CI/CD

.dockerignore

@@ -1,65 +1,19 @@
-# Dependencies
 node_modules
-.pnp
-.pnp.*
-.yarn/*
-!.yarn/patches
-!.yarn/plugins
-!.yarn/releases
-!.yarn/versions
-
-# Testing
-coverage
-
-# Next.js
 .next
-out
+.git
-build
+.github
-
+.env
-# Production
+.env.local
-dist
+.env.*.local
-
-# Misc
-.DS_Store
-*.pem
-
-# Debug
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
-.pnpm-debug.log*
+.DS_Store
-
+*.pem
-# Local env files
+coverage
-.env
+out
-.env*.local
+build
-
-# Vercel
-.vercel
-
-# TypeScript
-*.tsbuildinfo
-next-env.d.ts
-
-# IDE
-.vscode
-.idea
-*.swp
-*.swo
-*~
-
-# Git
-.git
-.gitignore
-
-# Docker
 Dockerfile
-.dockerignore
 docker-compose*.yml
-
+.dockerignore
-
+README.md
-
-
-
-
-
-

.gitea/workflows/frontend.yml

@@ -86,6 +86,19 @@ jobs:
         run: |
           npm run build --if-present
 
-      - name: Run Lint
+
+      - name: Setup SSH key
         run: |
-          npm run lint --if-present
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
+          chmod 600 ~/.ssh/id_ed25519
+          ssh-keyscan -p ${{ secrets.SERVER_SSH_PORT }} -H ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts
+
+      - name: Deploy
+        run: |
+          ssh ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} -p ${{ secrets.SERVER_SSH_PORT }} << 'EOF'
+          cd application/Frontend
+          git pull origin production
+          docker compose -f docker-compose-prod.yml down
+          docker compose -f docker-compose-prod.yml up -d --build
+          EOF

.github/workflows/frontend.yml

@@ -1,72 +1,62 @@
- name: Frontend CI/CD
+name: Frontend CI/CD
- 
+
- on:
+on:
-   push:
+  push:
-     branches: [main]
+    branches: [main]
-     paths:
+  pull_request:
-       - 'frontend/**'
+    branches: [main]
-       - 'frontend/.github/workflows/frontend.yml'
+
-   pull_request:
+jobs:
-     branches: [main]
+  build:
-     paths:
+    name: Build & Lint
-       - 'frontend/**'
+    runs-on: ubuntu-latest
-       - 'frontend/.github/workflows/frontend.yml'
+    steps:
- 
+      - name: Checkout repository
- defaults:
+        uses: actions/checkout@v4
-   run:
+
-     working-directory: frontend
+      - name: Set up Node.js
- 
+        uses: actions/setup-node@v4
- jobs:
+        with:
-   build:
+          node-version: '20'
-     name: Build, Lint & Test
+
-     runs-on: ubuntu-latest
+      - name: Cache npm dependencies
-     strategy:
+        uses: actions/cache@v4
-       fail-fast: true
+        with:
-       matrix:
+          path: ~/.npm
-         node-version: ['20']
+          key: ${{ runner.os }}-npm-${{ hashFiles('package-lock.json') }}
-     steps:
+          restore-keys: |
-       - name: Checkout repository
+            ${{ runner.os }}-npm-
-         uses: actions/checkout@v4
+
- 
+      - name: Install dependencies
-       - name: Set up Node.js ${{ matrix.node-version }}
+        run: npm ci
-         uses: actions/setup-node@v4
+
-         with:
+      - name: Lint
-           node-version: ${{ matrix.node-version }}
+        run: npm run lint --if-present
- 
+
-       - name: Cache npm dependencies
+      - name: Build
-         uses: actions/cache@v4
+        run: npm run build
-         with:
+
-           path: ~/.npm
+  deploy:
-           key: ${{ runner.os }}-npm-frontend-${{ hashFiles('frontend/package-lock.json') }}
+    name: Deploy Frontend
-           restore-keys: |
+    needs: build
-             ${{ runner.os }}-npm-frontend-
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
- 
+    runs-on: ubuntu-latest
-       - name: Install dependencies
+    steps:
-         run: npm ci
+      - name: Checkout repository
- 
+        uses: actions/checkout@v4
-       - name: Build
+
-         run: npm run build
+      - name: Setup SSH key
- 
+        run: |
-       - name: Lint
+          mkdir -p ~/.ssh
-         run: npm run lint --if-present
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
- 
+          chmod 600 ~/.ssh/id_ed25519
-       - name: Test
+          ssh-keyscan -p ${{ secrets.SERVER_SSH_PORT }} -H ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts
-         run: npm test --if-present
+
- 
+      - name: Deploy
-   deploy:
+        run: |
-     name: Deploy Frontend
+          ssh ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} -p ${{ secrets.SERVER_SSH_PORT }} << 'EOF'
-     needs: build
+          cd ${{ secrets.PROJECT_PATH }}/frontend
-     if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+          git pull origin main
-     runs-on: ubuntu-latest
+          docker compose -f docker-compose-prod.yml down
-     steps:
+          docker compose -f docker-compose-prod.yml up -d --build
-       - name: Deploy via SSH
+          EOF
-         uses: appleboy/ssh-action@v1
-         with:
-           host: ${{ secrets.SSH_HOST }}
-           username: ${{ secrets.SSH_USER }}
-           port: ${{ secrets.SSH_PORT }}
-           key: ${{ secrets.SSH_PRIVATE_KEY }}
-           script: |
-             cd /opt/myproject/frontend
-             git pull origin main
-             sudo systemctl restart frontend

