diff --git a/.github/workflows/ci-cd-web-desktop.yml b/.github/workflows/ci-cd-web-desktop.yml index ff68e05..550443d 100644 --- a/.github/workflows/ci-cd-web-desktop.yml +++ b/.github/workflows/ci-cd-web-desktop.yml @@ -58,6 +58,20 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Determine writable APP_DIR + id: appdir + run: | + DEFAULT_DIR="${APP_DIR:-/srv/apps/sistema}" + FALLBACK_DIR="$HOME/apps/sistema" + TARGET_DIR="$DEFAULT_DIR" + mkdir -p "$TARGET_DIR" 2>/dev/null || true + if ! (test -d "$TARGET_DIR" && test -w "$TARGET_DIR"); then + TARGET_DIR="$FALLBACK_DIR" + mkdir -p "$TARGET_DIR" + fi + echo "Using APP_DIR=$TARGET_DIR" + echo "EFFECTIVE_APP_DIR=$TARGET_DIR" >> "$GITHUB_ENV" + - name: Setup pnpm uses: pnpm/action-setup@v4 with: @@ -71,7 +85,7 @@ jobs: - name: Sync workspace to APP_DIR (preserving local env) run: | - mkdir -p "$APP_DIR" + mkdir -p "$EFFECTIVE_APP_DIR" RSYNC_FLAGS="-az --inplace --no-times --no-perms --no-owner --no-group --delete" rsync $RSYNC_FLAGS \ --filter='protect node_modules' \ @@ -91,8 +105,8 @@ jobs: --exclude '.env*' \ --exclude 'apps/desktop/.env*' \ --exclude 'convex/.env*' \ - ./ "$APP_DIR"/ \ - || sudo -n rsync $RSYNC_FLAGS \ + ./ "$EFFECTIVE_APP_DIR"/ \ + || rsync $RSYNC_FLAGS \ --filter='protect node_modules' \ --filter='protect node_modules/**' \ --filter='protect .pnpm-store' \ @@ -110,7 +124,7 @@ jobs: --exclude '.env*' \ --exclude 'apps/desktop/.env*' \ --exclude 'convex/.env*' \ - ./ "$APP_DIR"/ + ./ "$EFFECTIVE_APP_DIR"/ - name: Install and build (Next.js) run: | @@ -122,8 +136,8 @@ jobs: - name: Swarm deploy (stack.yml) run: | - cd "$APP_DIR" - RELEASE_SHA=${{ github.sha }} docker stack deploy --with-registry-auth -c stack.yml sistema + cd "$EFFECTIVE_APP_DIR" + APP_DIR="$EFFECTIVE_APP_DIR" RELEASE_SHA=${{ github.sha }} docker stack deploy --with-registry-auth -c stack.yml sistema - name: Restart web service with new code run: | @@ -144,9 +158,23 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Determine writable APP_DIR + id: appdir + run: | + DEFAULT_DIR="${APP_DIR:-/srv/apps/sistema}" + FALLBACK_DIR="$HOME/apps/sistema" + TARGET_DIR="$DEFAULT_DIR" + mkdir -p "$TARGET_DIR" 2>/dev/null || true + if ! (test -d "$TARGET_DIR" && test -w "$TARGET_DIR"); then + TARGET_DIR="$FALLBACK_DIR" + mkdir -p "$TARGET_DIR" + fi + echo "Using APP_DIR=$TARGET_DIR" + echo "EFFECTIVE_APP_DIR=$TARGET_DIR" >> "$GITHUB_ENV" + - name: Sync workspace to APP_DIR (preserving local env) run: | - mkdir -p "$APP_DIR" + mkdir -p "$EFFECTIVE_APP_DIR" RSYNC_FLAGS="-az --inplace --no-times --no-perms --no-owner --no-group --delete" rsync $RSYNC_FLAGS \ --filter='protect node_modules' \ @@ -166,8 +194,8 @@ jobs: --exclude '.env*' \ --exclude 'apps/desktop/.env*' \ --exclude 'convex/.env*' \ - ./ "$APP_DIR"/ \ - || sudo -n rsync $RSYNC_FLAGS \ + ./ "$EFFECTIVE_APP_DIR"/ \ + || rsync $RSYNC_FLAGS \ --filter='protect node_modules' \ --filter='protect node_modules/**' \ --filter='protect .pnpm-store' \ @@ -185,11 +213,11 @@ jobs: --exclude '.env*' \ --exclude 'apps/desktop/.env*' \ --exclude 'convex/.env*' \ - ./ "$APP_DIR"/ + ./ "$EFFECTIVE_APP_DIR"/ - name: Deploy functions to Convex self-hosted run: | docker run --rm -i \ - -v "$APP_DIR":/app \ + -v "$EFFECTIVE_APP_DIR":/app \ -w /app \ -e CONVEX_SELF_HOSTED_URL="${{ secrets.CONVEX_SELF_HOSTED_URL }}" \ -e CONVEX_SELF_HOSTED_ADMIN_KEY="${{ secrets.CONVEX_SELF_HOSTED_ADMIN_KEY }}" \ diff --git a/stack.yml b/stack.yml index f6bcf7e..0053bc2 100644 --- a/stack.yml +++ b/stack.yml @@ -12,7 +12,7 @@ services: && pnpm auth:seed \ && pnpm start -p 3000" volumes: - - /srv/apps/sistema:/app + - ${APP_DIR:-/srv/apps/sistema}:/app - sistema_db:/app/data environment: NODE_ENV: "production"