- Pass SUPABASE_JWT_SECRET to backend in docker-compose.prod.yml
- Add build args (VITE_API_URL, VITE_SUPABASE_URL, VITE_SUPABASE_ANON_KEY)
to Dockerfile.prod so Vite inlines them at build time
- Pass build args from secrets in deploy workflow
- Add build section to frontend service in docker-compose.prod.yml
No GoTrue container needed in prod — Supabase Cloud hosts the auth
service. The backend only needs the JWT secret to verify tokens.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Store PostgreSQL data at ./data/postgres relative to the compose file
so persistent data lives on the Unraid disk at
/mnt/user/appdata/nuzlocke-tracker/data/postgres.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Deploy script builds and pushes images to Gitea registry, then triggers
Portainer stack redeployment via API. Includes preflight checks for
branch and uncommitted changes. Also renames prod DB volume to avoid
conflicts with dev and changes frontend port to 9080.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Backend: installs non-editable, runs uvicorn without reload.
Frontend: multi-stage build, serves static files via nginx with
API proxy to the backend service and SPA fallback routing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Uses pre-built images from the Gitea container registry, runs Alembic
migrations before API startup, and keeps the database password configurable
via environment variable. No source mounts or debug mode.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
