diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 1dfbd04..c283d43 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -51,28 +51,25 @@ jobs: # Authenticate with Gitea registry on Droplet docker login -u "${{ github.actor }}" -p "${{ secrets.GITHUB_TOKEN }}" git.nciphered.com - # Ensure isolated network exists - docker network create dockernet 2>/dev/null || true - # Pull latest image docker pull git.nciphered.com/${{ github.repository }}:latest # Stop existing container - docker rm -f stick-app-container || true + docker rm -f ${{ secrets.APP_CONTAINER_NAME }} || true - # Run container on the 'dockernet' network + # Run container with user-defined docker flags (e.g., --network, -p) docker run -d \ - --name stick-app-container \ - --network dockernet \ - -p 80:3007 \ + --name ${{ secrets.APP_CONTAINER_NAME }} \ + ${{ secrets.DOCKER_RUN_FLAGS }} \ -e DATABASE_URL="${{ secrets.DATABASE_URL_DROPLET }}" \ -e DATABASE_NAME="${{ secrets.DATABASE_NAME }}" \ -e JWT_SECRET="${{ secrets.JWT_SECRET }}" \ -e HOST="0.0.0.0" \ - -e PORT="3007" \ + -e PORT="${{ secrets.APP_PORT }}" \ --restart unless-stopped \ git.nciphered.com/${{ github.repository }}:latest + deploy-cloudrun: name: Deploy to Google Cloud Run needs: build diff --git a/README.md b/README.md index 3b689fd..8ec7f55 100644 --- a/README.md +++ b/README.md @@ -205,46 +205,30 @@ pub async fn delete_task_handler( ## Production Deployment to a Cloud Host (DigitalOcean Droplet) -For production deployments (such as to a DigitalOcean Droplet), we avoid using `--network="host"`. Instead, we deploy both the database and the application container to a shared, user-defined Docker bridge network named **`dockernet`**. This provides secure internal DNS resolution and container isolation. +For production deployments (such as to a DigitalOcean Droplet), the application is fully containerized and configured via standard environment variables. -### 1. Create the Isolated Docker Network -On your Droplet, create the bridge network: +The application is completely decoupled from the underlying hosting, networking, and database infrastructure. You are responsible for provisioning the database and supplying the connection configuration. + +### 1. Build the Application Container +Build the application Docker image: ```bash -docker network create dockernet -``` - -### 2. Build and Run the Database Infrastructure -Build the custom MongoDB infrastructure image using the dedicated `Infra.DockerFile`: -```bash -# 1. Build the database image -docker build -t stick-db -f Infra.DockerFile . - -# 2. Run the database container on 'dockernet' with host persistence -docker run --name stick-mongodb \ - --network dockernet \ - -v /var/lib/mongodb/data:/data/db \ - -d \ - stick-db -``` -*Note: The database container is named `stick-mongodb`. Other containers on `dockernet` can now resolve this container using `mongodb://stick-mongodb:27017`.* - -### 3. Build and Deploy the Application Container -Build the main application image and launch it on the same network: -```bash -# 1. Build the application image docker build -t stick-app . +``` -# 2. Run the application container, linking to the database using its container name -docker run --name stick-app-container \ - --network dockernet \ +### 2. Deploy the Application Container +Run the container on your target Docker network, providing the connection details to your pre-existing MongoDB database container through environment variables: +```bash +docker run -d \ + --name stick-app-container \ + --network your-docker-network \ -p 80:3007 \ - -e DATABASE_URL="mongodb://stick-mongodb:27017" \ + -e DATABASE_URL="mongodb://your-mongodb-host:27017" \ -e DATABASE_NAME="stick_db" \ -e JWT_SECRET="your_secure_production_jwt_signing_key_at_least_32_chars_long" \ -e HOST="0.0.0.0" \ -e PORT="3007" \ - -d \ + --restart unless-stopped \ stick-app ``` -*Note: `-p 80:3007` maps the Droplet's external HTTP port 80 to the application's internal container port 3007.* +*Note: Adjust the port mapping (`-p`), container name, network name, and `DATABASE_URL` environment variable as necessary to integrate with your custom proxy or container infrastructure.*