0cbac68ec1
Dev: - Add tailwind install + build to docker-compose startup so CSS is built inside the container — not dependent on local filesystem Production (docker-compose.prod.yml): - Gunicorn on 127.0.0.1:8001, bind-mounted static/media to host paths so Caddy can serve them directly - Runs migrate, tailwind build, collectstatic on startup Settings (production.py): - Disable SECURE_SSL_REDIRECT (Caddy handles redirects; Django would loop) - Add CSRF_TRUSTED_ORIGINS for nohypeai.net CI (.gitea/workflows/ci.yml): - Add push-to-main trigger - Add deploy job: SSHes to lintel-prod-01 as deploy, runs deploy/deploy.sh Server config (deploy/): - deploy/caddy/nohype.caddy — Caddy site config for nohypeai.net - deploy/sum-nohype.service — systemd unit for the compose stack - deploy/deploy.sh — deploy script (pull, build, restart) One-time manual steps required on lintel-prod-01 (need root): sudo cp deploy/sum-nohype.service /etc/systemd/system/ sudo cp deploy/caddy/nohype.caddy /etc/caddy/sites-enabled/ sudo systemctl daemon-reload && sudo systemctl enable sum-nohype sudo systemctl reload caddy Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
24 lines
468 B
Plaintext
24 lines
468 B
Plaintext
nohypeai.net, www.nohypeai.net {
|
|
encode gzip zstd
|
|
|
|
header {
|
|
X-Content-Type-Options nosniff
|
|
X-Frame-Options DENY
|
|
Referrer-Policy strict-origin-when-cross-origin
|
|
Permissions-Policy "geolocation=(), microphone=(), camera=()"
|
|
X-Forwarded-Proto https
|
|
}
|
|
|
|
handle_path /static/* {
|
|
root * /srv/sum/nohype/static
|
|
file_server
|
|
}
|
|
|
|
handle_path /media/* {
|
|
root * /srv/sum/nohype/media
|
|
file_server
|
|
}
|
|
|
|
reverse_proxy localhost:8001
|
|
}
|