chore: run CI on PRs, require POSTGRES_PASSWORD, document HTTPS need

- .gitea/workflows/deploy.yml: trigger on pull_request to main so PRs get test feedback; gate build-and-push + deploy on push events so PRs only run the test jobs (no registry push, no SSH deploy). - docker-compose.yml: change `${POSTGRES_PASSWORD:-mangalord}` to `${POSTGRES_PASSWORD:?...}` so a deploy without an .env fails fast instead of booting Postgres with a known-default credential. - .env.example: change the example value to a "change-me" sentinel, add a banner explaining that production needs HTTPS in front of the frontend container because COOKIE_SECURE=true makes browsers refuse cookies over plain HTTP. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-28 19:23:04 +02:00
parent e7662d18d6
commit 84a033a0fb
3 changed files with 26 additions and 3 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,13 +1,23 @@
 # Copy to .env for `docker compose up --build`. Local-dev runs (cargo run
 # / npm run dev) read backend/.env if present, or pick up the variables
 # from your shell.
+#
+# Production note: COOKIE_SECURE=true (the default below) makes browsers
+# refuse to send the session cookie over plain HTTP. Run with a TLS-
+# terminating reverse proxy (Caddy, Traefik, nginx) in front — the
+# compose file here doesn't ship one. Local/dev runs without HTTPS
+# should set COOKIE_SECURE=false.

 # ----- Postgres -----
 # These are read by the Postgres container *and* by DATABASE_URL below;
 # changing them after the first boot won't migrate existing data, so set
 # them up front for any new deployment.
+#
+# POSTGRES_PASSWORD is REQUIRED — docker-compose.yml fails fast if it
+# isn't set in this file, to prevent a deploy without an .env booting
+# Postgres with a publicly-known credential.
 POSTGRES_USER=mangalord
-POSTGRES_PASSWORD=mangalord
+POSTGRES_PASSWORD=change-me-to-a-strong-random-string
 POSTGRES_DB=mangalord

 # ----- Backend -----