steve/restic-manager
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases 1 Wiki Activity

p5-03: docker-only release path (drop goreleaser)

Browse Source 
Single public deliverable per tag: a multi-arch server image, with
cross-compiled agent binaries + install scripts + the systemd unit
baked under /opt/restic-manager/dist/. The /agent/binary and
/install/* handlers fall back from <DataDir>/... to that read-only
path so a fresh container Just Works without first-run staging;
operators can still drop a custom build into <DataDir>/ to override
per-host.

Architecture rationale: agent distribution already routes through
the running server, so the release surface mirrors that — there's
no second source of truth to keep in sync.

Workflow .gitea/workflows/release.yml triggers on v*.*.* tag-push
(fan-out :vX.Y.Z / :X.Y / :X, plus :latest once MAJOR>=1) and
workflow_dispatch (snapshot tag only). Pushes to the Gitea
container registry on this instance.

Both binaries grow main.commit + main.date ldflag targets. Makefile
and Dockerfile fill them; release workflow forwards from gitea.sha
plus a UTC timestamp.

Spec : docs/superpowers/specs/2026-05-05-p5-03-docker-only-release.md
Plan : docs/superpowers/plans/2026-05-05-p5-03-docker-only-release.md
This commit is contained in:
Steve Cliff
2026-05-05 15:18:48 +01:00
parent 9abdedf40a
commit fb978ad10c
9 changed files with 392 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/server/config/config.go
+15 -3
View File
@@ -33,6 +33,14 @@ type Config struct {
CookieSecure bool `yaml:"cookie_secure"`
OIDCRaw *OIDCConfig `yaml:"oidc"`
OIDC *OIDCConfig `yaml:"-"`
// BundledAssetsDir is the read-only path inside the image that
// holds agent binaries (under agent-binaries/) and install
// scripts (under install/). The /agent/binary and /install/*
// handlers fall back here when the file is not present in
// DataDir. Source-build deployments can override via
// RM_BUNDLED_ASSETS_DIR.
BundledAssetsDir string `yaml:"bundled_assets_dir"`
}
// Load resolves config in this order:
@@ -44,9 +52,10 @@ type Config struct {
// safe to start.
func Load(yamlPath string) (Config, error) {
c := Config{
Listen: ":8080",
DataDir: "/data",
CookieSecure: true,
Listen: ":8080",
DataDir: "/data",
CookieSecure: true,
BundledAssetsDir: "/opt/restic-manager/dist",
}
if yamlPath != "" {
@@ -81,6 +90,9 @@ func Load(yamlPath string) (Config, error) {
c.CookieSecure = true
}
}
if v, ok := os.LookupEnv("RM_BUNDLED_ASSETS_DIR"); ok {
c.BundledAssetsDir = v
}
if v, ok := os.LookupEnv("RM_TRUSTED_PROXY"); ok {
// Comma-separated CIDRs; allow whitespace for readability.
parts := strings.Split(v, ",")