Add Docker build/push and Dockge deploy workflow

- Add api/admin/upload Dockerfiles and .dockerignore
- Add deploy/docker-compose.yml (ports 3001-3004) and deploy/README.md
- Add scripts/docker-build-push.sh for Gitea registry push
- Add Gitea/SSH scripts and Google Drive controller updates

Co-authored-by: Cursor <cursoragent@cursor.com>

deploy/README.md

@@ -0,0 +1,45 @@
+# Deploy event-uploader to Dockge
+
+Production stack: images from Gitea registry only. Use from Dockge on the home server (10.0.10.189:5001).
+
+## Build and push images
+
+Build and upload images to Gitea’s container registry (`10.0.10.205:3000`) from your dev machine so Dockge can pull them.
+
+1. **One-time:** Allow HTTP registry and log in:
+   - Docker Desktop (Mac): Settings → Docker Engine → add `"insecure-registries": ["10.0.10.205:3000"]`, Apply.
+   - Run: `docker login 10.0.10.205:3000` (username: `bert.hausmans`, password: Gitea password or a personal access token with package read/write).
+2. **Each release:** From the project root:
+   - `./scripts/docker-build-push.sh 1.0.0` (or any version; omit to use `latest` or git describe).
+   - Or manually: set `VERSION=1.0.0`, `REGISTRY=10.0.10.205:3000`, `OWNER=bert.hausmans`, then `docker build -t $REGISTRY/$OWNER/event-uploader-api:$VERSION ./api` (and same for `admin`, `upload`), then `docker push` for each.
+
+After pushing, deploy on the server: set `TAG=1.0.0` in the stack `.env`, then in Dockge use **Pull** and **Redeploy**.
+
+## Ports (3000 range to avoid conflicts)
+
+| Service | Host port | Container | URL (example) |
+|---------|-----------|-----------|---------------|
+| API     | 3001      | 8000      | http://10.0.10.189:3001 |
+| Admin   | 3002      | 80        | http://10.0.10.189:3002 |
+| Upload  | 3003      | 80        | http://10.0.10.189:3003 |
+| MySQL   | 3004      | 3306      | (internal; use 3004 only for direct DB access) |
+
+## One-time setup in Dockge
+
+1. Add stack: point Dockge at this repo’s `deploy/` folder (or paste `docker-compose.yml`).
+2. Create `.env` in the stack directory (or use Dockge’s env) with at least:
+   - `TAG=latest` (or e.g. `1.0.0`)
+   - `DB_PASSWORD=...`
+   - `DB_DATABASE=event_uploader`
+   - `APP_KEY=...` (Laravel `php artisan key:generate`)
+   - `APP_URL=http://10.0.10.189:3001` (or your public URL)
+   - `SESSION_DOMAIN=10.0.10.189` (or your domain)
+   - `SANCTUM_STATEFUL_DOMAINS=10.0.10.189:3002,10.0.10.189:3003`
+   - Google OAuth if used: `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`, `GOOGLE_REDIRECT_URI`
+3. Ensure Docker on the server has `10.0.10.205:3000` in `insecure-registries` and run `docker login 10.0.10.205:3000`.
+4. First deploy: Pull, then Start (or `docker compose -f deploy/docker-compose.yml pull && docker compose -f deploy/docker-compose.yml up -d`).
+
+## Deploy new version
+
+- In Dockge: open the stack → **Pull** (to fetch new images from Gitea) → **Redeploy** (or Stop + Start).
+- Or on the server: set `TAG=1.0.0` in `.env`, then `docker compose pull && docker compose up -d`.

deploy/docker-compose.yml

@@ -0,0 +1,90 @@
+# Production stack for Dockge. Uses images from Gitea registry only (no build).
+# Ports in 3000 range to avoid conflicts with other containers on the host.
+# Set TAG in .env (e.g. TAG=1.0.0 or TAG=latest).
+
+services:
+  api:
+    image: 10.0.10.205:3000/bert.hausmans/event-uploader-api:${TAG:-latest}
+    ports:
+      - "3001:8000"
+    environment:
+      - APP_KEY=${APP_KEY}
+      - APP_ENV=production
+      - APP_DEBUG=${APP_DEBUG:-false}
+      - APP_URL=${APP_URL}
+      - DB_CONNECTION=mysql
+      - DB_HOST=mysql
+      - DB_PORT=3306
+      - DB_DATABASE=${DB_DATABASE:-event_uploader}
+      - DB_USERNAME=${DB_USERNAME:-root}
+      - DB_PASSWORD=${DB_PASSWORD}
+      - SESSION_DOMAIN=${SESSION_DOMAIN}
+      - SANCTUM_STATEFUL_DOMAINS=${SANCTUM_STATEFUL_DOMAINS}
+      - GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID:-}
+      - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET:-}
+      - GOOGLE_REDIRECT_URI=${GOOGLE_REDIRECT_URI:-}
+    depends_on:
+      mysql:
+        condition: service_healthy
+    networks:
+      - event-uploader
+
+  queue:
+    image: 10.0.10.205:3000/bert.hausmans/event-uploader-api:${TAG:-latest}
+    command: ["php", "artisan", "queue:work"]
+    environment:
+      - APP_KEY=${APP_KEY}
+      - APP_ENV=production
+      - DB_CONNECTION=mysql
+      - DB_HOST=mysql
+      - DB_PORT=3306
+      - DB_DATABASE=${DB_DATABASE:-event_uploader}
+      - DB_USERNAME=${DB_USERNAME:-root}
+      - DB_PASSWORD=${DB_PASSWORD}
+      - GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID:-}
+      - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET:-}
+    depends_on:
+      mysql:
+        condition: service_healthy
+      api:
+        condition: service_started
+    networks:
+      - event-uploader
+
+  admin:
+    image: 10.0.10.205:3000/bert.hausmans/event-uploader-admin:${TAG:-latest}
+    ports:
+      - "3002:80"
+    networks:
+      - event-uploader
+
+  upload:
+    image: 10.0.10.205:3000/bert.hausmans/event-uploader-upload:${TAG:-latest}
+    ports:
+      - "3003:80"
+    networks:
+      - event-uploader
+
+  mysql:
+    image: mysql:8.0
+    ports:
+      - "3004:3306"
+    environment:
+      MYSQL_ROOT_PASSWORD: ${DB_PASSWORD}
+      MYSQL_DATABASE: ${DB_DATABASE:-event_uploader}
+    volumes:
+      - event_uploader_mysql_data:/var/lib/mysql
+    healthcheck:
+      test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-p${DB_PASSWORD}"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+    networks:
+      - event-uploader
+
+volumes:
+  event_uploader_mysql_data:
+
+networks:
+  event-uploader:
+    driver: bridge