- Move deploy/nginx.conf -> deploy/conf.d/default.conf and mount the
directory so future config changes can be hot-reloaded with
`nginx -s reload` instead of a full container restart.
- Add deploy/hook.py: a tiny stdlib HMAC-validated webhook listener that
runs pull.sh on Gitea push events. Bound to 127.0.0.1:9528 and
fronted by openresty at /_hook/deploy.
- Add the matching systemd unit at deploy/facere-deploy-hook.service.
- Teach pull.sh the new layout (reload vs. restart vs. compose up -d)
and self-restart the hook listener if hook.py changes.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Cron on the host runs deploy/pull.sh every minute. It fetches main,
fast-forwards the working tree, and restarts the facere-web container
when deploy/nginx.conf changes (Docker bind-mounts the file by inode,
so the in-container view is otherwise stale after a git reset).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Prevents leaking repo history, the docker-compose / nginx config, and
the auto-pull script via the publicly served root.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Bring in the newer app.jsx/styles.css/facere.html that were edited
directly on the deployed copy, rename Facere.html -> facere.html to
match the nginx index, and check in the docker-compose + nginx.conf
that drives the container.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
