till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 19:41:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
managarten/scripts/mac-mini/deploy.sh
Till JS e8de377cfe fix(macmini): mount prometheus config directly so /-/reload picks up edits 
VictoriaMetrics + vmalert previously copied prometheus.yml/alerts.yml from
/mnt/prometheus-config/ into /etc/prometheus/ at container start. The copy
silently drifted from the host file whenever the container wasn't restarted —
which is exactly what hid the matrix/element removal from status.mana.how
until 2026-04-08, when VM was still actively scraping the deleted targets
because its in-container config snapshot pre-dated the cleanup.

Now both containers mount ./docker/prometheus directly into /etc/prometheus
(resp. /etc/alerts) read-only and point the binary at it, and deploy.sh
issues POST /-/reload to both after each deploy so config edits go live
without a container recreate.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-08 17:25:48 +02:00

130 lines
4.4 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
# Mac Mini Deployment Script
# Pulls latest images and starts all containers
set -e
# Ensure PATH includes docker
export PATH="/usr/local/bin:/opt/homebrew/bin:$PATH"
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
COMPOSE_FILE="$PROJECT_ROOT/docker-compose.macmini.yml"
ENV_FILE="$PROJECT_ROOT/.env.macmini"
echo "=== Mana Mac Mini Deployment ==="
echo ""
echo "Project root: $PROJECT_ROOT"
echo "Compose file: $COMPOSE_FILE"
echo ""
# Check if env file exists
if [ ! -f "$ENV_FILE" ]; then
echo "Warning: $ENV_FILE not found"
echo "Creating from template..."
cat > "$ENV_FILE" << 'EOF'
# Mac Mini Production Environment
# Copy this to .env.macmini and fill in the values
# Database
POSTGRES_PASSWORD=your-secure-password
# Redis
REDIS_PASSWORD=your-redis-password
# JWT Keys (from mana-auth)
JWT_SECRET=your-jwt-secret
JWT_PUBLIC_KEY=
JWT_PRIVATE_KEY=
# Supabase (if needed)
SUPABASE_URL=
SUPABASE_SERVICE_ROLE_KEY=
# Azure OpenAI (for chat)
AZURE_OPENAI_ENDPOINT=
AZURE_OPENAI_API_KEY=
EOF
echo ""
echo "Please edit $ENV_FILE with your values and run this script again."
exit 1
fi
# Login to GitHub Container Registry
echo "=== Logging into GitHub Container Registry ==="
echo "Please enter your GitHub Personal Access Token (with read:packages scope):"
read -s GITHUB_TOKEN
echo "$GITHUB_TOKEN" | docker login ghcr.io -u memo-2023 --password-stdin
echo ""
echo "=== Pulling latest images ==="
docker compose -f "$COMPOSE_FILE" --env-file "$ENV_FILE" pull
echo ""
echo "=== Starting containers ==="
docker compose -f "$COMPOSE_FILE" --env-file "$ENV_FILE" up -d
echo ""
echo "=== Waiting for services to start (30s) ==="
sleep 30
echo ""
echo "=== Container Status ==="
docker compose -f "$COMPOSE_FILE" ps
echo ""
echo "=== Creating databases ==="
docker compose -f "$COMPOSE_FILE" exec -T postgres psql -U postgres -c "CREATE DATABASE mana_auth;" 2>/dev/null || echo "mana_auth exists"
docker compose -f "$COMPOSE_FILE" exec -T postgres psql -U postgres -c "CREATE DATABASE chat;" 2>/dev/null || echo "chat exists"
docker compose -f "$COMPOSE_FILE" exec -T postgres psql -U postgres -c "CREATE DATABASE todo;" 2>/dev/null || echo "todo exists"
docker compose -f "$COMPOSE_FILE" exec -T postgres psql -U postgres -c "CREATE DATABASE calendar;" 2>/dev/null || echo "calendar exists"
docker compose -f "$COMPOSE_FILE" exec -T postgres psql -U postgres -c "CREATE DATABASE clock;" 2>/dev/null || echo "clock exists"
echo ""
echo "=== Health Checks ==="
check_health() {
local name=$1
local url=$2
if curl -s -o /dev/null -w "%{http_code}" "$url" | grep -q "200"; then
echo " $name: OK"
else
echo " $name: FAILED"
fi
}
check_health "Auth API" "http://localhost:3001/health"
check_health "Mana Web" "http://localhost:5000/health"
check_health "Chat Backend" "http://localhost:3030/health"
check_health "Chat Web" "http://localhost:5010/health"
check_health "Todo Backend" "http://localhost:3031/health"
check_health "Todo Web" "http://localhost:5011/health"
check_health "Calendar Backend" "http://localhost:3032/health"
check_health "Calendar Web" "http://localhost:5012/health"
check_health "Clock Backend" "http://localhost:3033/health"
check_health "Clock Web" "http://localhost:5013/health"
check_health "Contacts Backend" "http://localhost:3034/health"
check_health "Contacts Web" "http://localhost:5014/health"
echo ""
echo "=== Reloading monitoring configs ==="
# Bind-mounted prometheus.yml/alerts.yml are now read live from
# docker/prometheus/ — but a running VM/vmalert needs an explicit reload to
# pick up edits without a container restart.
docker exec mana-mon-victoria wget -qO- --post-data= http://0.0.0.0:9090/-/reload \
&& echo " victoriametrics: reloaded" \
|| echo " victoriametrics: reload failed (container down?)"
docker exec mana-mon-vmalert wget -qO- --post-data= http://0.0.0.0:8880/-/reload \
&& echo " vmalert: reloaded" \
|| echo " vmalert: reload failed (container down?)"
echo ""
echo "=== Deployment Complete ==="
echo ""
echo "URLs via Cloudflare Tunnel:"
echo " https://mana.how - Unified App (all modules)"
echo " https://auth.mana.how - Auth API"
echo " https://api.mana.how - API Gateway"
echo " https://git.mana.how - Forgejo"
echo " https://grafana.mana.how - Grafana"
echo " https://status.mana.how - Status Page"
echo ""
Reference in a new issue View git blame Copy permalink