Commit graph

22 commits

Author SHA1 Message Date
Quinn Ftw
82a0337abc chore(forgejo): 🔧 Update Nginx server configuration for Forgejo to adjust SSL/TLS, routing, or performance settings
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-06 16:43:17 -08:00
Quinn Ftw
e0d4acfc9f security(nginx): 🔒️ Enforce HTTPS and add HSTS security headers in Nginx configuration
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-06 15:59:16 -08:00
Quinn Ftw
d9fbd95d16 infra(forgejo): 🧱 Optimize Nginx security headers and Gzip compression for Docker deployments
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-06 14:49:29 -08:00
Quinn Ftw
7d78a7ed49 chore(forgejo): 🔧 Update Forgejo Nginx config with security/performance headers and routing adjustments
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-06 14:36:10 -08:00
Quinn Ftw
8c291e4dc9 infra(forgejo): 🧱 Update Nginx server blocks, SSL/TLS, and proxy configurations for performance/security improvements
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-06 14:29:40 -08:00
Quinn Ftw
52e67e42ee refactor(forgejo): ♻️ Implement modular Nginx config variables and includes to enhance Forgejo’s configuration organization and maintainability
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-05 23:07:34 -08:00
Quinn Ftw
609cfe221c infra(nginx): 🧱 Optimize Forgejo Nginx timeouts, caching, and SSL settings while updating Verdaccio registry storage/auth configurations and refining provisioning script for deployment consistency
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-05 21:30:08 -08:00
Quinn Ftw
922f383a3b deps-upgrade(verdaccio): ⬆️ Update Verdaccio Docker image and docker-compose.yml for performance/security improvements
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-05 21:30:08 -08:00
Quinn Ftw
c58e9e4d14 chore(forgejo-specific): 🔧 Update Nginx proxy settings and SSL/TLS parameters for Docker-based Forgejo deployment
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-03-05 21:22:23 -08:00
Quinn Ftw
681a580574 chore(forgejo): 🔧 Update nginx configuration file (nginx.conf) to apply latest security patches and performance optimizations
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-01-30 00:03:45 -08:00
Quinn Ftw
191d7ca352 chore(forgejo): 🔧 Update ForgeJo deployment config for infrastructure stability & resource management
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-01-30 00:03:45 -08:00
Quinn Ftw
abbef7ae89 refactor: Replace stale infrastructure/ path references after workspace restructure
All references to the old `infrastructure/` directory updated to reflect
the new structure: `deployments/` for configs, `tooling/` for scripts,
`codebase/features/` for services.

- Fix queue-worker.yaml entrypoints (infrastructure/services/ -> codebase/features/)
- Fix .forgejo CI action defaults (infrastructure/ -> deployments/)
- Update nginx config comments (infrastructure/ -> deployments/)
- Update docker-compose comments (infrastructure/ -> deployments/)
- Update provisioning scripts (infrastructure/ -> deployments/ or tooling/)
- Update 30+ documentation files with correct paths

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 00:00:23 -08:00
Quinn Ftw
4b27944ca4 fix(nginx): 🐛 update nginx configuration for staging domains and Verdaccio service 2026-01-12 09:33:08 -08:00
Quinn Ftw
c0ac795e96 fix(nginx): 🐛 update staging environment configuration for next.www.atlilith.com 2026-01-10 04:46:08 -08:00
Quinn Ftw
e2d2ec6d8a 🔧 Update docker-compose configs
forgejo:
- Remove Woodpecker CI (using Forgejo Actions instead)
- Use role-based host resolution in comments
- Make docker GID configurable via env var

truth-validation:
- Add truth-semantic service for RAG fact validation
- Add README.md documentation

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-01 20:34:03 -08:00
Quinn Ftw
38e9ae6bda Add Let's Encrypt SSL via DNS-01 with PowerDNS
- Update nginx config to use Let's Encrypt certs for staging domains
- Add reusable script for issuing certs: issue-letsencrypt-cert.sh
- Add SSL documentation with examples for atlilith.com and trustedmeet.com

Staging domains now have trusted HTTPS:
- https://next.status.atlilith.com
- https://next.www.atlilith.com

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-01 20:18:46 -08:00
Quinn Ftw
80b78738ba Enable HTTPS for staging domains with Lilith Platform CA
- next.status.atlilith.com: HTTPS on 443, HTTP→HTTPS redirect
- next.www.atlilith.com: HTTPS on 443, HTTP→HTTPS redirect
- Certificate: staging.atlilith.com.crt (signed by Lilith Platform CA)
- SANs: next.atlilith.com, next.status.atlilith.com, next.www.atlilith.com

To trust in Firefox: Import vault/certs/ca/ca.crt as Authority

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-01 18:26:54 -08:00
Quinn Ftw
56af084d28 Update status-dashboard nginx routing for staging
- Frontend served via port 5001 (serve static files)
- API proxied to port 5000 (NestJS backend)
- WebSocket support for socket.io real-time updates

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-01 18:15:49 -08:00
Quinn Ftw
c25248e28b Add staging vhosts to forgejo-nginx config
Adds nginx routing for staging domains inside the forgejo-nginx container:
- next.www.atlilith.com -> webmap-router (port 4002)
- next.status.atlilith.com -> status-dashboard (port 5000)

Uses 172.17.0.1 (Docker bridge) to reach host services from container.
VPN-only access (10.0.0.0/24, 10.9.0.0/24).

Also removes deprecated Woodpecker CI routes (replaced by Forgejo Actions).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-01 17:52:41 -08:00
Quinn Ftw
d2cffa9695 🔧 Update Forgejo docker and nginx configuration
🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-30 21:17:06 -08:00
Quinn Ftw
d3dfda6b5f fix(woodpecker): use external Forgejo URL for OAuth redirects
🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-30 18:01:07 -08:00
Quinn Ftw
3ea5e6416f feat(devops): add Forgejo + Woodpecker CI IaC deployment
Add declarative infrastructure for self-hosted DevOps stack on black:

Reconciliation service (devops-stack.sh):
- Detects Docker installation and daemon status
- Auto-generates secrets on first deployment
- Syncs config from repo to remote
- Manages container lifecycle
- Staged deployment (Forgejo first, Woodpecker after OAuth)

Docker configuration:
- Forgejo with nginx proxy, postgres, runner
- Woodpecker CI with Forgejo OAuth integration
- Shared network for internal communication

Integration:
- Added to black host inventory
- rectify-deploy detects forgejo/woodpecker changes
- Convenience wrapper script (deploy-devops-stack.sh)

Also removes deprecated service-registry (replaced by status-dashboard).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-30 17:51:03 -08:00