# Deployment

## Branch strategy
- `develop`: test/staging deployments
- `main`: production deployments
- keep one private GitHub repository

## Local development
- current `docker-compose.yml` remains the development stack
- use `.env` or `.env.dev.example` as the template

## Test deployment server
- copy `.env.test.example` to `.env.test` on the server
- recommended path: `/opt/workdock/.env.test`
- current test target: `192.168.2.55`

## Production deployment server
- copy `.env.prod.example` to `.env.prod` on the server
- use HTTPS and secure cookies in production

## Server bootstrap
Install:
- `git`
- `docker`
- `docker compose plugin`
- `curl`

Recommended app directory:
- `/opt/workdock`

## First clone on server
```bash
git clone git@github.com:OWNER/REPO.git /opt/workdock
cd /opt/workdock
cp .env.test.example .env.test
```

## Test deploy manually
```bash
cd /opt/workdock
./scripts/deploy_stack.sh .env.test docker-compose.prod.yml
```

## Production deploy manually
```bash
cd /opt/workdock
./scripts/deploy_stack.sh .env.prod docker-compose.prod.yml
```

## GitHub Actions secrets
### Development environment
- `TEST_DEPLOY_HOST`
- `TEST_DEPLOY_USER`
- `TEST_DEPLOY_SSH_KEY`
- `TEST_DEPLOY_PORT`
- `TEST_DEPLOY_PATH`

### Production environment
- `PROD_DEPLOY_HOST`
- `PROD_DEPLOY_USER`
- `PROD_DEPLOY_SSH_KEY`
- `PROD_DEPLOY_PORT`
- `PROD_DEPLOY_PATH`

## Important note for the test server
`.env.test.example` is intentionally configured for an HTTP LAN test deployment.
That means `RUN_DJANGO_CHECK=0` is used in the test deploy workflow, because the application security checks require secure cookies when `DEBUG=0`.
For real production, use `.env.prod` behind HTTPS and keep `RUN_DJANGO_CHECK=1`.