Dockerfile

@@ -1,80 +1,67 @@
-# Stage 1: Dependencies
+FROM docker.iranserver.com/node:20-bookworm-slim AS base
-FROM node:20-alpine AS deps
+
-RUN npm config set registry https://package-mirror.liara.ir/repository/npm/
+ENV NEXT_TELEMETRY_DISABLED=1
-# Install OpenSSL for Prisma
+
-RUN apk add --no-cache openssl libc6-compat
+# Debian mirrors (Iranian)
+RUN rm -f /etc/apt/sources.list /etc/apt/sources.list.d/* && \
+    printf '%s\n' \
+    'deb https://mirror-linux.runflare.com/debian/ bookworm main contrib non-free non-free-firmware' \
+    'deb https://mirror-linux.runflare.com/debian/ bookworm-updates main contrib non-free non-free-firmware' \
+    'deb https://mirror-linux.runflare.com/debian-security/ bookworm-security main contrib non-free non-free-firmware' \
+    '' \
+    'deb [trusted=yes] https://mirror2.chabokan.net/debian bookworm main contrib non-free non-free-firmware' \
+    'deb [trusted=yes] https://mirror2.chabokan.net/debian-security bookworm-security main contrib non-free non-free-firmware' \
+    '' \
+    'deb http://mirror.iranserver.com/debian/ bookworm main contrib non-free non-free-firmware' \
+    'deb-src http://mirror.iranserver.com/debian/ bookworm main contrib non-free non-free-firmware' \
+    > /etc/apt/sources.list
+
+# npm mirrors (Iranian)
+RUN npm config set registry https://package-mirror.liara.ir/repository/npm/ && \
+    npm config set @runflare:registry https://mirror-npm.runflare.com/ && \
+    npm config set @chabokan:registry https://mirror2.chabokan.net/npm/ && \
+    npm config set strict-ssl false && \
+    npm config set fetch-retries 5 && \
+    npm config set fetch-retry-mintimeout 20000
+
+# ---- deps stage ----
+FROM base AS deps
+
 WORKDIR /app
 
-# Copy package files
+COPY package.json package-lock.json ./
-COPY package.json ./
+RUN npm ci
 
-# Install dependencies (skip scripts to avoid postinstall which needs source code)
+# ---- build stage ----
-RUN npm install --ignore-scripts
+FROM base AS builder
 
-# Stage 2: Builder
-FROM node:20-alpine AS builder
-RUN npm config set registry https://package-mirror.liara.ir/repository/npm/
-# Install OpenSSL for Prisma
-RUN apk add --no-cache openssl libc6-compat
 WORKDIR /app
 
-# Copy dependencies from deps stage
 COPY --from=deps /app/node_modules ./node_modules
-COPY --from=deps /app/package.json ./package.json
-
-# Copy source code
 COPY . .
 
-# Set environment variables for build
+ENV NODE_ENV=production
-ARG NODE_ENV=production
-ARG NEXT_PUBLIC_APP_URL
-ARG NEXT_PUBLIC_DOCS_URL
-ARG API_URL
-ARG BASEPATH
-ARG MAPBOX_ACCESS_TOKEN
-ARG DATABASE_URL
 
-ENV NODE_ENV=$NODE_ENV
-ENV NEXT_PUBLIC_APP_URL=$NEXT_PUBLIC_APP_URL
-ENV NEXT_PUBLIC_DOCS_URL=$NEXT_PUBLIC_DOCS_URL
-ENV API_URL=$API_URL
-ENV BASEPATH=$BASEPATH
-ENV MAPBOX_ACCESS_TOKEN=$MAPBOX_ACCESS_TOKEN
-ENV DATABASE_URL=$DATABASE_URL
-
-# Generate Prisma Client and build icons (postinstall script)
-# These commands need the source code to be present
-RUN npm run build:icons
-
-# Build the application
 RUN npm run build
 
-# Stage 3: Runner
+# ---- production stage ----
-FROM node:20-alpine AS runner
+FROM base AS runner
-RUN npm config set registry https://package-mirror.liara.ir/repository/npm/
+
 WORKDIR /app
 
 ENV NODE_ENV=production
-ENV PORT=9031
+ENV PORT=3000
-ENV NEXT_TELEMETRY_DISABLED=1
+ENV HOSTNAME=0.0.0.0
 
-# Install OpenSSL for Prisma runtime
+RUN addgroup --system --gid 1001 nodejs && \
-RUN apk add --no-cache openssl libc6-compat
+    adduser --system --uid 1001 nextjs
 
-# Create a non-root user
+COPY --from=builder /app/public ./public
-RUN addgroup --system --gid 1001 nodejs
-RUN adduser --system --uid 1001 nextjs
-
-# Copy necessary files from standalone build
 COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
 COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
-COPY --from=builder --chown=nextjs:nodejs /app/public ./public
 
 USER nextjs
 
-EXPOSE 9031
+EXPOSE 3000
-
-ENV PORT=9031
-ENV HOSTNAME="0.0.0.0"
 
 CMD ["node", "server.js"]

docker-compose-prod.yml

@@ -0,0 +1,13 @@
+services:
+  frontend:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: croplogic-frontend
+    restart: unless-stopped
+    ports:
+      - "${PORT:-9031}:3000"
+    env_file:
+      - .env
+    environment:
+      - NODE_ENV=production