Add CI and deployment workflows for Gitea

.gitea/workflows/ci.yml

@@ -0,0 +1,35 @@
+name: CI
+
+on:
+  push:
+    branches: ["*"]
+  pull_request:
+    branches: ["*"]
+
+jobs:
+  quality-checks:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.14"
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+        with:
+          version: "0.11.1"
+          enable-cache: true
+
+      - name: Run pre-commit hooks
+        run: uv run pre-commit run --all-files
+
+      - name: Run type checking with ty
+        run: uv run ty check
+
+      - name: Run tests with pytest
+        run: uv run pytest

.gitea/workflows/deploy.yml

@@ -0,0 +1,57 @@
+name: Deploy
+
+on:
+  push:
+    branches: ["main"]
+  workflow_run:
+    workflows: ["CI"]
+    types:
+      - completed
+    branches: ["main"]
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    # Only deploy if CI workflow succeeded
+    if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'push' }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Stop existing containers
+        run: |
+          # Stop and remove existing containers if they exist
+          docker compose down --remove-orphans || true
+
+      - name: Build and deploy with Docker Compose
+        run: |
+          # Build images
+          docker compose build
+
+          # Deploy the stack in detached mode
+          export GOOGLE_BOOKS_API_KEY="${{ secrets.GOOGLE_BOOKS_API_KEY }}"
+          docker compose up -d
+
+          # Wait for health checks to pass
+          echo "Waiting for application to be healthy..."
+          timeout 300 sh -c 'until docker compose ps | grep -q "healthy"; do sleep 5; done'
+
+      - name: Verify deployment
+        run: |
+          # Check if all services are running
+          docker compose ps
+
+          # Test if the application responds
+          sleep 10
+          wget --spider --no-check-certificate https://172.17.0.1:5123 || exit 1
+
+          echo "Deployment successful!"
+
+      - name: Cleanup old images
+        run: |
+          # Remove dangling images to save space
+          docker image prune -f

Caddyfile

@@ -33,9 +33,6 @@ localhost {
         
         # Forward real IP to app
         header_up X-Real-IP {remote}
-        header_up X-Forwarded-For {remote}
-        header_up X-Forwarded-Proto {scheme}
-        header_up X-Forwarded-Host {host}
     }
 
     # Optional: Enable compression for better performance

docker-compose.yml

@@ -9,6 +9,8 @@ services:
       - instance:/app/instance
       # Mount shared directory for static files that Caddy can access
       - static:/shared/static
+      # Mount caddy_file for Caddy configuration
+      - caddy_file:/app/caddy
     expose:
       - "5000"
     environment:
@@ -32,10 +34,10 @@ services:
     image: caddy:2-alpine
     restart: unless-stopped
     ports:
-      - "5123:80"
+      - "5123:443"
     volumes:
       # Caddyfile configuration
-      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - caddy_file:/etc/caddy
       # Media files served directly by Caddy
       - media:/var/www/media:ro
       # Static files served directly by Caddy (populated by app container)
@@ -64,3 +66,5 @@ volumes:
     driver: local
   caddy_config:
     driver: local
+  caddy_file:
+    driver: local

docker-entrypoint.sh

@@ -12,6 +12,9 @@ else
     echo "Static files already present in shared volume"
 fi
 
+# Copy Caddyfile to shared volume
+cp /app/Caddyfile /app/caddy/Caddyfile
+
 # Initialize database if it doesn't exist or run migrations if it does
 echo "Checking database status..."
 if [ ! -f /app/instance/hxbooks.sqlite ]; then