admin/deploy-felhom-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

removed ".env" references from comments, documentation

Browse Source
This commit is contained in:
authentik Default Admin
2026-02-26 09:34:00 +01:00
parent f6b09ca99e
commit 5f423b6510
4 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CLAUDE.md
+1 -1
View File
@@ -239,7 +239,7 @@ manually via the dashboard "Sablonok frissítése" button.
- On startup: clones repo to `{data_dir}/catalog-cache/` (shallow clone, `--depth 1`)
- Periodically: `git fetch --depth 1` + `git reset --hard origin/{branch}`
- Copies only `docker-compose.yml` and `.felhom.yml` to stacks dir
- **Never overwrites** `app.yaml` or `.env` — these contain deployed secrets
- **Never overwrites** `app.yaml` — this contains deployed secrets
- Content-hash comparison (SHA-256) — only writes if file actually changed
- After sync, triggers `ScanStacks()` rescan for dashboard update
- `POST /api/sync` triggers immediate sync (30s debounce)
CONTEXT.md
+1 -1
View File
@@ -102,7 +102,7 @@ Last updated: 2026-02-19 (session 59)
/opt/docker/felhom-controller/ # Controller compose + config
├── controller.yaml # Customer config (domain, auth, paths)
├── docker-compose.yml # Controller's own compose
└── .env # DOMAIN=demo-felhom.eu
└── data/ # Controller persistent data (named volume)
/opt/docker/stacks/ # All app stacks
├── traefik/ # Reverse proxy (protected)
controller/README.md
+2 -2
View File
@@ -123,7 +123,7 @@ The app catalog lives in a separate Git repository. The controller:
- Shallow-clones the catalog on startup
- Periodically fetches updates (configurable, default 15 min)
- Copies only `docker-compose.yml` and `.felhom.yml` to the stacks directory
- **Never overwrites** `app.yaml` or `.env` (user secrets are safe)
- **Never overwrites** `app.yaml` (user secrets are safe)
- Uses SHA-256 content hashing — only writes files that actually changed
- Triggers stack rescan after sync so the dashboard updates immediately
- **Post-sync hook**: auto-injects missing deploy fields (new secrets, domains) into existing `app.yaml` for stacks whose templates were updated (see Missing Field Injection below)
@@ -742,7 +742,7 @@ The controller needs write access to its own `docker-compose.yml`. This is achie
```yaml
volumes:
# 1. Directory mount — gives access to compose file + .env
# 1. Directory mount — gives access to compose file + config
- /opt/docker/felhom-controller:/opt/docker/felhom-controller
# 2. Read-only override — prevents accidental config writes
- /opt/docker/felhom-controller/controller.yaml:/opt/docker/felhom-controller/controller.yaml:ro
controller/internal/sync/sync.go
+2 -2
View File
@@ -301,7 +301,7 @@ func (s *Syncer) buildRepoURL() string {
}
// copyTemplates copies docker-compose.yml and .felhom.yml from the catalog cache
// to the stacks directory. Never overwrites app.yaml or .env files.
// to the stacks directory. Never overwrites app.yaml.
func (s *Syncer) copyTemplates() (newApps []string, updated []string, err error) {
templatesDir := filepath.Join(s.cacheDir, "templates")
entries, err := os.ReadDir(templatesDir)
@@ -327,7 +327,7 @@ func (s *Syncer) copyTemplates() (newApps []string, updated []string, err error)
}
}
// Files to sync (only template files, never app.yaml or .env)
// Files to sync (only template files, never app.yaml)
syncFiles := []string{"docker-compose.yml", ".felhom.yml"}
anyChanged := false