From fa1d04446cc0856be7d7436868734b56b0f395fb Mon Sep 17 00:00:00 2001
From: Josh <jcoakley@aptivaai.com>
Date: Wed, 30 Jul 2025 19:23:14 +0000
Subject: [PATCH] woodpecker.yml fix and nginx up file size for gitea

---
 nginx.conf     |  1 +
 woodpecker.yml | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 79 insertions(+)
 create mode 100644 woodpecker.yml

diff --git a/nginx.conf b/nginx.conf
index 9daf15f..022a7f6 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -80,6 +80,7 @@ http {
         listen 443 ssl;
         http2  on;
         server_name gitea.dev1.aptivaai.com;
+        client_max_body_size 1024m;
 
         ssl_certificate     /etc/letsencrypt/live/gitea.dev1.aptivaai.com/fullchain.pem;
         ssl_certificate_key /etc/letsencrypt/live/gitea.dev1.aptivaai.com/privkey.pem;
diff --git a/woodpecker.yml b/woodpecker.yml
new file mode 100644
index 0000000..256e62b
--- /dev/null
+++ b/woodpecker.yml
@@ -0,0 +1,78 @@
+# .woodpecker.yml  ── runs on the dev1 agent
+kind: pipeline
+type: docker
+name: build-and-deploy
+
+# ────────────────────────────────────────────────
+# 1. Clone / workspace (defaults are fine)
+# ────────────────────────────────────────────────
+clone:
+  depth: 50
+
+workspace:
+  base: /woodpecker   # host‑path inside the agent
+  path: src           # repo will be /woodpecker/src
+
+# ────────────────────────────────────────────────
+# 2. Build & push Docker images to Artifact Registry
+# ────────────────────────────────────────────────
+steps:
+- name: build-and-push
+  image: gcr.io/google.com/cloudsdktool/cloud-sdk:slim
+  privileged: true            # we need Docker‑in‑Docker
+  volumes:
+  - name: docker-sock
+    path: /var/run/docker.sock
+
+  commands:
+  # authenticate to GAR using the VM’s metadata‑server token
+  - gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
+
+  # buildx (with cross‑stage cache) → push to Artifact Registry
+  - |
+    REG=us-central1-docker.pkg.dev/aptivaai-dev/aptiva-repo
+    TAG=${CI_COMMIT_SHA:-latest}
+
+    docker buildx create --use --name woodpecker || true
+
+    for svc in server1 server2 server3 nginx ; do
+      docker buildx build \
+        --file Dockerfile.${svc} \
+        --tag ${REG}/${svc}:${TAG} \
+        --cache-from type=registry,ref=${REG}/${svc}:cache \
+        --cache-to   type=registry,ref=${REG}/${svc}:cache,mode=max \
+        --push .
+    done
+
+  when:
+    event: [push, manual]
+    branch: [master]
+
+# ────────────────────────────────────────────────
+# 3. Rolling update on the *staging* VM
+# ────────────────────────────────────────────────
+- name: deploy-staging
+  image: appleboy/drone-ssh
+  settings:
+    host: 10.128.0.12               # **internal** IP of aptiva‑staging
+    username: jcoakley
+    key:
+      from_secret: STAGING_SSH_KEY
+    known_hosts:
+      from_secret: STAGING_KNOWN_HOSTS
+    port: 22
+    script:
+    - cd /opt/aptiva-staging-app
+    - ./refresh_secrets.sh          # refreshes GCP Secret‑Manager env‑vars
+    - IMG_TAG=${CI_COMMIT_SHA} docker compose pull
+    - IMG_TAG=${CI_COMMIT_SHA} docker compose up -d --remove-orphans
+
+  when:
+    event: [push, manual]
+    branch: [master]
+
+# ────────────────────────────────────────────────
+volumes:
+- name: docker-sock
+  host:
+    path: /var/run/docker.sock