Consumes the image from #28 with the platform-contract bindings:
/mnt/quartermaster -> /data, QUARTERMASTER_DB_URL with four slashes,
proxy-net external, Traefik routed on quartermaster.unbiasedgeek.com
through the platform-owned basicauth + ratelimit middlewares, and the
required tenant / project / managed_by / watchtower-disable labels
for host hygiene. Image tag is parameterised via QUARTERMASTER_TAG
so the Actions workflow (#30) can pin a specific SHA per deploy
without editing the checked-in file.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Produces a python:3.12-slim-bookworm image that runs migrations (with
the pre-upgrade backup hook) then uvicorn under uid/gid 1000:1000, as
required by the /mnt/quartermaster/ bind mount on the deploy host.
HEALTHCHECK hits /healthz; uvicorn is pointed at logconfig.json so
access logs land on stdout as JSON.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
CLAUDE.md states the durable rule: run scripts/backup-db.sh before
any schema change, data migration, or destructive DB operation. The
rule deliberately excludes routine app writes. README summarises
backup location, override env var, and restore procedure.
Refs #5
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
