diff --git a/.env b/.env index 694011c..b8a9baa 100644 --- a/.env +++ b/.env @@ -1,8 +1,8 @@ -PRODUCTION_DB_NAME=project_daedalus_production -PRODUCTION_DB_USER=daedalus -CLOUD_SQL_CONNECTION_NAME=projectdaedalus-fb09f:us-central1:project-daedalus +# PRODUCTION_DB_NAME=project_daedalus_production # Legacy Cloud SQL/Cloud Run — no longer used +# PRODUCTION_DB_USER=daedalus # Legacy Cloud SQL/Cloud Run — no longer used +# CLOUD_SQL_CONNECTION_NAME=projectdaedalus-fb09f:us-central1:project-daedalus # Legacy Cloud SQL/Cloud Run — no longer used GOOGLE_PROJECT_ID=projectdaedalus-fb09f STORAGE_BUCKET_NAME=project-daedalus-public GOOGLE_REGION=us-central1 -GOOGLE_SERVICE_NAME=project-daedalus -GOOGLE_INSTANCE_NAME=project-daedalus +# GOOGLE_SERVICE_NAME=project-daedalus # Legacy Cloud SQL/Cloud Run — no longer used +# GOOGLE_INSTANCE_NAME=project-daedalus # Legacy Cloud SQL/Cloud Run — no longer used diff --git a/.gitignore b/.gitignore index cd4f48d..d047613 100644 --- a/.gitignore +++ b/.gitignore @@ -42,3 +42,4 @@ # Claude Code local settings .claude/ +firebase-debug.log diff --git a/cloudbuild.yaml b/cloudbuild.yaml deleted file mode 100644 index 31a24d9..0000000 --- a/cloudbuild.yaml +++ /dev/null @@ -1,57 +0,0 @@ -# [START cloudrun_rails_cloudbuild] -steps: - - id: Build - name: gcr.io/cloud-builders/docker - secretEnv: ['SECRET_KEY'] - entrypoint: 'bash' - args: ['-c', 'docker build --no-cache --build-arg MASTER_KEY=$$SECRET_KEY --tag $_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA --file Dockerfile .'] - - - id: Push - name: gcr.io/cloud-builders/docker - args: ['push', '$_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA'] - - - id: 'DB Migrations' - name: 'gcr.io/google-appengine/exec-wrapper' - secretEnv: ['SECRET_KEY'] - entrypoint: 'bash' - args: ['-c', '/buildstep/execute.sh -i $_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA -s $PROJECT_ID:$_DEPLOY_REGION:$_SERVICE_NAME -e RAILS_MASTER_KEY=$$SECRET_KEY -- bundle exec rails db:migrate'] - - - id: Deploy - name: 'gcr.io/google.com/cloudsdktool/cloud-sdk:slim' - entrypoint: gcloud - args: - - run - - services - - update - - $_SERVICE_NAME - - '--platform=managed' - - '--image=$_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA' - - >- - --labels=managed-by=gcp-cloud-build-deploy-cloud-run,commit-sha=$COMMIT_SHA,gcb-build-id=$BUILD_ID,gcb-trigger-id=$_TRIGGER_ID,$_LABELS - - '--region=$_DEPLOY_REGION' - - '--quiet' - -availableSecrets: - secretManager: - - versionName: projects/$PROJECT_ID/secrets/$_SECRET_NAME/versions/latest - env: SECRET_KEY - -images: - - '$_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA' - -options: - substitutionOption: ALLOW_LOOSE - -substitutions: - _PLATFORM: managed - _SERVICE_NAME: project-daedalus - _DEPLOY_REGION: us-central1 - _LABELS: gcb-trigger-id=35398d68-d58c-4698-8f89-b81d86f61238 - _TRIGGER_ID: 35398d68-d58c-4698-8f89-b81d86f61238 - _GCR_HOSTNAME: us.gcr.io - -tags: - - gcp-cloud-build-deploy-cloud-run - - gcp-cloud-build-deploy-cloud-run-managed - - project-daedalus -# [END cloudrun_rails_cloudbuild] diff --git a/config/deploy.yml b/config/deploy.yml index c47eb6d..e2c76e7 100644 --- a/config/deploy.yml +++ b/config/deploy.yml @@ -9,10 +9,10 @@ servers: web: - 10.30.11.2 -# Enable SSL auto certification via Let's Encrypt and allow for multiple apps on a single web server. -# Remove this section when using multiple web servers and ensure you terminate SSL at your load balancer. -# -# Note: If using Cloudflare, set encryption mode in SSL/TLS setting to "Full" to enable CF-to-app encryption. +# Proxy configuration. +# SSL/TLS is terminated by Cloudflare (HTTPS on :443 from clients), +# which forwards plain HTTP to Kamal's proxy on port 80. +# The proxy then forwards to the app on app_port (3000). proxy: ssl: false app_port: 3000 @@ -36,14 +36,9 @@ builder: # Inject ENV variables into containers (secrets come from .kamal/secrets). env: clear: - PRODUCTION_DB_NAME: project_daedalus_production - PRODUCTION_DB_USER: daedalus - CLOUD_SQL_CONNECTION_NAME: projectdaedalus-fb09f:us-central1:project-daedalus GOOGLE_PROJECT_ID: projectdaedalus-fb09f STORAGE_BUCKET_NAME: project-daedalus-public GOOGLE_REGION: us-central1 - GOOGLE_SERVICE_NAME: project-daedalus - GOOGLE_INSTANCE_NAME: project-daedalus secret: - RAILS_MASTER_KEY diff --git a/mise.toml b/mise.toml new file mode 100644 index 0000000..c6e14d5 --- /dev/null +++ b/mise.toml @@ -0,0 +1,2 @@ +[tools] +ruby = "3.4.8"