Merge deploy playbooks, add env.local template, update MailerService

- Fuse deploy-caddy.yml and cloudflare.yml into deploy.yml - Add env.local.j2 template for production secrets - Vault: add all production secrets - Workflow: single deploy.yml playbook - MailerService: rewrite with S/MIME signing, email tracking, unsubscribe - ngrok-sync: run as root for .env.local write access - Fix domain references to ticket.e-cosplay.fr Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 21:24:31 +01:00
parent 8e34a5b3a6
commit 46a84a9f9a
7 changed files with 208 additions and 143 deletions
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -20,8 +20,5 @@ jobs:
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan 34.90.187.4 >> ~/.ssh/known_hosts

-      - name: Configure Cloudflare
-        run: ansible-playbook ansible/cloudflare.yml --vault-password-file <(echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}")
-
      - name: Deploy
-        run: ansible-playbook -i ansible/hosts.ini ansible/deploy-caddy.yml --vault-password-file <(echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}")
+        run: ansible-playbook -i ansible/hosts.ini ansible/deploy.yml --vault-password-file <(echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}")