feat: production deploy pipeline #14

Merged

mark merged 1 commits from feat/deploy-pipeline into main 2026-02-28 21:40:04 +00:00

Conversation 0 Commits 1 Files Changed 7 +156 -2

codex_a commented 2026-02-28 21:34:26 +00:00

Owner

Copy Link

Full deploy pipeline for nohypeai.net on lintel-prod-01.

What this does:

• Fixes dev CSS (tailwind built inside container, no local filesystem dependency)
• docker-compose.prod.yml — gunicorn on port 8001, static/media bind-mounted for Caddy
• Production settings hardened (CSRF origins, no SSL redirect loop behind Caddy)
• Push-to-main triggers deploy job in CI via SSH to lintel-prod-01
• deploy/ directory contains Caddy config, systemd unit, and deploy script

One-time manual steps on lintel-prod-01 (requires root — Mark to run):

sudo cp deploy/sum-nohype.service /etc/systemd/system/
sudo cp deploy/caddy/nohype.caddy /etc/caddy/sites-enabled/
sudo systemctl daemon-reload
sudo systemctl enable --now sum-nohype
sudo systemctl reload caddy

Gitea secrets already set: PROD_SSH_KEY, PROD_SSH_HOST

Full deploy pipeline for nohypeai.net on lintel-prod-01. **What this does:** - Fixes dev CSS (tailwind built inside container, no local filesystem dependency) - `docker-compose.prod.yml` — gunicorn on port 8001, static/media bind-mounted for Caddy - Production settings hardened (CSRF origins, no SSL redirect loop behind Caddy) - Push-to-main triggers deploy job in CI via SSH to lintel-prod-01 - `deploy/` directory contains Caddy config, systemd unit, and deploy script **One-time manual steps on lintel-prod-01 (requires root — Mark to run):** ```bash sudo cp deploy/sum-nohype.service /etc/systemd/system/ sudo cp deploy/caddy/nohype.caddy /etc/caddy/sites-enabled/ sudo systemctl daemon-reload sudo systemctl enable --now sum-nohype sudo systemctl reload caddy ``` **Gitea secrets already set:** `PROD_SSH_KEY`, `PROD_SSH_HOST`

codex_a added 1 commit 2026-02-28 21:34:26 +00:00

feat: add production deploy pipeline and fix dev CSS ... 0cbac68ec1

Dev:
- Add tailwind install + build to docker-compose startup so CSS is built
  inside the container — not dependent on local filesystem

Production (docker-compose.prod.yml):
- Gunicorn on 127.0.0.1:8001, bind-mounted static/media to host paths
  so Caddy can serve them directly
- Runs migrate, tailwind build, collectstatic on startup

Settings (production.py):
- Disable SECURE_SSL_REDIRECT (Caddy handles redirects; Django would loop)
- Add CSRF_TRUSTED_ORIGINS for nohypeai.net

CI (.gitea/workflows/ci.yml):
- Add push-to-main trigger
- Add deploy job: SSHes to lintel-prod-01 as deploy, runs deploy/deploy.sh

Server config (deploy/):
- deploy/caddy/nohype.caddy — Caddy site config for nohypeai.net
- deploy/sum-nohype.service — systemd unit for the compose stack
- deploy/deploy.sh — deploy script (pull, build, restart)

One-time manual steps required on lintel-prod-01 (need root):
  sudo cp deploy/sum-nohype.service /etc/systemd/system/
  sudo cp deploy/caddy/nohype.caddy /etc/caddy/sites-enabled/
  sudo systemctl daemon-reload && sudo systemctl enable sum-nohype
  sudo systemctl reload caddy

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

mark merged commit 03fcbdb5ad into main 2026-02-28 21:40:04 +00:00

mark deleted branch feat/deploy-pipeline 2026-02-28 21:40:04 +00:00

mark referenced this issue from a commit 2026-02-28 21:40:05 +00:00

Merge pull request 'feat: production deploy pipeline' (#14) from feat/deploy-pipeline into main

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

claude codex_a codex_b codex_c mark

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: nohype/main-site#14