core/cli
8
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
865 commits 3 branches 0 tags 352 MiB
Commit graph

5 commits

Author SHA1 Message Date
Snider
260dca0999 refactor: move PHP docker files to core-php, keep only CLI Dockerfile
Some checks failed
Deploy / build (push) Failing after 4s
Details
Security Scan / security (push) Successful in 14s
Details 
Move Dockerfile.app, Dockerfile.web, nginx/, php/, and docker-compose
to core-php where they belong. Promote Dockerfile.core to root Dockerfile.
Simplify deploy workflow to only build the CLI image.

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-02-21 21:14:28 +00:00
Snider
c84ce5265f refactor(ci): use reusable docker-publish workflow, switch to Docker Hub
Some checks failed
Deploy / Test (push) Failing after 1s
Details
Deploy / Build App Image (push) Has been skipped
Details
Deploy / Build Web Image (push) Has been skipped
Details
Deploy / Build Core Image (push) Has been skipped
Details
Deploy / Deploy to Production (push) Has been skipped
Details
Security Scan / security (push) Successful in 16s
Details 
Replace inline docker build/push jobs with shared workflow from go-devops.
Add proper multi-stage Dockerfile.core (was inline heredoc).
Switch registry from dappco.re/osi to docker.io/lthn/.

Requires org secrets: REGISTRY_USER, REGISTRY_TOKEN

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-02-21 21:04:44 +00:00
Snider
6292fa2c77 fix(ci): harden security scan and Dockerfiles 
- Upgrade Go to 1.26, FrankenPHP to v1.11.2 (CVE-2026-24894)
- Add non-root USER to all Dockerfiles (Trivy misconfig)
- Upgrade gitleaks to v8.24.3 with arch detection

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-02-21 20:51:14 +00:00
Snider
a668c5ab5a fix(core-ide): use path-based routing for multi-window SPA, clean up formatting 
Switch Angular from hash-based to path-based routing so each Wails window
(/tray, /main, /settings) loads its correct route. Archive GitHub Actions
workflows to .gh-actions/, update Forgejo deploy registry to dappco.re/osi,
and apply gofmt/alignment fixes across packages.

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-02-09 01:50:57 +00:00
Snider
1b861494f1 feat(prod): add production infrastructure management 
Add `core prod` command with full production infrastructure tooling:

- `core prod status` — parallel SSH health checks across all hosts,
  Galera cluster state, Redis sentinel, Docker, LB health
- `core prod setup` — Phase 1 foundation: Hetzner topology discovery,
  managed LB creation, CloudNS DNS record management
- `core prod dns` — CloudNS record CRUD with idempotent EnsureRecord
- `core prod lb` — Hetzner Cloud LB status and creation
- `core prod ssh <host>` — SSH into hosts defined in infra.yaml

New packages:
- pkg/infra: config parsing, Hetzner Cloud/Robot API, CloudNS DNS API
- infra.yaml: declarative production topology (hosts, LB, DNS, SSL,
  Galera, Redis, containers, S3, CDN, CI/CD, monitoring, backups)

Docker:
- Dockerfile.app (PHP 8.3-FPM, multi-stage)
- Dockerfile.web (Nginx + security headers)
- docker-compose.prod.yml (app, web, horizon, scheduler, mcp, redis, galera)

Ansible playbooks (runnable via `core deploy ansible`):
- galera-deploy.yml, redis-deploy.yml, galera-backup.yml
- inventory.yml with all production hosts

CI/CD:
- .forgejo/workflows/deploy.yml for Forgejo Actions pipeline

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-06 03:03:29 +00:00