4 Commits

Author	SHA1	Message	Date
grabowski	e6c213f35c	Add Caddy reverse proxy guide for internal, Tor, and Yggdrasil access ... Caddyfile config with shared proxy snippet that sets Host header for CSRF compatibility. Handles: - Public domain with auto HTTPS (Let's Encrypt) - LAN/internal on port 80 - Tor hidden service via localhost:8880 - Yggdrasil IPv6 on port 80 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-13 14:02:01 +07:00
grabowski	c12f727734	Update deploy workflow for private repo with deploy keys ... Two SSH keys needed: - DEPLOY_KEY: CI runner → LXC server (SSH access) - REPO_DEPLOY_KEY: LXC server → Gitea repo (git pull access) Workflow writes the repo deploy key to ~/.ssh on the server and configures SSH to use it for git.b4l.co.th. Handles first deploy (clone) and subsequent deploys (pull) automatically. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 16:26:04 +07:00
grabowski	12a6e9ef0b	Add Gitea Actions workflow for auto-deploy to LXC on push ... SSH-based deploy: git pull, npm ci, build, db:push, systemctl restart. Secrets configured in Gitea repo settings (DEPLOY_HOST, DEPLOY_USER, DEPLOY_KEY). Includes setup guide in docs/ci-deploy-setup.md. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 16:07:12 +07:00
grabowski	eac11c3a24	Add Proxmox LXC deployment guide ... Covers NixOS LXC (recommended, uses the flake module) and Debian/Ubuntu LXC (traditional setup). Includes PostgreSQL setup, systemd service, nginx reverse proxy, backup strategies, and update instructions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 13:30:52 +07:00