Initial scaffold: static site served by nginx on :8080

- public/index.html served via nginx.conf (port 8080) - Dockerfile: nginx:1.27-alpine + HEALTHCHECK - .gitea/workflows/flow.yml: build + push to Gitea registry, rolling deploy - stack.yml: Swarm service wired to Traefik (host testwebsite.dev.serso.org) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 14:21:51 +02:00
commit 48a3d3f3f5
6 changed files with 185 additions and 0 deletions
@@ -0,0 +1,33 @@
+# stack.yml — generic Swarm deploy file
+# Deploy once: docker stack deploy -c stack.yml myapp
+# After that, CI updates the image via `docker service update` — no redeploy needed
+
+version: "3.9"
+
+networks:
+  traefik-public:
+    external: true
+
+services:
+  web:
+    image: git.dev.serso.org/test/testsite:latest
+    networks:
+      - traefik-public
+    deploy:
+      replicas: 2
+      placement:
+        constraints:
+          - node.role == worker         # run on node01/node02, not cp
+      update_config:
+        parallelism: 1
+        order: start-first              # zero-downtime (spin new up, then down old)
+        failure_action: rollback
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.routers.testwebsite.rule=Host(`testwebsite.dev.serso.org`)"
+        - "traefik.http.routers.testwebsite.entrypoints=websecure"
+        - "traefik.http.routers.testwebsite.tls.certresolver=letsencrypt"
+        # Port that your app listens on INSIDE the container
+        - "traefik.http.services.testwebsite.loadbalancer.server.port=8080"