developer/galaxy-game
1
1
Fork 0
Code Issues Pull Requests Actions Packages Releases Wiki Activity

feat(dev-deploy): expose Grafana + Mailpit UIs via Caddy; seed monitoring config

Browse Source 
Deploy wiring for the observability stack (the services and collector
config landed in the previous commit):

- Caddyfile.dev: route /grafana/* to galaxy-grafana:3000 (Caddy
  sub-path mode, Grafana keeps its own login) and /mailpit/* to
  galaxy-mailpit:8025 behind dev basic-auth, so the captured-mail UI
  (every message, relayed or not) and Grafana are reachable through the
  single dev origin.
- dev-deploy.yaml: seed the monitoring config tree to a stable,
  reboot-surviving host path (GALAXY_DEV_MONITORING_DIR) before bringing
  the stack up, and inject the Grafana admin password from a Gitea
  secret (GALAXY_DEV_GRAFANA_ADMIN_PASSWORD; empty falls back to the
  compose default).
This commit is contained in:
Ilia Denisov
2026-06-01 05:46:19 +02:00
parent 84a0ccb23f
commit e11092234c
2 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/dev-deploy.yaml
+8
View File
@@ -261,11 +261,19 @@ jobs:
# Unset/empty → the compose default (non-routable) keeps the
# stack capture-only.
GALAXY_DEV_MAIL_RELAY_MATCH: ${{ vars.GALAXY_DEV_MAIL_RELAY_MATCH }}
# Grafana admin password; unset/empty -> compose default 'admin'.
GALAXY_DEV_GRAFANA_ADMIN_PASSWORD: ${{ secrets.GALAXY_DEV_GRAFANA_ADMIN_PASSWORD }}
run: |
# Resolve in the shell, not in YAML expressions — `env.HOME`
# is empty at the workflow-evaluation stage.
export GALAXY_DEV_GAME_STATE_DIR="$HOME/.galaxy-dev/game-state"
mkdir -p "$GALAXY_DEV_GAME_STATE_DIR"
# Seed the monitoring config to a stable, reboot-surviving host
# path (compose binds \${GALAXY_DEV_MONITORING_DIR} read-only).
export GALAXY_DEV_MONITORING_DIR="$HOME/.galaxy-dev/monitoring"
rm -rf "$GALAXY_DEV_MONITORING_DIR"
mkdir -p "$GALAXY_DEV_MONITORING_DIR"
cp -r monitoring/. "$GALAXY_DEV_MONITORING_DIR/"
docker compose up -d --wait --remove-orphans
- name: Probe the stack
tools/dev-deploy/Caddyfile.dev
+16
View File
@@ -37,6 +37,22 @@
reverse_proxy galaxy-api:8080
}
# Grafana (observability UI) under /grafana/ — Caddy sub-path mode
# (Grafana set with GF_SERVER_SERVE_FROM_SUB_PATH); its own login.
handle /grafana/* {
reverse_proxy galaxy-grafana:3000
}
# Mailpit captured-mail UI under /mailpit/. Shows every message the
# backend sent (relayed or not); basic-auth (dev: gm / gm-dev-password)
# guards the OTP codes it exposes. Mailpit runs with MP_WEBROOT=/mailpit.
handle /mailpit/* {
basic_auth {
gm "$2a$14$xVh1TLaZxh8fazlKrI9Mx.NQMQlMarYWtr3FRELmZIXuac/DeeTRO"
}
reverse_proxy galaxy-mailpit:8025
}
# Bare `/game` (no trailing slash) -> `/game/` so the SPA root
# resolves before the site catch-all can claim it.
handle /game {