soroushdes/HokmPlay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Soroush CI/CD (Gitea + Nexus) + self-host fonts for offline build
CI/CD / CI - API (dotnet build + engine sim) (push) Failing after 1m40s
Details
CI/CD / CI - Web (tsc + next build) (push) Failing after 1m20s
Details
CI/CD / Deploy - local stack (db + server + web) (push) Has been skipped
Details

Browse Source 
Pipeline (.gitea/workflows/ci-cd.yml), all images/packages via Nexus mirror:
- CI api-build: dotnet restore/build server/Hokm.slnx + run Hokm.Sim (rules).
- CI web-check: npm install + tsc --noEmit + next build (static export).
- deploy (self-hosted): pre-deploy pg_dump backup, rollback image tag, build,
  bring up db -> server -> web with stop+rm+up --no-deps (no force-recreate,
  no bare compose down), health-wait each, prune.

Local stack (docker-compose.yml), ports in 1500-1600 so it coexists with manual
dev on 3000/5005:  web :1500 (nginx static) -> server :1505 (.NET) -> db :1510
(postgres, named volume + backups). Dockerfiles: server (.NET, NuGet via
nuget.docker.config, binds 0.0.0.0, busybox wget healthcheck) + web (Next static
export -> nginx, NEXT_PUBLIC_* baked as build args). nginx.conf SPA fallback.

Config: server CORS is now config-driven (Cors__Origins) so the deployed web
origin is allowed without code edits. deploy/ENV_FILE.example documents the
Gitea ENV_FILE secret; DEPLOY.md covers setup/run/LAN-IP/rollback/migrations.

Fonts: switch Vazirmatn + Plus Jakarta Sans from next/font/google (build-time
Google fetch -> fails on the Iran CI runner) to self-hosted @fontsource-variable
packages. Build is offline and ~3x faster; 7 woff2 emitted into out/.

Verified locally: dotnet build slnx + Hokm.Sim (300 matches, exit 0); tsc clean;
next build clean with self-hosted fonts.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
2026-06-04 19:09:31 +03:30
parent e778e8b5bd
commit 89d42184a1
15 changed files with 534 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/.dockerignore
+7
View File
@@ -0,0 +1,7 @@
**/bin
**/obj
*.db
*.db-shm
*.db-wal
.git
*.user
server/Dockerfile
+21
View File
@@ -0,0 +1,21 @@
# Hokm.Server (.NET 10 ASP.NET Core + SignalR)
# Build context = ./server (so Hokm.Engine + Hokm.Server are both in scope)
FROM mirror.soroushasadi.com/dotnet/sdk:10.0 AS build
WORKDIR /src
COPY nuget.docker.config /tmp/nuget.config
COPY Directory.Build.props ./
COPY src/ ./src/
RUN dotnet restore src/Hokm.Server/Hokm.Server.csproj --configfile /tmp/nuget.config
RUN dotnet publish src/Hokm.Server/Hokm.Server.csproj -c Release -o /out --no-restore
FROM mirror.soroushasadi.com/dotnet/aspnet:10.0
WORKDIR /app
# aspnet image ships no wget/curl — borrow busybox so the healthcheck has wget.
COPY --from=mirror.soroushasadi.com/busybox:1.36 /bin/busybox /usr/bin/wget
COPY --from=build /out ./
# Bind all interfaces (appsettings binds localhost only, unreachable across the port map).
ENV ASPNETCORE_URLS=http://0.0.0.0:5005
EXPOSE 5005
HEALTHCHECK --interval=10s --timeout=5s --retries=12 --start-period=20s \
CMD wget -q -O- http://127.0.0.1:5005/ || exit 1
ENTRYPOINT ["dotnet", "Hokm.Server.dll"]
server/nuget.docker.config
+15
View File
@@ -0,0 +1,15 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- NuGet source for Docker image builds: Soroush Nexus group only, with retries
(the proxy can be slow on a cold cache). Used by server/Dockerfile. -->
<configuration>
<packageSources>
<clear />
<add key="nexus"
value="https://mirror.soroushasadi.com/repository/nuget-group/index.json"
protocolVersion="3" />
</packageSources>
<config>
<add key="http_retry_count" value="8" />
<add key="http_retry_delay_milliseconds" value="1000" />
</config>
</configuration>
server/src/Hokm.Server/Program.cs
+12 -3
View File
@@ -81,10 +81,19 @@ builder.Services
builder.Services.AddAuthorization();
// --- CORS for the Next.js client ---
// Origins are config-driven (Cors:Origins, comma/semicolon/space separated) so a
// deployed web origin can be allowed via env (Cors__Origins) without a code change.
// Falls back to the local dev origins when unset.
var corsRaw = builder.Configuration["Cors:Origins"];
var corsOrigins = string.IsNullOrWhiteSpace(corsRaw)
? new[]
{
"http://localhost:3000", "http://localhost:3002", "http://localhost:3020",
"http://127.0.0.1:3000", "http://127.0.0.1:3002", "http://127.0.0.1:3020",
}
: corsRaw.Split(new[] { ',', ';', ' ' }, StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries);
builder.Services.AddCors(o => o.AddDefaultPolicy(p => p
.WithOrigins(
"http://localhost:3000", "http://localhost:3002", "http://localhost:3020",
"http://127.0.0.1:3000", "http://127.0.0.1:3002", "http://127.0.0.1:3020")
.WithOrigins(corsOrigins)
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials()));