From 67dd7bde3c5afe32aa43217b2c8b7e703e0f9bce Mon Sep 17 00:00:00 2001
From: vrubel <vrubel@local>
Date: Tue, 9 Jun 2026 13:46:58 +0000
Subject: [PATCH] Add CI/CD pipeline and prod docker-compose

---
 .forgejo/workflows/deploy.yml | 57 +++++++++++++++++++++++++++++++++++
 docker-compose.prod.yml       | 22 ++++++++++++++
 2 files changed, 79 insertions(+)
 create mode 100644 .forgejo/workflows/deploy.yml
 create mode 100644 docker-compose.prod.yml

diff --git a/.forgejo/workflows/deploy.yml b/.forgejo/workflows/deploy.yml
new file mode 100644
index 0000000..37e668a
--- /dev/null
+++ b/.forgejo/workflows/deploy.yml
@@ -0,0 +1,57 @@
+name: CI/CD Pipeline
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  build-and-deploy:
+    runs-on: shell
+    steps:
+      - name: Clone repository
+        run: git clone --depth 1 "http://192.168.8.174:3000/${GITHUB_REPOSITORY}.git" .
+        env:
+          GIT_TERMINAL_PROMPT: '0'
+
+      - name: Ensure Docker CLI
+        run: |
+          apk add --no-cache docker-cli docker-cli-compose openssh-client || true
+          grep -q '^vrubel:' /etc/passwd || echo 'vrubel:x:1000:1000::/data:/bin/sh' >> /etc/passwd
+
+      - name: Setup .env for CI/CD
+        run: cp .env.example .env
+
+      - name: Build Docker image
+        run: docker build -t 192.168.8.174:3000/vrubel/schedule-son:latest .
+
+      - name: Test container
+        run: |
+          mkdir -p data
+          docker run -d --name schedule-test \
+            -p 8123:8000 \
+            -v $(pwd)/data:/app/data \
+            --env-file .env \
+            -e TZ=Europe/Moscow \
+            -e DATABASE_PATH=/app/data/schedule.db \
+            192.168.8.174:3000/vrubel/schedule-son:latest
+
+      - name: Verify container
+        run: |
+          sleep 5
+          docker logs schedule-test --tail=20
+
+      - name: Stop container
+        run: docker rm -f schedule-test
+
+      - name: Login to Gitea Container Registry
+        run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login http://192.168.8.174:3000 -u "${{ secrets.REGISTRY_USER }}" --password-stdin
+
+      - name: Push image to registry
+        run: docker push 192.168.8.174:3000/vrubel/schedule-son:latest
+
+      - name: Copy docker-compose to prod host
+        run: scp -i /data/.ssh/id_ed25519 -o StrictHostKeyChecking=no docker-compose.prod.yml vrubel@192.168.8.171:~/services/scheduleSon/docker-compose.yml
+
+      - name: Deploy on prod host
+        run: ssh -i /data/.ssh/id_ed25519 -o StrictHostKeyChecking=no vrubel@192.168.8.171 "cd ~/services/scheduleSon && docker pull 192.168.8.174:3000/vrubel/schedule-son:latest && docker compose up -d --remove-orphans"
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
new file mode 100644
index 0000000..a7446c9
--- /dev/null
+++ b/docker-compose.prod.yml
@@ -0,0 +1,22 @@
+services:
+  backend:
+    image: 192.168.8.174:3000/vrubel/schedule-son:latest
+    ports:
+      - "8123:8000"
+    volumes:
+      - ./data:/app/data
+    env_file:
+      - .env
+    environment:
+      - TZ=Europe/Moscow
+      - DATABASE_PATH=/app/data/schedule.db
+    restart: unless-stopped
+    depends_on:
+      - init-db
+
+  init-db:
+    image: alpine:latest
+    volumes:
+      - ./data:/data
+    command: sh -c "mkdir -p /data && touch /data/.gitkeep"
+    restart: "no"