4 Commits

Author SHA1 Message Date
justin 0b9d72c878 Drop bundled Watchtower; rely on the host's global Watchtower
ripper already runs a single global nickfedor/watchtower (label-enabled) that watches every stack; the bundled containrrr/watchtower was redundant and crash-looped (its Docker API client is too old for Docker 29). Keep the watchtower.enable labels on backend/frontend so the host instance auto-deploys them; remove the per-stack service and profile.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Justin Paul <justin@jpaul.me>
2026-06-06 11:58:49 -04:00
justin 2d0635e710 Merge pull request 'Add Watchtower auto-deploy (2-min poll)' (#3) from watchtower-autodeploy into main 2026-06-06 11:55:51 -04:00
justin 768d1b23d4 Add Watchtower auto-deploy for app images (2-minute poll)
Watchtower (profile-gated) watches only the label-enabled backend/frontend containers and recreates them when a new :test-main digest lands in the registry, polling every 120s. Scoped by label so it never touches Postgres/MinIO/Caddy/cloudflared. Reads registry creds from the host docker config. Lab host runs COMPOSE_PROFILES=tunnel,watchtower.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Justin Paul <justin@jpaul.me>
2026-06-06 11:55:38 -04:00
justin 11f0f79866 Merge pull request 'Frontend rebrand: ink + bronze + paper' (#2) from frontend-rebrand into main
build-frontend / build (push) Successful in 1m16s
2026-06-06 11:51:13 -04:00
2 changed files with 14 additions and 3 deletions
+4 -3
View File
@@ -30,9 +30,10 @@ S3_REGION=us-east-1
# tunnel forwards plain HTTP to caddy:80.
PROVENANCE_SITE_ADDRESS=:80
# --- Cloudflare Tunnel (optional) ---
# Enable by setting COMPOSE_PROFILES=tunnel and supplying the connector token
# from the Cloudflare dashboard. Public hostname -> http://caddy:80.
# --- Deploy-host services (optional, selected via COMPOSE_PROFILES) ---
# 'tunnel' -> cloudflared connector (needs CLOUDFLARE_TUNNEL_TOKEN; public hostname -> http://caddy:80)
# Auto-deploy is handled by the host's global Watchtower (watches the
# watchtower-enabled backend/frontend labels) — no profile needed here.
CLOUDFLARE_TUNNEL_TOKEN=
COMPOSE_PROFILES=
+10
View File
@@ -42,6 +42,8 @@ services:
backend:
image: git.jpaul.io/justin/provenance-backend:${IMAGE_TAG:-test-main}
labels:
com.centurylinklabs.watchtower.enable: "true"
environment:
APP_ENV: ${APP_ENV:-development}
DATABASE_URL: ${DATABASE_URL:-postgresql+asyncpg://provenance:provenance@postgres:5432/provenance}
@@ -62,6 +64,8 @@ services:
frontend:
image: git.jpaul.io/justin/provenance-frontend:${IMAGE_TAG:-test-main}
labels:
com.centurylinklabs.watchtower.enable: "true"
environment:
NODE_ENV: production
depends_on:
@@ -104,6 +108,12 @@ services:
profiles:
- tunnel
# Auto-deploy is handled by the host's global Watchtower (a single
# nickfedor/watchtower instance watches every container labelled
# `com.centurylinklabs.watchtower.enable=true` across all stacks). The backend
# and frontend carry that label above, so a new :test-main image is pulled and
# the container recreated automatically — no per-stack Watchtower needed.
volumes:
pgdata:
miniodata: