diff --git a/.gitea/workflows/docker.yml b/.gitea/workflows/docker.yml index 10d4f68..14b2ba5 100644 --- a/.gitea/workflows/docker.yml +++ b/.gitea/workflows/docker.yml @@ -60,9 +60,10 @@ jobs: docker push "$REGISTRY/$OWNER/${{ matrix.image }}:sha-${GITHUB_SHA::8}" docker push "$REGISTRY/$OWNER/${{ matrix.image }}:latest" - # Deploy the docs site to home-main-2 (docs.punktfunk.unom.io via Caddy on - # home-reverse-proxy-1 -> :3220). Same secret set as unom/website's deploy: - # DEPLOY_HOST/DEPLOY_USER/DEPLOY_PORT/DEPLOY_SSH_KEY (the unom-ci-deploy key). + # Deploy the docs site to unom-1, the DMZ services VM website/cms also deploy to + # (docs.punktfunk.unom.io via Caddy on home-reverse-proxy-1 -> :3220). Same secret set + # as unom/website's deploy: DEPLOY_HOST/DEPLOY_USER/DEPLOY_PORT/DEPLOY_SSH_KEY (the + # unom-ci-deploy key). deploy-docs: runs-on: ubuntu-24.04 needs: build-push diff --git a/compose.production.yml b/compose.production.yml index 91de76d..a26602f 100644 --- a/compose.production.yml +++ b/compose.production.yml @@ -1,7 +1,7 @@ -# Production compose for the deployed punktfunk pieces — runs on home-main-2 under +# Production compose for the deployed punktfunk pieces — runs on unom-1 (the DMZ services VM, 192.168.50.50) under # ~/punktfunk-docs (synced there by .gitea/workflows/docker.yml's deploy job; pattern # follows unom/website + unom/cms). Caddy on home-reverse-proxy-1 serves -# docs.punktfunk.unom.io -> home-main-2:3220 (vhost in unom/reverse-proxy). +# docs.punktfunk.unom.io -> unom-1:3220 (vhost in unom/reverse-proxy). name: punktfunk-docs-prod services: docs: diff --git a/docs-site/content/docs/ci.md b/docs-site/content/docs/ci.md index 023dbb6..49ba9f1 100644 --- a/docs-site/content/docs/ci.md +++ b/docs-site/content/docs/ci.md @@ -58,12 +58,13 @@ ssh enricobuehler@192.168.1.135 GITEA_RUNNER_TOKEN= bash -s \ ## Deployment `docker.yml`'s `deploy-docs` job ships this docs site after every image push: it syncs -`compose.production.yml` to `~/punktfunk-docs` on **home-main-2** and runs -`docker compose pull && up -d` there over SSH (same pattern and secret set as -`unom/website`: `DEPLOY_HOST` / `DEPLOY_USER` / `DEPLOY_PORT` / `DEPLOY_SSH_KEY`, the -`unom-ci-deploy` key). The container binds host port **3220**; Caddy on -`home-reverse-proxy-1` serves it as (vhost tracked in -`unom/reverse-proxy`). The host and the web console are NOT deployed — the console +`compose.production.yml` to `~/punktfunk-docs` on **unom-1** (the DMZ services VM +website and cms deploy to) and runs `docker compose pull && up -d` there over SSH (same +pattern and secret set as `unom/website`: `DEPLOY_HOST` / `DEPLOY_USER` / `DEPLOY_PORT` / +`DEPLOY_SSH_KEY`, the `unom-ci-deploy` key). The container binds host port **3220**; +Caddy on `home-reverse-proxy-1` serves it as (vhost in +`unom/reverse-proxy`, UniFi firewall allowlist Caddy→unom-1:3220 in `unom/infra` +`proxmox/unom-1`). The host and the web console are NOT deployed — the console fronts a punktfunk host's management API on whatever box runs the host. ## Troubleshooting