Merge branch 'main' of https://git.appstaging.my.id/reihanrere/sistem-akademik

2025-06-04 14:58:50 +07:00 · 2025-06-04 14:58:50 +07:00 · 31e0a18d99
commit 31e0a18d99
parent ee0b6d4aa2 5b4d56d003
6 changed files with 92 additions and 44 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -33,6 +33,10 @@ steps:
        from_secret: registry_username
      REGISTRY_PASSWORD:
        from_secret: registry_password
+      GIT_USERNAME:
+        from_secret: git_username
+      GIT_ACCESS_TOKEN:
+        from_secret: git_token    
    commands:
      - apt-get update -qq && apt-get install -qq git openssh-client
      - mkdir -p ~/.ssh
@ -46,12 +50,21 @@ steps:
      - chmod 600 ~/.ssh/config
      - |
        ssh -i ~/.ssh/id_rsa opc@138.2.102.242 <<EOF
+        set -e
        docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD registry.git.appstaging.my.id
        cd /home/opc/workspace/sistem-akademik
+        git fetch origin
+        git reset --hard origin/main
        docker-compose rm --stop --force sistem-akademik-dev
        docker image prune --all --force
        docker pull registry.git.appstaging.my.id/reihanrere/sistem-akademik/sistem-akademik-dev
-        docker-compose up -d --build sistem-akademik-dev
+        docker-compose up -d --no-deps --build sistem-akademik-dev
+
+        # Jalankan composer install di container
+        docker exec -i sistem-akademik-dev composer install --no-interaction --prefer-dist --optimize-autoloader
+
+        # Jika perlu migrasi db, bisa ditambahkan baris ini:
+        docker exec -i sistem-akademik-dev php artisan migrate --force
        EOF

 volumes:
--- a/50
+++ b/50
@ -1,10 +1,19 @@
-FROM php:8.1-fpm
+FROM php:8.3-cli

-# Install dependencies
+# Install system dependencies & PHP extensions
 RUN apt-get update && apt-get install -y \
+    libzip-dev \
+    unzip \
+    git \
    libpq-dev \
-    zip unzip curl git \
-    && docker-php-ext-install pdo_pgsql
+    libicu-dev \
+    zip \
+    curl \
+    && docker-php-ext-install \
+    intl \
+    zip \
+    pdo_pgsql \
+    bcmath

 # Install Composer
 COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
@ -12,23 +21,30 @@ COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
 # Set working directory
 WORKDIR /var/www

-# Copy source
+# Copy source code
 COPY . .
-
-# Copy default env
 COPY .env.example .env

-# Install Laravel dependencies
+# Set permissions for Laravel writable directories
+RUN mkdir -p storage bootstrap/cache \
+    && chown -R www-data:www-data /var/www \
+    && chmod -R ug+rwx storage bootstrap/cache
+
+# Use non-root user for installing dependencies
+USER www-data
+
+# Install PHP dependencies
 RUN composer install --no-interaction --prefer-dist --optimize-autoloader

-# Generate Laravel app key
-RUN php artisan key:generate
+# Back to root to ensure runtime permissions
+USER root

-# Set permissions for Laravel
-RUN chown -R www-data:www-data /var/www \
-    && chmod -R 755 /var/www \
-    && chmod -R 775 storage bootstrap/cache \
-    && chown -R www-data:www-data storage bootstrap/cache
+# Re-apply permissions to writable folders
+RUN chown -R www-data:www-data /var/www/storage /var/www/bootstrap/cache \
+    && chmod -R 775 /var/www/storage /var/www/bootstrap/cache

-EXPOSE 9000
-CMD ["php-fpm"]
+# Expose Laravel development server port
+EXPOSE 8000
+
+# Run with artisan serve instead of php-fpm
+CMD ["php", "artisan", "serve", "--host=0.0.0.0", "--port=8000"]
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@ -3,6 +3,7 @@
 namespace App\Providers;

 use Illuminate\Support\ServiceProvider;
+use Illuminate\Support\Facades\URL;

 class AppServiceProvider extends ServiceProvider
 {
@ -19,6 +20,8 @@ class AppServiceProvider extends ServiceProvider
     */
    public function boot(): void
    {
-        //
+        if (env('APP_ENV') === 'production') {
+             URL::forceScheme('https');
+        }
    }
 }
--- a/config/filament-shield.php
+++ b/config/filament-shield.php
@ -22,7 +22,7 @@ return [
    'super_admin' => [
        'enabled' => true,
        'name' => 'admin',
-        'define_via_gate' => false,
+        'define_via_gate' => true,
        'intercept_gate' => 'before', // after
    ],

--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,25 +1,15 @@
-version: "3"
+version: "3.8"

 services:
  sistem-akademik-dev:
-    image: registry.git.appstaging.my.id/reihanrere/sistem-akademik/sistem-akademik-dev
+    build: .
    container_name: sistem-akademik-dev
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.sistem-akademik-dev-http.entrypoints=web"
-      - "traefik.http.routers.sistem-akademik-dev-http.rule=Host(`siska.appstaging.my.id`)"
-      - "traefik.http.routers.sistem-akademik-dev-http.middlewares=redirect-to-https"
-      - "traefik.http.routers.sistem-akademik-dev.entrypoints=websecure"
-      - "traefik.http.routers.sistem-akademik-dev.tls.certresolver=myresolver"
-      - "traefik.http.routers.sistem-akademik-dev.rule=Host(`siska.appstaging.my.id`)"
-      - "traefik.http.routers.sistem-akademik-dev.tls=true"
    volumes:
      - .:/var/www
-      - ./storage:/var/www/storage
    working_dir: /var/www
+    ports:
+      - "8000:8000"  # Laravel Artisan Serve port
    restart: always
-    networks:
-      - traefik_default
    environment:
      APP_ENV: production
      APP_DEBUG: false
@ -30,15 +20,17 @@ services:
      DB_DATABASE: SISKA_2025
      DB_USERNAME: root
      DB_PASSWORD: postroot123
-    command: >
-      sh -c "
-        composer install --no-interaction --prefer-dist &&
-        php artisan config:cache &&
-        php artisan route:cache &&
-        php artisan view:cache &&
-        php artisan migrate --force &&
-        php-fpm
-      "
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.sistem-akademik-dev-http.entrypoints=web"
+      - "traefik.http.routers.sistem-akademik-dev-http.rule=Host(`siska.appstaging.my.id`)"
+      - "traefik.http.routers.sistem-akademik-dev-http.middlewares=redirect-to-https"
+      - "traefik.http.routers.sistem-akademik-dev.entrypoints=websecure"
+      - "traefik.http.routers.sistem-akademik-dev.tls.certresolver=myresolver"
+      - "traefik.http.routers.sistem-akademik-dev.rule=Host(`siska.appstaging.my.id`)"
+      - "traefik.http.routers.sistem-akademik-dev.tls=true"
+    networks:
+      - traefik_default  

 networks:
  traefik_default:
--- a/nginx/default.conf
+++ b/nginx/default.conf
@ -0,0 +1,24 @@
+server {
+    listen 80;
+    index index.php index.html;
+    server_name siska.appstaging.my.id;
+    
+    # Ensure this matches your actual document root
+    root /var/www/public;
+
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    location ~ \.php$ {
+        fastcgi_pass sistem-akademik-dev:9000;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        include fastcgi_params;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+}