feat: update deployment configuration and encrypted env loader

- Update Ansible playbooks and roles for application deployment - Add new Gitea/Traefik troubleshooting playbooks - Update Docker Compose configurations (base, local, staging, production) - Enhance EncryptedEnvLoader with improved error handling - Add deployment scripts (autossh setup, migration, secret testing) - Update CI/CD workflows and documentation - Add Semaphore stack configuration
2025-11-02 20:38:06 +01:00
parent 7b7f0b41d2
commit 24cbbccf4c
44 changed files with 5280 additions and 276 deletions
--- a/deployment/README.md
+++ b/deployment/README.md
@@ -4,6 +4,33 @@

 This deployment setup uses separate Docker Compose stacks for better maintainability and clear separation of concerns.

+### Docker Compose Structure
+
+The project uses a **Base + Override Pattern** to prevent configuration drift between environments:
+
+- **`docker-compose.base.yml`** - Shared base configuration (services, networks, volumes)
+- **`docker-compose.local.yml`** - Local development overrides (ports, host mounts, debug flags)
+- **`docker-compose.staging.yml`** - Staging environment overrides (Traefik labels, staging volumes)
+- **`docker-compose.production.yml`** - Production environment overrides (security, logging, resources)
+
+**Usage:**
+```bash
+# Local development
+docker compose -f docker-compose.base.yml -f docker-compose.local.yml up
+
+# Staging
+docker compose -f docker-compose.base.yml -f docker-compose.staging.yml up
+
+# Production
+docker compose -f docker-compose.base.yml -f docker-compose.production.yml up
+```
+
+**Benefits:**
+- ✅ Single source of truth for shared configuration
+- ✅ Environment-specific differences clearly visible
+- ✅ Reduced configuration drift between environments
+- ✅ Easier maintenance and updates
+
 ### Infrastructure Components

 ```