diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml index 2645dc15..bd22cb63 100644 --- a/.gitea/workflows/release.yml +++ b/.gitea/workflows/release.yml @@ -76,12 +76,6 @@ jobs: APP_MAIL_FROM=noreply@raddatz.cloud IMPORT_HOST_DIR=/srv/familienarchiv-production/import POSTGRES_USER=archiv - PORT_GRAFANA=3003 - PORT_GLITCHTIP=3002 - PORT_PROMETHEUS=9090 - GRAFANA_ADMIN_PASSWORD=${{ secrets.GRAFANA_ADMIN_PASSWORD }} - GLITCHTIP_SECRET_KEY=${{ secrets.GLITCHTIP_SECRET_KEY }} - GLITCHTIP_DOMAIN=https://glitchtip.archiv.raddatz.cloud SENTRY_DSN=${{ secrets.SENTRY_DSN }} EOF @@ -104,11 +98,28 @@ jobs: --env-file .env.production \ up -d --wait --remove-orphans + - name: Deploy observability configs + # Mirrors the nightly approach: copies obs compose file and config tree + # to /opt/familienarchiv/ (permanent path, survives workspace wipes — ADR-016), + # then writes obs-secrets.env fresh from Gitea secrets. + # Non-secret config lives in infra/observability/obs.env (tracked in git). + run: | + mkdir -p /opt/familienarchiv/infra + cp -r infra/observability /opt/familienarchiv/infra/ + cp docker-compose.observability.yml /opt/familienarchiv/ + cat > /opt/familienarchiv/obs-secrets.env <