diff --git a/.github/workflows/ci-cd-web-desktop.yml b/.github/workflows/ci-cd-web-desktop.yml index 254e51a..c295df5 100644 --- a/.github/workflows/ci-cd-web-desktop.yml +++ b/.github/workflows/ci-cd-web-desktop.yml @@ -49,6 +49,22 @@ jobs: cd "$APP_DIR" docker stack deploy --with-registry-auth -c stack.yml sistema + convex_deploy: + name: Deploy Convex functions + needs: deploy + runs-on: [ self-hosted, linux, vps ] + env: + APP_DIR: /srv/apps/sistema + steps: + - name: Deploy functions to Convex self-hosted + run: | + docker run --rm -i \ + -v "$APP_DIR":/app \ + -w /app \ + -e CONVEX_SELF_HOSTED_URL="${{ secrets.CONVEX_SELF_HOSTED_URL }}" \ + -e CONVEX_SELF_HOSTED_ADMIN_KEY="${{ secrets.CONVEX_SELF_HOSTED_ADMIN_KEY }}" \ + node:20-bullseye bash -lc "corepack enable && corepack prepare pnpm@9 --activate && pnpm install --frozen-lockfile --prod=false && pnpm exec convex deploy" + desktop_release: name: Desktop Release (Windows) if: ${{ startsWith(github.ref, 'refs/tags/v') }} @@ -94,4 +110,3 @@ jobs: **/bundle/**/* target: ${{ env.VPS_UPDATES_DIR }} overwrite: true - diff --git a/docs/OPERACAO-PRODUCAO.md b/docs/OPERACAO-PRODUCAO.md index d5f8074..541cdf5 100644 --- a/docs/OPERACAO-PRODUCAO.md +++ b/docs/OPERACAO-PRODUCAO.md @@ -97,6 +97,17 @@ Acesso - App: `https://tickets.esdrasrenan.com.br` - Convex: `https://convex.esdrasrenan.com.br` (o importante é o WebSocket do cliente conectar; o path `/version` responde para sanity‑check) +### Dashboard (opcional) +Você pode expor o painel do Convex para inspeção em produção. + +DNS +- Criar `convex-admin.esdrasrenan.com.br` apontando para a VPS. + +Stack +- O serviço `convex_dashboard` já está definido em `stack.yml` com Traefik. Após atualizar a stack: + - Acesse `https://convex-admin.esdrasrenan.com.br`. + - Use a Admin Key gerada por `./generate_admin_key.sh` para autenticar. + ## Convex self‑hosted — configuração inicial 1. Gerar Admin Key (uma vez, dentro do container do Convex): ``` @@ -157,6 +168,11 @@ docker stack deploy --with-registry-auth -c stack.yml sistema - Executar container `node:20-bullseye` com envs `CONVEX_SELF_HOSTED_URL` e `CONVEX_SELF_HOSTED_ADMIN_KEY` (secrets do GitHub) - Rodar `pnpm exec convex deploy` +Secrets necessários no GitHub (Repo → Settings → Secrets and variables → Actions) +- `CONVEX_SELF_HOSTED_URL` = `https://convex.esdrasrenan.com.br` +- `CONVEX_SELF_HOSTED_ADMIN_KEY` = chave retornada por `./generate_admin_key.sh` +- (Desktop) `VPS_HOST`, `VPS_USER`, `VPS_SSH_KEY`, `TAURI_PRIVATE_KEY`, `TAURI_KEY_PASSWORD` — se usar o job de release desktop + Benefícios - Push na `main` → pipeline atualiza app e (opcionalmente) publica mudanças no Convex. @@ -199,4 +215,3 @@ Benefícios - CI/CD (web + desktop): `.github/workflows/ci-cd-web-desktop.yml` - Guia CI/CD Desktop: `apps/desktop/docs/guia-ci-cd-web-desktop.md` - Docs Convex self‑hosted: imagem oficial `ghcr.io/get-convex/convex-backend` - diff --git a/stack.yml b/stack.yml index aa69c00..189e418 100644 --- a/stack.yml +++ b/stack.yml @@ -65,6 +65,27 @@ services: networks: - traefik_public + convex_dashboard: + image: ghcr.io/get-convex/convex-dashboard:latest + environment: + - NEXT_PUBLIC_DEPLOYMENT_URL=https://convex.esdrasrenan.com.br + deploy: + mode: replicated + replicas: 1 + placement: + constraints: + - node.role == manager + labels: + - traefik.enable=true + - traefik.docker.network=traefik_public + - traefik.http.routers.sistema_convex_admin.rule=Host(`convex-admin.esdrasrenan.com.br`) + - traefik.http.routers.sistema_convex_admin.entrypoints=websecure + - traefik.http.routers.sistema_convex_admin.tls=true + - traefik.http.routers.sistema_convex_admin.tls.certresolver=le + - traefik.http.services.sistema_convex_admin.loadbalancer.server.port=6791 + networks: + - traefik_public + volumes: sistema_db: convex_data: