sgr5/leerdoelen_tracker
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Activity

add some files
Some checks failed
Build, Push & Deploy / Build & Push image (push) Failing after 2m43s
Details
Build, Push & Deploy / Deploy naar VPS (push) Has been skipped
Details

Browse Source
This commit is contained in:
Sam Geyskens
2026-02-28 00:04:12 +01:00
parent 6295c58d33
commit 0060681fe5
3 changed files with 178 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
.env.example Normal file
View File

@@ -0,0 +1,35 @@
# ================================================
# LEERDOELEN TRACKER - CONFIGURATIE
# Kopieer dit bestand naar .env en vul in
# ================================================
# Database
POSTGRES_DB=leerdoelen
POSTGRES_USER=leerdoelen
POSTGRES_PASSWORD=verander_dit_wachtwoord
# Flask
# Genereer met: python3 -c "import secrets; print(secrets.token_hex(32))"
SECRET_KEY=verander_dit_naar_een_lange_random_string
FLASK_ENV=production
# Lokale poort waarop Flask luistert (alleen bereikbaar vanaf host, niet publiek)
APP_PORT=5000
# Publieke URL (belangrijk voor OAuth2 callback!)
BASE_URL=https://leerdoelen.jouwdomain.be
# ── Microsoft Entra ID (Azure AD) ──────────────────
# Aanmaken via: https://portal.azure.com → App registrations
# Redirect URI instellen op: https://jouwdomain.be/auth/callback
# Supported account types: "Accounts in any organizational directory"
# (= multitenant, nodig omdat elke school eigen tenant heeft)
MICROSOFT_CLIENT_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
MICROSOFT_CLIENT_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# Naam van de scholengroep — verschijnt op de loginpagina
ORG_NAME=GO! Scholengroep 2
# Docker image uit de Gitea registry (wordt ingevuld door CI/CD)
# Lokaal builden: laat leeg of zet op 'leerdoelen-backend:local'
BACKEND_IMAGE=gitea.jouwdomein.be/jouw-org/leerdoelen-tracker:latest

99
.gitea/workflows/build-and-deploy.yml Normal file
View File

@@ -0,0 +1,99 @@
name: Build, Push & Deploy
on:
push:
branches:
- main
workflow_dispatch: # ook handmatig te triggeren via de Gitea UI
env:
REGISTRY: ${{ vars.GITEA_REGISTRY }} # bv. gitea.jouwdomein.be
IMAGE: ${{ vars.GITEA_REGISTRY }}/${{ gitea.repository }} # bv. gitea.../org/leerdoelen-tracker
jobs:
build-and-push:
name: Build & Push image
runs-on: ubuntu-latest # pas aan als je runner een andere label heeft
steps:
- name: Checkout code
uses: actions/checkout@v4
# Genereer image tags:
# latest — altijd de meest recente main build
# sha-<commit hash> — voor traceerbaarheid / rollback
- name: Genereer image tags
id: meta
run: |
SHA_SHORT=$(echo "${{ gitea.sha }}" | cut -c1-8)
echo "tag_latest=${{ env.IMAGE }}:latest" >> $GITHUB_OUTPUT
echo "tag_sha=${{ env.IMAGE }}:sha-${SHA_SHORT}" >> $GITHUB_OUTPUT
echo "sha_short=${SHA_SHORT}" >> $GITHUB_OUTPUT
- name: Inloggen op Gitea Container Registry
uses: docker/login-action@v3
with:
registry: ${{ vars.GITEA_REGISTRY }}
username: ${{ secrets.REGISTRY_USER }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build en push backend image
uses: docker/build-push-action@v5
with:
context: ./backend
file: ./backend/Dockerfile
push: true
tags: |
${{ steps.meta.outputs.tag_latest }}
${{ steps.meta.outputs.tag_sha }}
# Layer cache via de registry — versnelt herhaalde builds sterk
cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache
cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max
labels: |
org.opencontainers.image.revision=${{ gitea.sha }}
org.opencontainers.image.created=${{ gitea.event.head_commit.timestamp }}
- name: Samenvatting
run: |
echo "## ✅ Build geslaagd" >> $GITEA_STEP_SUMMARY
echo "| | |" >> $GITEA_STEP_SUMMARY
echo "|---|---|" >> $GITEA_STEP_SUMMARY
echo "| **Commit** | \`${{ steps.meta.outputs.sha_short }}\` |" >> $GITEA_STEP_SUMMARY
echo "| **Image** | \`${{ steps.meta.outputs.tag_latest }}\` |" >> $GITEA_STEP_SUMMARY
deploy:
name: Deploy naar VPS
needs: build-and-push
runs-on: ubuntu-latest
steps:
- name: SSH deploy
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.DEPLOY_HOST }}
username: ${{ secrets.DEPLOY_USER }}
key: ${{ secrets.DEPLOY_SSH_KEY }}
port: ${{ secrets.DEPLOY_PORT || 22 }}
script: |
set -e
cd ${{ secrets.DEPLOY_PATH }}
# Inloggen op registry vanop de VPS
echo "${{ secrets.REGISTRY_TOKEN }}" | \
docker login ${{ vars.GITEA_REGISTRY }} \
-u "${{ secrets.REGISTRY_USER }}" --password-stdin
# Nieuwste image pullen
docker compose pull backend
# Herstarten met zero-downtime strategie:
# nieuwe container omhoog, dan pas oude stoppen
docker compose up -d --no-deps --remove-orphans backend
# Verwijder ongebruikte images om schijfruimte te sparen
docker image prune -f
echo "Deploy klaar op $(date '+%Y-%m-%d %H:%M:%S')"

44
.gitignore vendored Normal file
View File

@@ -0,0 +1,44 @@
# ── Omgevingsbestanden (NOOIT committen!) ────────────────────────────────────
.env
.env.local
.env.*.local
# ── Python ────────────────────────────────────────────────────────────────────
__pycache__/
*.py[cod]
*.pyo
*.pyd
.Python
*.egg-info/
dist/
build/
.venv/
venv/
env/
# ── Leerdoelen JSON bestanden ─────────────────────────────────────────────────
# Deze zijn groot (22 MB) en worden beheerd via de upload UI, niet via git.
# Bewaar enkel de lege mapstructuur.
doelen/*.json
!doelen/.gitkeep
# ── Database ──────────────────────────────────────────────────────────────────
*.sqlite3
*.db
postgres_data/
# ── Logs ──────────────────────────────────────────────────────────────────────
*.log
logs/
# ── Docker ────────────────────────────────────────────────────────────────────
docker-compose.override.yml
docker-compose.local.yml
# ── Editor / OS ───────────────────────────────────────────────────────────────
.vscode/
.idea/
*.swp
*.swo
.DS_Store
Thumbs.db