Two bugs kept a fresh docker-compose deploy from ever accepting admin:admin:
1. resolveSqliteUrl in packages/db/src/client.ts stripped leading slashes
wholesale — so file:/data/vector.db became a relative path and was
resolved against packages/db/prisma/. Prisma CLI (migrate deploy)
correctly wrote to /data/vector.db on the mounted volume; the app's
runtime client connected to an empty file at packages/db/prisma/data/
vector.db with no tables, so login threw. The helper now passes Unix
absolute paths through verbatim, still normalizes file:/// triple-
slash URLs, and only resolves truly relative paths against the schema
dir.
2. The Dockerfile CMD ran migrations but not a seed, so even when the
path bug is fixed the User table is empty — admin:admin 401s forever.
Added packages/db/ensure-admin.mjs (pure JS, no tsx needed) that
creates the default admin user iff User.count() === 0, and wired it
into the API CMD between migrate deploy and node. Credentials can be
overridden with SEED_ADMIN_{USERNAME,PASSWORD,EMAIL}.
Lock images to gitea.thewrightserver.net/josh/{vector-api,vector-web}
and drop the build: sections. docker compose up now only pulls; source
builds happen exclusively in CI.
Gitea's OCI registry requires <host>/<owner>/<image>. Pushes to the
bare <host>/<image> path return 404. Prepend github.repository_owner
so REGISTRY_URL can stay as just the hostname.
packages/db/src/index.ts re-exports model types from @prisma/client,
so the generated client has to exist before tsc walks that file. The
previous order hit TS2305 on User/Manufacturer/Site/etc.
Gitea Actions rejects @actions/artifact v2.0+ (upload-artifact@v4,
download-artifact@v4) with a GHESNotSupportedError. v3 is the highest
supported on current Gitea releases.
CI was failing because only ~7% of services/lib is covered today — the
60% threshold was aspirational, not grounded in what ships. Keep the
v8 report + artifact upload so contributors can see the trend; add a
threshold back once service-level coverage catches up.
- apps/api/Dockerfile: multi-stage build, runs prisma migrate deploy on
boot. Workspace package.json "main/exports" rewritten to dist so Node
ESM resolves compiled JS at runtime.
- apps/web/Dockerfile + nginx.conf: static build served by nginx with
SPA fallback, gzip, cache-bust on hashed assets, and /api reverse
proxy to the internal api service.
- docker-compose.yml: production-oriented stack — api (SQLite on a
named volume), web (exposes WEB_PORT), redis (for the upcoming
worker). Postgres dropped since schema still targets SQLite.
- .dockerignore: keep build context lean.
- ci: add docker job gated on push-to-main that builds and pushes both
images to ${{ vars.REGISTRY_URL }} using ${{ secrets.REGISTRY_TOKEN }}.
Tags :latest + :${github.sha}.
The Gitea Actions cache server is unreachable from the runner, so
cache: pnpm hangs ~4m42s on ETIMEDOUT before falling through. Removing
the option drops the step to ~5s; pnpm install on a clean runner is
already fast with the frozen lockfile.
Replace placeholder with a professional README covering architecture,
tech stack, getting-started flow, common tasks, testing, Gitea CI,
conventions, and the nine-phase roadmap.
josh