@ -16,13 +17,24 @@ This repo includes `.gitea/workflows/ci-deploy.yml` for:
Recommended app path:
- `/opt/job-tracker/app`
Persistent runtime secrets path:
- `/opt/job-tracker/shared/.env`
Requirements:
- Docker Engine
- Docker Compose plugin
- reverse proxy in front (Nginx, Caddy, or Traefik)
- `.env` file present on server in `/opt/job-tracker/app/.env`
- shared env file present on server in `/opt/job-tracker/shared/.env`
- network connectivity from the backend container to your `mariadb` container/service
The deploy script will automatically create a symlink from:
- `/opt/job-tracker/shared/.env`
to:
- `/opt/job-tracker/app/.env`
This keeps secrets outside the uploaded repo checkout so they are not wiped by CI deploys.
### Example production `.env`
```env
DATABASE_PROVIDER=mariadb
@@ -62,7 +74,7 @@ If this app is going to be a real production service on Ubuntu:
1. push to `main`
2. Gitea Actions runs tests
3. if green, workflow uploads repo to server
4. `deploy/deploy.sh` runs `docker compose build && docker compose up -d`
4. `deploy/deploy.sh` links `/opt/job-tracker/shared/.env` into the repo checkout, then runs `docker compose build && docker compose up -d`
5. workflow checks service status after deployment
## Post-deploy verification you should also do manually the first time
deploy/deploy.sh
+13 -2
View File
@@ -3,8 +3,19 @@ set -euo pipefail
cd "$(dirname "$0")/.."
if [ ! -f .env ]; then
echo "Missing .env in deployment directory"
ENV_SOURCE="/opt/job-tracker/shared/.env"
ENV_TARGET=".env"
if [ ! -f "$ENV_SOURCE" ]; then
echo "Missing shared env file at $ENV_SOURCE"
exit 1
fi
# Keep runtime secrets outside the repo checkout so workflow uploads cannot wipe them.
ln -sf "$ENV_SOURCE" "$ENV_TARGET"
if [ ! -f "$ENV_TARGET" ]; then
echo "Failed to link deployment env file into $(pwd)/$ENV_TARGET"
exit 1
fi