Deploy strictly from git, not a host checkout #8

Merged

arne merged 2 commits from orbit-7-deploy-from-git into main

2026-05-31 10:11:47 +02:00

arne commented

2026-05-31 10:11:39 +02:00

Owner

deploy.sh built with go build . from whatever working tree it ran in, so production depended on one host's checkout (servo). That is precisely how the real source ended up trapped off-git. This makes git the source of truth for deploys.

Solution

deploy.sh now clones the canonical remote at a given ref (default main) into a temp dir, builds linux/amd64 there, deploys, and cleans up. Because it builds from a fresh clone, only committed-and-pushed code can reach production; local/unpushed trees are never deployed. The script is host-independent — runnable from any machine with git, Go, and SSH — and prints the exact deployed SHA.

Usage: ./scripts/deploy.sh [host] [git-ref] (defaults: fismen, main). The host-managed unit (incl. the OIDC drop-in) is left intact; the embedded unit is only written on a fresh install.

Verification

Validated the clone+build path from git end-to-end (no deploy): clones origin/main, builds the 21.4 MB linux/amd64 binary. Syntax-checked.

Follow-ups

Forgejo Actions CI/CD (push/tag → auto-deploy) can build on this; needs a runner + SSH secrets.

Closes #7

deploy.sh built with `go build .` from whatever working tree it ran in, so production depended on one host's checkout (servo). That is precisely how the real source ended up trapped off-git. This makes git the source of truth for deploys. ## Solution deploy.sh now clones the canonical remote at a given ref (default `main`) into a temp dir, builds linux/amd64 there, deploys, and cleans up. Because it builds from a fresh clone, only committed-and-pushed code can reach production; local/unpushed trees are never deployed. The script is host-independent — runnable from any machine with git, Go, and SSH — and prints the exact deployed SHA. Usage: `./scripts/deploy.sh [host] [git-ref]` (defaults: `fismen`, `main`). The host-managed unit (incl. the OIDC drop-in) is left intact; the embedded unit is only written on a fresh install. ## Verification Validated the clone+build path from git end-to-end (no deploy): clones `origin/main`, builds the 21.4 MB linux/amd64 binary. Syntax-checked. ## Follow-ups - Forgejo Actions CI/CD (push/tag → auto-deploy) can build on this; needs a runner + SSH secrets. Closes #7

arne added 2 commits

2026-05-31 10:11:39 +02:00

Add fox as primary AI summarizer with cube fallback 8e07258349

Route summaries to fox (gemma4:26b, OpenAI-compatible API) as the primary
backend, falling back to the existing Ollama backend (cube via OLLAMA_URL)
per request when fox is unreachable. Adds an Analyzer interface over both
protocols, an OpenAIClient, and a FallbackAnalyzer; OLLAMA_URL/OLLAMA_MODEL
keep configuring the fallback so the deployed unit needs no change.

Re-ports the AI work from the orphaned repo line (old PR #4, preserved on
orbit-main-archive) onto the canonical codebase.

Closes #5

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

Deploy strictly from git, not a host checkout ba6d3614ca

Clone the canonical remote at a given ref (default main) into a temp dir,
build there, then deploy — instead of building the local working tree.
Production now always runs exactly what is committed and pushed to git, and
the script is host-independent. Local/unpushed code can no longer be
deployed, which is how the source previously drifted onto servo.

Closes #7

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

arne merged commit 06d456bf6c into main

2026-05-31 10:11:47 +02:00

arne referenced this pull request from a commit

2026-05-31 10:11:48 +02:00

Deploy strictly from git, not a host checkout (#8)

arne referenced this pull request

2026-05-31 10:14:43 +02:00

Add fox as primary AI summarizer with cube fallback #6

arne referenced this pull request

2026-05-31 10:14:44 +02:00

Add fox as primary AI summarizer with cube fallback #5