refactor : reorganize infra files into infra/dev and infra/prod

Consolidate Docker, Nginx, and deploy configs from 5 scattered directories (docker/, deploy/docker/, deploy/nginx/, script/) into a single infra/ tree with dev/ and prod/ subdirectories. Update all references in docker-compose, Makefile, CI workflows, Dockerfiles, and documentation. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-01 22:36:10 +02:00
parent b50cfb5049
commit 1ae9535516
23 changed files with 24 additions and 25 deletions
--- a/infra/prod/deploy-release.sh
+++ b/infra/prod/deploy-release.sh
@@ -0,0 +1,96 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Usage: ./infra/prod/deploy-release.sh v0.1.0
+# Requires: curl, tar, (optional) rsync
+#
+# Auth token: set RELEASE_TOKEN env var or create /etc/lesstime-release-token
+umask 002
+
+TAG="${1:-}"
+if [ -z "$TAG" ]; then
+  echo "Usage: $0 v0.1.0" >&2
+  exit 1
+fi
+
+REPO_OWNER="MALIO-DEV"
+REPO_NAME="Lesstime"
+GITEA_API="https://gitea.malio.fr/api/v1"
+DEPLOY_DIR="/var/www/lesstime"
+
+if [ -f /etc/lesstime-release-token ] && [ -z "${RELEASE_TOKEN:-}" ]; then
+  RELEASE_TOKEN="$(cat /etc/lesstime-release-token)"
+fi
+
+tmp_dir="$(mktemp -d)"
+cleanup() {
+  rm -rf "$tmp_dir"
+}
+trap cleanup EXIT
+
+release_json="$tmp_dir/release.json"
+curl_opts=(-sS)
+if [ -n "${RELEASE_TOKEN:-}" ]; then
+  curl_opts+=(-H "Authorization: token ${RELEASE_TOKEN}")
+fi
+curl "${curl_opts[@]}" \
+  "${GITEA_API}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${TAG}" \
+  -o "$release_json"
+
+asset_url="$(python3 - "$release_json" <<'PY'
+import json, sys
+data = json.load(open(sys.argv[1], 'r'))
+assets = data.get("assets", [])
+for a in assets:
+    name = a.get("name", "")
+    if name.startswith("lesstime-") and name.endswith(".tar.gz"):
+        print(a.get("browser_download_url", ""))
+        break
+PY
+)"
+
+if [ -z "$asset_url" ]; then
+  echo "Release asset not found for tag ${TAG}" >&2
+  exit 1
+fi
+
+archive="$tmp_dir/artefact.tar.gz"
+curl "${curl_opts[@]}" -L "$asset_url" -o "$archive"
+
+tar -xzf "$archive" -C "$tmp_dir"
+
+if command -v rsync >/dev/null 2>&1; then
+  rsync -a --delete --no-perms --no-owner --no-group \
+    --exclude ".env" \
+    --exclude ".env.local" \
+    --exclude "config/jwt" \
+    --exclude "var" \
+    "$tmp_dir"/ "$DEPLOY_DIR"/
+else
+  cp -a "$tmp_dir"/. "$DEPLOY_DIR"/
+fi
+
+# Ensure Nginx can traverse the deploy path.
+chmod o+rx "$(dirname "$DEPLOY_DIR")" "$DEPLOY_DIR" 2>/dev/null || true
+
+# Create frontend/dist symlink if needed (nginx serves from frontend/dist)
+if [ -d "${DEPLOY_DIR}/frontend/.output/public" ] && [ ! -L "${DEPLOY_DIR}/frontend/dist" ]; then
+  ln -sfn "${DEPLOY_DIR}/frontend/.output/public" "${DEPLOY_DIR}/frontend/dist"
+fi
+
+echo "Release ${TAG} deployed to ${DEPLOY_DIR}"
+
+# Ensure var/log exists and is writable by PHP (www-data)
+mkdir -p "${DEPLOY_DIR}/var/log"
+chown www-data:www-data "${DEPLOY_DIR}/var/log"
+chmod 775 "${DEPLOY_DIR}/var/log"
+
+if [ -f "${DEPLOY_DIR}/.env.local" ]; then
+  echo "Clearing cache..."
+  php "${DEPLOY_DIR}/bin/console" cache:clear --env=prod --no-debug
+
+  echo "Running migrations (if any)..."
+  php "${DEPLOY_DIR}/bin/console" doctrine:migrations:migrate --no-interaction --env=prod
+else
+  echo "Skip post-deploy: ${DEPLOY_DIR}/.env.local not found" >&2
+fi