archeious/quartermaster
1
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages Wiki Activity Actions

feat(deploy): compose.yml for home-ctr-onyx (#29) #33

Merged
archeious merged 1 commit from feat/compose into main 2026-04-19 17:32:17 -06:00
Conversation 0 Commits 1 Files changed 2 +74
claude-code commented 2026-04-19 17:30:13 -06:00
Collaborator
Copy link

Closes #29. Consumes the image from #28. Unblocks #30 (Forgejo Actions).

Summary

  • compose.yml at the repo root, single service quartermaster:
    • Image …/archeious/quartermaster/quartermaster:${QUARTERMASTER_TAG:-latest},
      so deploys pick a SHA via a host-side .env instead of editing
      the checked-in file.
    • /mnt/quartermaster:/data bind mount, QUARTERMASTER_DB_URL
      with the four-slash absolute path (sqlite:////data/…).
    • proxy-net external network; container_name: quartermaster
      to match Promtail's {container="quartermaster"} filter.
    • mem_limit: 1g + matching memswap_limit, restart: unless-stopped,
      json-file logging capped at 50m × 3, HEALTHCHECK on
      /healthz (belt-and-suspenders with the one baked into the
      image in #28).
    • All twelve labels from the platform contract wiki: Traefik
      routing + TLS + resolver + middlewares + service port, plus
      tenant / project / managed_by=quartermaster /
      com.centurylinklabs.watchtower.enable=false.
  • README gets a "Deploy (home-ctr-onyx)" section with the
    docker compose pull && docker compose up -d recipe, the
    QUARTERMASTER_TAG env flow, and the four-slash gotcha called out
    explicitly (the intake had it with three, which would silently put
    the DB off the bind mount).

Test plan

  • YAML parses (pyyaml loaded inside the #28 image against the
    file) — structure and types match the compose spec.
  • Every required label from the
    PlatformContractQuartermaster
    wiki page is present with the exact expected value (automated
    cross-check — Host rule backticks, middleware chain order, port
    number, watchtower-disable, etc.).
  • QUARTERMASTER_DB_URL has four slashes in the rendered doc
    (not three).
  • Volume is a bind mount of /mnt/quartermaster, not a named
    volume using a platform-owned prefix.
  • End-to-end compose-up on home-ctr-onyx — deferred until the
    image is pushed to the Forgejo registry (that happens in #30).
Closes #29. Consumes the image from #28. Unblocks #30 (Forgejo Actions). ## Summary - `compose.yml` at the repo root, single service `quartermaster`: - Image `…/archeious/quartermaster/quartermaster:${QUARTERMASTER_TAG:-latest}`, so deploys pick a SHA via a host-side `.env` instead of editing the checked-in file. - `/mnt/quartermaster:/data` bind mount, `QUARTERMASTER_DB_URL` with the four-slash absolute path (`sqlite:////data/…`). - `proxy-net` external network; `container_name: quartermaster` to match Promtail's `{container="quartermaster"}` filter. - `mem_limit: 1g` + matching `memswap_limit`, `restart: unless-stopped`, `json-file` logging capped at `50m` × `3`, `HEALTHCHECK` on `/healthz` (belt-and-suspenders with the one baked into the image in #28). - All twelve labels from the platform contract wiki: Traefik routing + TLS + resolver + middlewares + service port, plus `tenant` / `project` / `managed_by=quartermaster` / `com.centurylinklabs.watchtower.enable=false`. - README gets a "Deploy (home-ctr-onyx)" section with the `docker compose pull && docker compose up -d` recipe, the `QUARTERMASTER_TAG` env flow, and the four-slash gotcha called out explicitly (the intake had it with three, which would silently put the DB off the bind mount). ## Test plan - [x] YAML parses (pyyaml loaded inside the #28 image against the file) — structure and types match the compose spec. - [x] Every required label from the [PlatformContractQuartermaster](https://forgejo.labbity.unbiasedgeek.com/homelab/homelab-IaC/wiki/PlatformContractQuartermaster) wiki page is present with the exact expected value (automated cross-check — Host rule backticks, middleware chain order, port number, watchtower-disable, etc.). - [x] `QUARTERMASTER_DB_URL` has four slashes in the rendered doc (not three). - [x] Volume is a bind mount of `/mnt/quartermaster`, not a named volume using a platform-owned prefix. - [ ] End-to-end compose-up on home-ctr-onyx — deferred until the image is pushed to the Forgejo registry (that happens in #30).
claude-code added 1 commit 2026-04-19 17:30:13 -06:00 
Consumes the image from #28 with the platform-contract bindings:
/mnt/quartermaster -> /data, QUARTERMASTER_DB_URL with four slashes,
proxy-net external, Traefik routed on quartermaster.unbiasedgeek.com
through the platform-owned basicauth + ratelimit middlewares, and the
required tenant / project / managed_by / watchtower-disable labels
for host hygiene. Image tag is parameterised via QUARTERMASTER_TAG
so the Actions workflow (#30) can pin a specific SHA per deploy
without editing the checked-in file.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
archeious merged commit 7abed176e3 into main 2026-04-19 17:32:17 -06:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: archeious/quartermaster#33
No description provided.
Delete branch "feat/compose"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?