diff --git a/.gitea/workflows/deploy-api.yml b/.gitea/workflows/deploy-api.yml index 641a7a3..6f29878 100644 --- a/.gitea/workflows/deploy-api.yml +++ b/.gitea/workflows/deploy-api.yml @@ -45,14 +45,6 @@ jobs: --no-build \ -o DeepDrftAPI/publish - # DeepDrftContextFactory reads environment/connections.json at design time. - # Write a parseable dummy so the factory does not throw during bundle construction. - # The bundle only needs the provider type, not a live database connection. - - name: Write dummy connections file for EF bundle - run: | - mkdir -p DeepDrftAPI/environment - echo '{"ConnectionStrings":{"DefaultConnection":"Host=localhost;Database=dummy;Username=dummy","Auth":"Host=localhost;Database=dummy;Username=dummy"}}' > DeepDrftAPI/environment/connections.json - # EF bundle: self-contained binary that applies DeepDrftContext migrations on the host # without the .NET SDK. AuthBlocks' Identity DB is NOT covered here — it self-migrates # via UseAuthBlocksStartupAsync() on first boot. diff --git a/DeepDrftData/Data/DeepDrftContextFactory.cs b/DeepDrftData/Data/DeepDrftContextFactory.cs index 94bcbc7..7cbde6b 100644 --- a/DeepDrftData/Data/DeepDrftContextFactory.cs +++ b/DeepDrftData/Data/DeepDrftContextFactory.cs @@ -1,5 +1,6 @@ using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore.Design; +using NetBlocks.Utilities.Environment; namespace DeepDrftData.Data; @@ -7,23 +8,21 @@ public class DeepDrftContextFactory : IDesignTimeDbContextFactory(); optionsBuilder.UseNpgsql(connectionString); diff --git a/DeepDrftData/DeepDrftData.csproj b/DeepDrftData/DeepDrftData.csproj index dd05674..f6a9582 100644 --- a/DeepDrftData/DeepDrftData.csproj +++ b/DeepDrftData/DeepDrftData.csproj @@ -18,6 +18,7 @@ + diff --git a/deploy/deploy-manager.sh b/deploy/deploy-manager.sh index 2fab9be..298a7b9 100644 --- a/deploy/deploy-manager.sh +++ b/deploy/deploy-manager.sh @@ -5,9 +5,6 @@ # Expects in ${APP_HOME}/staging/: # deepdrft-manager.tar.gz -- published self-contained linux-x64 binary tree # -# DeepDrftManager reads its API URL and API key credential from environment/api.json at startup -# (populated by setup-step10-creds.sh). The env-file copy block below keeps it current. -# # Paths are derived at runtime — no hardcoded usernames or home dirs. # APP_HOME comes from $HOME (sshd sets this for the app user). @@ -36,18 +33,6 @@ rm -f "${STAGING}/${ARCHIVE}" echo "[deploy-manager] archive extracted" -# ── Apply environment files (host-managed, not in archive) ──────────────── -if [[ -d "${APPROOT}/environment" ]]; then - shopt -s nullglob - env_files=("${APPROOT}/environment/"*) - shopt -u nullglob - if [[ ${#env_files[@]} -gt 0 ]]; then - mkdir -p "${APPROOT}/bin/environment" - cp "${env_files[@]}" "${APPROOT}/bin/environment/" - echo "[deploy-manager] environment files applied" - fi -fi - # ── Enable and restart service ───────────────────────────────────────────── systemctl --user enable deepdrftmanager.service systemctl --user restart deepdrftmanager.service diff --git a/deploy/deploy-public.sh b/deploy/deploy-public.sh index d8ef60e..e8ea2ed 100644 --- a/deploy/deploy-public.sh +++ b/deploy/deploy-public.sh @@ -5,9 +5,6 @@ # Expects in ${APP_HOME}/staging/: # deepdrft-public.tar.gz -- published self-contained linux-x64 binary tree # -# DeepDrftPublic reads its API URL credential from environment/api.json at startup -# (populated by setup-step10-creds.sh). The env-file copy block below keeps it current. -# # Paths are derived at runtime — no hardcoded usernames or