event-uploader/deploy/README.md

# Deploy event-uploader to Dockge

Production stack: images from Gitea registry only. Use from Dockge on the home server (10.0.10.189:5001).

## Build and push images

Build and upload images to Gitea’s container registry (`10.0.10.205:3000`) from your dev machine so Dockge can pull them.

**Option A: Gitea Actions (on push to main)** — Enable Repository Actions, register a runner with Docker, add secrets `REGISTRY_USER` and `REGISTRY_TOKEN` (PAT with package write). The workflow `.gitea/workflows/docker-build-push.yaml` builds api, admin, upload for `linux/amd64` on every push to `main`. MariaDB: run `./scripts/push-mariadb-to-registry.sh` once from your dev machine.

**Option B: Manual** — From your dev machine:

1. **One-time:** Allow HTTP registry and log in:
   - Docker Desktop (Mac): Settings → Docker Engine → add `"insecure-registries": ["10.0.10.205:3000"]`, Apply.
   - Run: `docker login 10.0.10.205:3000` (username: `bert.hausmans`, password: Gitea password or a personal access token with package read/write).
2. **Each release:** From the project root:
   - `./scripts/docker-build-push.sh 1.0.0` (or any version; omit to use `latest` or git describe). Images are built for `linux/amd64` by default so they run on typical Dockge servers; if your server is ARM, run `PLATFORM=linux/arm64 ./scripts/docker-build-push.sh ...`.
   - Or manually: set `VERSION=1.0.0`, `REGISTRY=...`, `OWNER=...`, then `docker build --platform linux/amd64 -t ...` and push for api, admin, upload.

After pushing, deploy on the server: set `TAG=1.0.0` in the stack `.env`, then in Dockge use **Pull** and **Redeploy**.

## Ports (3000 range to avoid conflicts)

| Service | Host port | Container | URL (example) |
|---------|-----------|-----------|---------------|
| API     | 3001      | 8000      | http://10.0.10.189:3001 |
| Admin   | 3002      | 80        | http://10.0.10.189:3002 |
| Upload  | 3003      | 80        | http://10.0.10.189:3003 |
| MariaDB | 3004      | 3306      | (internal; use 3004 only for direct DB access) |

## One-time setup in Dockge

1. Add stack: point Dockge at this repo’s `deploy/` folder (or paste `docker-compose.yml`).
2. Create `.env` in the stack directory (or use Dockge’s env) with at least:
   - `TAG=latest` (or e.g. `1.0.0`)
   - `DB_PASSWORD=...`
   - `DB_DATABASE=event_uploader`
   - `APP_KEY=...` (Laravel `php artisan key:generate`)
   - `APP_URL=http://10.0.10.189:3001` (or your public URL)
   - `SESSION_DOMAIN=10.0.10.189` (or your domain)
   - `SANCTUM_STATEFUL_DOMAINS=10.0.10.189:3002,10.0.10.189:3003`
   - Google OAuth if used: `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`, `GOOGLE_REDIRECT_URI`
3. Ensure Docker on the server has `10.0.10.205:3000` in `insecure-registries` and run `docker login 10.0.10.205:3000`.
4. **One-time:** If the server fails with "no matching manifest for linux/amd64" when pulling the database image, push the amd64 MariaDB image to Gitea from your dev machine: `./scripts/push-mariadb-to-registry.sh` (after `docker login 10.0.10.205:3000`). The stack uses this image so the server only pulls from Gitea.
5. First deploy: Pull, then Start (or `docker compose -f deploy/docker-compose.yml pull && docker compose -f deploy/docker-compose.yml up -d`).

## Deploy new version

- In Dockge: open the stack → **Pull** (to fetch new images from Gitea) → **Redeploy** (or Stop + Start).
- Or on the server: set `TAG=1.0.0` in `.env`, then `docker compose pull && docker compose up -d`.

## Troubleshooting: "manifest unknown" (e.g. for admin)

This means the registry has no image for the tag Dockge is using.

1. **Match the tag** – In the stack `.env`, set `TAG` to the exact tag you pushed (e.g. the git hash from the build output, or `latest`). After running `./scripts/docker-build-push.sh`, the script prints the tag and now also pushes `:latest`, so `TAG=latest` works.
2. **Re-push all images** – From project root run `./scripts/docker-build-push.sh` again so api, admin, and upload are all pushed with the same tag.
3. **Registry login on the server** – Where Dockge runs, ensure `docker login 10.0.10.205:3000` has been done and that Docker has `10.0.10.205:3000` in `insecure-registries` (if using HTTP).

### "no matching manifest for linux/amd64" (database)

The stack uses **MariaDB 11** from your Gitea registry (`10.0.10.205:3000/bert.hausmans/mariadb:11`). If that image is missing or the server can’t pull from Docker Hub, run once from your dev machine (after `docker login 10.0.10.205:3000`): `./scripts/push-mariadb-to-registry.sh`. It pulls the amd64 image from Docker Hub and pushes it to Gitea so the server only pulls from Gitea.

### Proxy timeout (dial tcp 192.168.65.1:3128: i/o timeout)

Docker is sending registry requests through an HTTP proxy; the proxy is not responding for traffic to your Gitea registry. **Bypass the proxy for the registry** on the machine where the error occurs (Dockge server or your dev machine):

- **Environment:** Set `NO_PROXY` (or `no_proxy`) to include the registry host so it is not proxied, e.g.  
  `NO_PROXY=localhost,127.0.0.1,10.0.10.205`  
  or append: `NO_PROXY=$NO_PROXY,10.0.10.205`  
  Then restart the process (Dockge, Docker daemon, or your shell) that runs `docker pull`/`docker push`.

- **Docker daemon (Linux server):** If the daemon uses a proxy, add the registry to `no_proxy` in the same place (e.g. `/etc/systemd/system/docker.service.d/http-proxy.conf`):  
  `Environment="no_proxy=localhost,127.0.0.1,10.0.10.205"`  
  Then `sudo systemctl daemon-reload` and `sudo systemctl restart docker`.

- **Docker Desktop (Mac):** In Settings → Resources → Proxies, either disable the proxy or add `10.0.10.205` to “Bypass for these hosts”.