Compare commits
1 Commits
feat/backe
...
chore/ci-p
| Author | SHA1 | Date | |
|---|---|---|---|
|
84a033a0fb |
12
.env.example
12
.env.example
@@ -1,13 +1,23 @@
|
||||
# Copy to .env for `docker compose up --build`. Local-dev runs (cargo run
|
||||
# / npm run dev) read backend/.env if present, or pick up the variables
|
||||
# from your shell.
|
||||
#
|
||||
# Production note: COOKIE_SECURE=true (the default below) makes browsers
|
||||
# refuse to send the session cookie over plain HTTP. Run with a TLS-
|
||||
# terminating reverse proxy (Caddy, Traefik, nginx) in front — the
|
||||
# compose file here doesn't ship one. Local/dev runs without HTTPS
|
||||
# should set COOKIE_SECURE=false.
|
||||
|
||||
# ----- Postgres -----
|
||||
# These are read by the Postgres container *and* by DATABASE_URL below;
|
||||
# changing them after the first boot won't migrate existing data, so set
|
||||
# them up front for any new deployment.
|
||||
#
|
||||
# POSTGRES_PASSWORD is REQUIRED — docker-compose.yml fails fast if it
|
||||
# isn't set in this file, to prevent a deploy without an .env booting
|
||||
# Postgres with a publicly-known credential.
|
||||
POSTGRES_USER=mangalord
|
||||
POSTGRES_PASSWORD=mangalord
|
||||
POSTGRES_PASSWORD=change-me-to-a-strong-random-string
|
||||
POSTGRES_DB=mangalord
|
||||
|
||||
# ----- Backend -----
|
||||
|
||||
@@ -3,6 +3,8 @@ name: deploy
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [main]
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
@@ -63,6 +65,10 @@ jobs:
|
||||
build-and-push:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [test-backend, test-frontend]
|
||||
# PRs only run the test jobs; build + deploy are reserved for
|
||||
# post-merge pushes to main. Without this gate every PR would push
|
||||
# a tagged image to the registry and SSH-deploy to prod.
|
||||
if: github.event_name != 'pull_request'
|
||||
outputs:
|
||||
image_tag: ${{ steps.meta.outputs.image_tag }}
|
||||
version: ${{ steps.meta.outputs.version }}
|
||||
@@ -117,6 +123,7 @@ jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
needs: build-and-push
|
||||
if: github.event_name != 'pull_request'
|
||||
steps:
|
||||
- name: SSH deploy
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "mangalord"
|
||||
version = "0.35.0"
|
||||
version = "0.34.0"
|
||||
edition = "2021"
|
||||
default-run = "mangalord"
|
||||
|
||||
|
||||
@@ -17,7 +17,10 @@ async fn main() -> anyhow::Result<()> {
|
||||
tracing::info!(%addr, "mangalord listening");
|
||||
let listener = tokio::net::TcpListener::bind(addr).await?;
|
||||
axum::serve(listener, router)
|
||||
.with_graceful_shutdown(shutdown_signal())
|
||||
.with_graceful_shutdown(async {
|
||||
let _ = tokio::signal::ctrl_c().await;
|
||||
tracing::info!("ctrl-c received; shutting down");
|
||||
})
|
||||
.await?;
|
||||
|
||||
// Drain background tasks (crawler daemon) before exiting so Chromium
|
||||
@@ -27,33 +30,3 @@ async fn main() -> anyhow::Result<()> {
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Wait for either Ctrl-C (interactive shell) or SIGTERM (Docker /
|
||||
/// Kubernetes / Podman / systemd stop) and log which arrived. Without
|
||||
/// the SIGTERM branch, `docker compose stop` runs out its grace period
|
||||
/// and skips straight to SIGKILL — the daemon never gets the
|
||||
/// `daemon.shutdown().await` path, leaking Chromium.
|
||||
async fn shutdown_signal() {
|
||||
use tokio::signal::unix::{signal, SignalKind};
|
||||
let mut sigterm = match signal(SignalKind::terminate()) {
|
||||
Ok(s) => s,
|
||||
Err(e) => {
|
||||
// SignalKind::terminate() is supported on every Unix the
|
||||
// tokio runtime runs on; if registration fails we still
|
||||
// honour Ctrl-C so the process is at least
|
||||
// interactive-shutdownable.
|
||||
tracing::warn!(error = %e, "could not install SIGTERM handler; falling back to ctrl_c only");
|
||||
let _ = tokio::signal::ctrl_c().await;
|
||||
tracing::info!("ctrl-c received; shutting down");
|
||||
return;
|
||||
}
|
||||
};
|
||||
tokio::select! {
|
||||
_ = tokio::signal::ctrl_c() => {
|
||||
tracing::info!("ctrl-c received; shutting down");
|
||||
}
|
||||
_ = sigterm.recv() => {
|
||||
tracing::info!("SIGTERM received; shutting down");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,9 +1,15 @@
|
||||
# Production-like compose. Requires a populated `.env` next to this
|
||||
# file: at minimum POSTGRES_PASSWORD must be set to a non-default
|
||||
# value (the `?required` form below fails fast otherwise). The
|
||||
# frontend container expects HTTPS in front (Caddy/Traefik/nginx)
|
||||
# because COOKIE_SECURE=true browsers will refuse to send the session
|
||||
# cookie over plain HTTP.
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:16-alpine
|
||||
environment:
|
||||
POSTGRES_USER: ${POSTGRES_USER:-mangalord}
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-mangalord}
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set in .env}
|
||||
POSTGRES_DB: ${POSTGRES_DB:-mangalord}
|
||||
volumes:
|
||||
- postgres-data:/var/lib/postgresql/data
|
||||
@@ -19,7 +25,7 @@ services:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
environment:
|
||||
DATABASE_URL: postgres://${POSTGRES_USER:-mangalord}:${POSTGRES_PASSWORD:-mangalord}@postgres:5432/${POSTGRES_DB:-mangalord}
|
||||
DATABASE_URL: postgres://${POSTGRES_USER:-mangalord}:${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set in .env}@postgres:5432/${POSTGRES_DB:-mangalord}
|
||||
BIND_ADDRESS: 0.0.0.0:8080
|
||||
STORAGE_DIR: /var/lib/mangalord/storage
|
||||
RUST_LOG: ${RUST_LOG:-info,mangalord=debug}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "mangalord-frontend",
|
||||
"version": "0.35.0",
|
||||
"version": "0.34.0",
|
||||
"private": true,
|
||||
"type": "module",
|
||||
"scripts": {
|
||||
|
||||
Reference in New Issue
Block a user