home dirs. # APP_HOME comes from $HOME (sshd sets this for the app user). @@ -36,18 +33,6 @@ rm -f "${STAGING}/${ARCHIVE}" echo "[deploy-public] archive extracted" -# ── Apply environment files (host-managed, not in archive) ──────────────── -if [[ -d "${APPROOT}/environment" ]]; then - shopt -s nullglob - env_files=("${APPROOT}/environment/"*) - shopt -u nullglob - if [[ ${#env_files[@]} -gt 0 ]]; then - mkdir -p "${APPROOT}/bin/environment" - cp "${env_files[@]}" "${APPROOT}/bin/environment/" - echo "[deploy-public] environment files applied" - fi -fi - # ── Enable and restart service ───────────────────────────────────────────── systemctl --user enable deepdrftpublic.service systemctl --user restart deepdrftpublic.service diff --git a/deploy/setup-step10-creds.sh b/deploy/setup-step10-creds.sh index af0b2f0..e51086c 100644 --- a/deploy/setup-step10-creds.sh +++ b/deploy/setup-step10-creds.sh @@ -92,7 +92,6 @@ need_cred() { if need_cred "filedatabase"; then write_cred "filedatabase" \ "{\"FileDatabaseSettings\":{\"VaultPath\":\"${APP_HOME}/api/deepdrft/vaults\"}}" - cp "${CREDDIR}/filedatabase.json" "${APP_HOME}/api/deepdrft/environment/filedatabase.json" else echo "[setup-step10-creds] filedatabase.json already exists, skipping" fi @@ -111,7 +110,6 @@ if need_cred "apikey"; then unset API_KEY_INPUT write_cred "apikey" \ "{\"ApiKeySettings\":{\"ApiKey\":\"$(json_escape "${API_KEY}")\"}}" - cp "${CREDDIR}/apikey.json" "${APP_HOME}/api/deepdrft/environment/apikey.json" else echo "[setup-step10-creds] apikey.json already exists, skipping" # Still need the value for api-manager.json if that's also being written. @@ -152,7 +150,6 @@ if need_cred "connections"; then AUTH_CONN="Host=localhost;Database=${DB_AUTH};Username=${PG_ROLE};Password=$(json_escape "${PG_PASSWORD}")" write_cred "connections" \ "{\"ConnectionStrings\":{\"DefaultConnection\":\"${META_CONN}\",\"Auth\":\"${AUTH_CONN}\"}}" - cp "${CREDDIR}/connections.json" "${APP_HOME}/api/deepdrft/environment/connections.json" unset PG_PASSWORD META_CONN AUTH_CONN else echo "[setup-step10-creds] connections.json already exists, skipping" @@ -207,7 +204,6 @@ if need_cred "authblocks"; then {"AuthBlocks":{"Jwt":{"Secret":"$(json_escape "${JWT_SECRET}")","Issuer":"$(json_escape "${JWT_ISSUER}")","Audience":"$(json_escape "${JWT_AUDIENCE}")"},"Email":{"Host":"$(json_escape "${EMAIL_HOST}")","Token":"$(json_escape "${EMAIL_TOKEN}")"},"Admin":{"UserName":"$(json_escape "${ADMIN_USERNAME}")","Email":"$(json_escape "${ADMIN_EMAIL}")","Password":"$(json_escape "${ADMIN_PASSWORD}")"},"SupportEmail":"$(json_escape "${SUPPORT_EMAIL}")"}} JSON )" - cp "${CREDDIR}/authblocks.json" "${APP_HOME}/api/deepdrft/environment/authblocks.json" unset JWT_SECRET JWT_ISSUER JWT_AUDIENCE EMAIL_HOST EMAIL_TOKEN unset ADMIN_USERNAME ADMIN_EMAIL ADMIN_PASSWORD SUPPORT_EMAIL else @@ -218,7 +214,6 @@ fi if need_cred "api-public"; then write_cred "api-public" \ "{\"Api\":{\"ContentApiUrl\":\"http://localhost:${PORT_API:-5002}\"}}" - cp "${CREDDIR}/api-public.json" "${APP_HOME}/public/environment/api.json" else echo "[setup-step10-creds] api-public.json already exists, skipping" fi @@ -232,7 +227,6 @@ if need_cred "api-manager"; then fi write_cred "api-manager" \ "{\"Api\":{\"ContentApiUrl\":\"http://localhost:${PORT_API:-5002}\",\"ContentApiKey\":\"$(json_escape "${API_KEY}")\"}}" - cp "${CREDDIR}/api-manager.json" "${APP_HOME}/manager/environment/api.json" unset API_KEY else echo "[setup-step10-creds] api-manager.json already exists, skipping"