Merge branch 'main' of https://git.appstaging.my.id/reihanrere/sistem-akademik

2025-06-04 14:58:50 +07:00 · 2025-06-04 14:58:50 +07:00 · 31e0a18d99
commit 31e0a18d99
parent ee0b6d4aa2 5b4d56d003
6 changed files with 92 additions and 44 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -33,6 +33,10 @@ steps:
        from_secret: registry_username
      REGISTRY_PASSWORD:
        from_secret: registry_password
      GIT_USERNAME:
        from_secret: git_username
      GIT_ACCESS_TOKEN:
        from_secret: git_token    
    commands:
      - apt-get update -qq && apt-get install -qq git openssh-client
      - mkdir -p ~/.ssh
@ -46,12 +50,21 @@ steps:
      - chmod 600 ~/.ssh/config
      - |
        ssh -i ~/.ssh/id_rsa opc@138.2.102.242 <<EOF
        set -e
        docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD registry.git.appstaging.my.id
        cd /home/opc/workspace/sistem-akademik
        git fetch origin
        git reset --hard origin/main
        docker-compose rm --stop --force sistem-akademik-dev
        docker image prune --all --force
        docker pull registry.git.appstaging.my.id/reihanrere/sistem-akademik/sistem-akademik-dev
-        docker-compose up -d --build sistem-akademik-dev
+        docker-compose up -d --no-deps --build sistem-akademik-dev
        # Jalankan composer install di container
        docker exec -i sistem-akademik-dev composer install --no-interaction --prefer-dist --optimize-autoloader
        # Jika perlu migrasi db, bisa ditambahkan baris ini:
        docker exec -i sistem-akademik-dev php artisan migrate --force
        EOF
 volumes:
--- a/50
+++ b/50
@ -1,10 +1,19 @@
-FROM php:8.1-fpm
+FROM php:8.3-cli
-# Install dependencies
+# Install system dependencies & PHP extensions
 RUN apt-get update && apt-get install -y \
    libzip-dev \
    unzip \
    git \
    libpq-dev \
-    zip unzip curl git \
+    libicu-dev \
-    && docker-php-ext-install pdo_pgsql
+    zip \
    curl \
    && docker-php-ext-install \
    intl \
    zip \
    pdo_pgsql \
    bcmath
 # Install Composer
 COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
@ -12,23 +21,30 @@ COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
 # Set working directory
 WORKDIR /var/www
-# Copy source
+# Copy source code
 COPY . .
 # Copy default env
 COPY .env.example .env
-# Install Laravel dependencies
+# Set permissions for Laravel writable directories
 RUN mkdir -p storage bootstrap/cache \
    && chown -R www-data:www-data /var/www \
    && chmod -R ug+rwx storage bootstrap/cache
 # Use non-root user for installing dependencies
 USER www-data
 # Install PHP dependencies
 RUN composer install --no-interaction --prefer-dist --optimize-autoloader
-# Generate Laravel app key
+# Back to root to ensure runtime permissions
-RUN php artisan key:generate
+USER root
-# Set permissions for Laravel
+# Re-apply permissions to writable folders
-RUN chown -R www-data:www-data /var/www \
+RUN chown -R www-data:www-data /var/www/storage /var/www/bootstrap/cache \
-    && chmod -R 755 /var/www \
+    && chmod -R 775 /var/www/storage /var/www/bootstrap/cache
    && chmod -R 775 storage bootstrap/cache \
    && chown -R www-data:www-data storage bootstrap/cache
-EXPOSE 9000
+# Expose Laravel development server port
-CMD ["php-fpm"]
+EXPOSE 8000
 # Run with artisan serve instead of php-fpm
 CMD ["php", "artisan", "serve", "--host=0.0.0.0", "--port=8000"]
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@ -3,6 +3,7 @@
 namespace App\Providers;
 use Illuminate\Support\ServiceProvider;
 use Illuminate\Support\Facades\URL;
 class AppServiceProvider extends ServiceProvider
 {
@ -19,6 +20,8 @@ class AppServiceProvider extends ServiceProvider
     */
    public function boot(): void
    {
-        //
+        if (env('APP_ENV') === 'production') {
             URL::forceScheme('https');
        }
    }
 }
--- a/config/filament-shield.php
+++ b/config/filament-shield.php
@ -22,7 +22,7 @@ return [
    'super_admin' => [
        'enabled' => true,
        'name' => 'admin',
-        'define_via_gate' => false,
+        'define_via_gate' => true,
        'intercept_gate' => 'before', // after
    ],
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,25 +1,15 @@
-version: "3"
+version: "3.8"
 services:
  sistem-akademik-dev:
-    image: registry.git.appstaging.my.id/reihanrere/sistem-akademik/sistem-akademik-dev
+    build: .
    container_name: sistem-akademik-dev
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.sistem-akademik-dev-http.entrypoints=web"
      - "traefik.http.routers.sistem-akademik-dev-http.rule=Host(`siska.appstaging.my.id`)"
      - "traefik.http.routers.sistem-akademik-dev-http.middlewares=redirect-to-https"
      - "traefik.http.routers.sistem-akademik-dev.entrypoints=websecure"
      - "traefik.http.routers.sistem-akademik-dev.tls.certresolver=myresolver"
      - "traefik.http.routers.sistem-akademik-dev.rule=Host(`siska.appstaging.my.id`)"
      - "traefik.http.routers.sistem-akademik-dev.tls=true"
    volumes:
-      - .:/var/www                
+      - .:/var/www
      - ./storage:/var/www/storage
    working_dir: /var/www
    ports:
      - "8000:8000"  # Laravel Artisan Serve port
    restart: always
    networks:
      - traefik_default
    environment:
      APP_ENV: production
      APP_DEBUG: false
@ -30,15 +20,17 @@ services:
      DB_DATABASE: SISKA_2025
      DB_USERNAME: root
      DB_PASSWORD: postroot123
-    command: >
+    labels:
-      sh -c "
+      - "traefik.enable=true"
-        composer install --no-interaction --prefer-dist &&
+      - "traefik.http.routers.sistem-akademik-dev-http.entrypoints=web"
-        php artisan config:cache &&
+      - "traefik.http.routers.sistem-akademik-dev-http.rule=Host(`siska.appstaging.my.id`)"
-        php artisan route:cache &&
+      - "traefik.http.routers.sistem-akademik-dev-http.middlewares=redirect-to-https"
-        php artisan view:cache &&
+      - "traefik.http.routers.sistem-akademik-dev.entrypoints=websecure"
-        php artisan migrate --force &&
+      - "traefik.http.routers.sistem-akademik-dev.tls.certresolver=myresolver"
-        php-fpm
+      - "traefik.http.routers.sistem-akademik-dev.rule=Host(`siska.appstaging.my.id`)"
-      "
+      - "traefik.http.routers.sistem-akademik-dev.tls=true"
    networks:
      - traefik_default  
 networks:
  traefik_default:
--- a/nginx/default.conf
+++ b/nginx/default.conf
@ -0,0 +1,24 @@
 server {
    listen 80;
    index index.php index.html;
    server_name siska.appstaging.my.id;
    # Ensure this matches your actual document root
    root /var/www/public;
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }
    location ~ \.php$ {
        fastcgi_pass sistem-akademik-dev:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        include fastcgi_params;
    }
    location ~ /\.ht {
        deny all;
    }
 }