# DEPLOIEMENT_KONENPAN ## Objectif Deployer les fichiers du projet sur `konenpan` de facon propre, reproductible et reversible. ## Strategie recommandee (Git relay) - Poste dev (Antel) -> depot bare central sur `chillka`: - `/var/data/git/repositories/medias.git` - `konenpan` deploie depuis ce depot Git (clone/pull). - Branches officielles: - `main` (stable) - `develop` (integration) - Aucune branche `master` exploitee. ## Initialisation du depot central sur chillka ```bash cd /var/data/git/repositories git init --bare medias.git # Forcer HEAD du depot bare sur main (pas master) git --git-dir=/var/data/git/repositories/medias.git symbolic-ref HEAD refs/heads/main ``` ## Bootstrap des branches depuis Antel (Windows Git Bash) Depuis `e:/Dev/Web-Works/Medias`: ```bash cd /e/Dev/Web-Works/Medias git init git checkout -b main git add . git commit -m "Initial commit medias platform" git remote add origin toshiro@192.168.99.55:/var/data/git/repositories/medias.git git push -u origin main # Creer la branche develop et la publier git checkout -b develop git push -u origin develop ``` Verification sur chillka: ```bash git --git-dir=/var/data/git/repositories/medias.git branch -a git --git-dir=/var/data/git/repositories/medias.git symbolic-ref HEAD ``` Resultat attendu: - branches: `main`, `develop` - HEAD: `refs/heads/main` ## Deploiement depuis konenpan (via Git) ```bash mkdir -p ~/src cd ~/src git clone toshiro@192.168.99.55:/var/data/git/repositories/medias.git cd medias # Production/validation stable git checkout main # Option integration # git checkout develop ``` Ensuite: ```bash cp .env.photoprism-secure.example .env.dev nano .env.dev docker compose --env-file .env.dev -f compose.photoprism-secure.dev.yml up -d --build ``` Important: - Le dossier `media-access-api/` doit etre present dans le repo clone (code + Dockerfile). - Le service est construit localement par Docker Compose, aucune image GHCR n'est requise pour demarrer. ## Cycle de mise a jour Sur Antel: ```bash cd /e/Dev/Web-Works/Medias git checkout develop git add . git commit -m "Update: " git push ``` Sur konenpan: ```bash cd ~/src/medias git checkout develop git pull --ff-only docker compose --env-file .env.dev -f compose.photoprism-secure.dev.yml up -d --build ``` ## Emplacement recommande - Code applicatif: `/opt/medias/releases/` - Lien actif: `/opt/medias/current` - Secrets env: `/opt/medias/shared/.env.dev` (hors release) - Proprietaire: utilisateur d'exploitation (ex: `toshiro`) Pourquoi: - rollback facile via changement du lien `current` - separation nette code/secrets - evite les edits manuels disperses dans `~/` ## Preparation sur konenpan ```bash sudo mkdir -p /opt/medias/releases /opt/medias/shared sudo chown -R toshiro:toshiro /opt/medias ``` ## Transfert depuis Windows (PowerShell) Depuis `e:\Dev\Web-Works\Medias`: ```powershell $TS = Get-Date -Format "yyyyMMdd-HHmmss" ssh toshiro@192.168.99.23 "mkdir -p /opt/medias/releases/$TS" scp -r "e:\Dev\Web-Works\Medias\*" toshiro@192.168.99.23:/opt/medias/releases/$TS/ ``` Option recommandee (si `rsync` dispo) pour transferts incrementaux: ```bash rsync -avz --delete \ --exclude ".git" \ --exclude ".env*" \ e:/Dev/Web-Works/Medias/ \ toshiro@192.168.99.23:/opt/medias/releases// ``` ## Activation de la release Sur `konenpan`: ```bash ln -sfn /opt/medias/releases/ /opt/medias/current cp /opt/medias/current/.env.photoprism-secure.example /opt/medias/shared/.env.dev nano /opt/medias/shared/.env.dev ``` Lancer la stack depuis `current` avec env partage: ```bash cd /opt/medias/current docker compose --env-file /opt/medias/shared/.env.dev -f compose.photoprism-secure.dev.yml up -d --build docker compose --env-file /opt/medias/shared/.env.dev -f compose.photoprism-secure.dev.yml ps ``` ## Validation post-deploiement ```bash curl -I http://127.0.0.1:8082/health curl -I http://127.0.0.1:8081/health docker compose --env-file /opt/medias/shared/.env.dev -f compose.photoprism-secure.dev.yml logs --since=15m ``` ## Rollback rapide ```bash ln -sfn /opt/medias/releases/ /opt/medias/current cd /opt/medias/current docker compose --env-file /opt/medias/shared/.env.dev -f compose.photoprism-secure.dev.yml up -d --build ``` ## Bonnes pratiques - Ne jamais transferer de secrets depuis le poste local. - Versionner le code, pas `.env.dev`. - Garder 2-3 releases precedentes pour rollback. - Tracer chaque deploiement dans `docs/CHANGELOG_OPERATIONS.md`. - Proteger `main` (pas de push direct en production, privilegier PR depuis `develop`).