feat: ✨ ci: build natif ARM64 sur Pi via Docker

.gitea/workflows/build-deploy.yml

@@ -0,0 +1,39 @@
+name: Build & Deploy
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  build-deploy:
+    runs-on: [pi, arm64, deploy]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Login registry
+        run: |
+          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.enuxia.fr \
+            -u luuna --password-stdin
+
+      - name: Build image
+        run: |
+          docker build \
+            --tag git.enuxia.fr/enuxia-public/enuxia-quiz:latest \
+            --tag git.enuxia.fr/enuxia-public/enuxia-quiz:${{ gitea.sha }} \
+            .
+
+      - name: Push image
+        run: |
+          docker push git.enuxia.fr/enuxia-public/enuxia-quiz:latest
+          docker push git.enuxia.fr/enuxia-public/enuxia-quiz:${{ gitea.sha }}
+
+      - name: Deploy
+        run: |
+          docker compose -f /opt/enuxia-quiz/docker-compose.yml \
+            --env-file /opt/enuxia-quiz/.env \
+            up -d --force-recreate
+
+      - name: Cleanup
+        if: always()
+        run: docker logout git.enuxia.fr

.gitea/workflows/build.yml

@@ -1,34 +0,0 @@
-name: Build & Push
-
-on:
-  push:
-    branches: [main]
-
-jobs:
-  build:
-    runs-on: [build, docker, rust]
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Login Gitea Registry
-        run: |
-          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.enuxia.fr \
-            -u ${{ gitea.actor }} --password-stdin
-
-      - name: Setup Docker Buildx
-        run: |
-          docker buildx create --use --name multiarch || true
-
-      - name: Build & Push ARM64
-        run: |
-          docker buildx build \
-            --platform linux/arm64 \
-            --tag git.enuxia.fr/enuxia-public/enuxia-quiz:latest \
-            --tag git.enuxia.fr/enuxia-public/enuxia-quiz:${{ gitea.sha }} \
-            --push \
-            .
-
-      - name: Logout
-        if: always()
-        run: docker logout git.enuxia.fr

.gitea/workflows/deploy.yml

@@ -1,30 +0,0 @@
-name: Deploy Pi
-
-on:
-  workflow_run:
-    workflows: ["Build & Push"]
-    types: [completed]
-
-jobs:
-  deploy:
-    runs-on: [deploy-app]
-    if: ${{ gitea.event.workflow_run.conclusion == 'success' }}
-    steps:
-      - name: Setup SSH
-        run: |
-          mkdir -p ~/.ssh
-          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/deploy_key
-          chmod 600 ~/.ssh/deploy_key
-          ssh-keyscan -H ${{ secrets.PI_HOST }} >> ~/.ssh/known_hosts
-
-      - name: Deploy sur le Pi
-        run: |
-          ssh -i ~/.ssh/deploy_key ${{ secrets.PI_USER }}@${{ secrets.PI_HOST }} \
-            "docker login git.enuxia.fr -u luuna -p ${{ secrets.REGISTRY_TOKEN }} && \
-             docker pull git.enuxia.fr/enuxia-public/enuxia-quiz:latest && \
-             docker compose -f /opt/enuxia-quiz/docker-compose.yml --env-file /opt/enuxia-quiz/.env up -d --force-recreate && \
-             docker logout git.enuxia.fr"
-
-      - name: Cleanup SSH
-        if: always()
-        run: rm -f ~/.ssh/deploy_key

.gitea/workflows/traefik.yml

@@ -1,19 +0,0 @@
-name: Traefik Config
-
-on:
-  push:
-    branches: [main]
-    paths:
-      - 'traefik/**'
-
-jobs:
-  traefik:
-    runs-on: [deploy-traefik]
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Deploy config Traefik
-        run: |
-          cp traefik/enuxia-quiz.yml /opt/gateway/traefik/dynamic/enuxia-quiz.yml
-          echo "✓ Config Traefik déployée"

Dockerfile

@@ -1,55 +1,31 @@
-# ── Stage 1 : Builder ─────────────────────────────────────────────────────────
-FROM --platform=linux/amd64 rust:1.85-slim AS builder
+# Build natif ARM64
+FROM rust:latest-slim AS builder
 
 RUN apt-get update && apt-get install -y \
-    pkg-config \
-    libssl-dev \
-    curl \
-    git \
-    clang \
-    gcc-aarch64-linux-gnu \
-    libc6-dev-arm64-cross \
-    && rm -rf /var/lib/apt/lists/*
-
-RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
-    && apt-get install -y nodejs \
+    pkg-config libssl-dev curl git nodejs npm \
     && rm -rf /var/lib/apt/lists/*
 
 RUN rustup target add wasm32-unknown-unknown
-RUN rustup target add aarch64-unknown-linux-gnu
 RUN cargo install cargo-leptos --locked
 
-ENV CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=aarch64-linux-gnu-gcc
-ENV CC_aarch64_unknown_linux_gnu=aarch64-linux-gnu-gcc
-
 WORKDIR /app
-
-COPY Cargo.toml Cargo.lock ./
-COPY src ./src
-COPY style ./style
-COPY public ./public
-COPY package*.json ./
-COPY .sqlx ./.sqlx
-
+COPY . .
 RUN npm install
 
-ENV LEPTOS_TAILWIND_VERSION=v4.1.13
 ENV SQLX_OFFLINE=true
+ENV LEPTOS_TAILWIND_VERSION=v4.1.13
 
-RUN cargo leptos build --release \
-    --bin-target-triple aarch64-unknown-linux-gnu
+RUN cargo leptos build --release
 
-# ── Stage 2 : Runtime ─────────────────────────────────────────────────────────
-FROM --platform=linux/arm64 debian:bookworm-slim AS runtime
+# Runtime
+FROM debian:bookworm-slim AS runtime
 
 RUN apt-get update && apt-get install -y \
-    ca-certificates \
-    libssl3 \
+    ca-certificates libssl3 \
     && rm -rf /var/lib/apt/lists/*
 
 WORKDIR /app
-
-COPY --from=builder /app/target/aarch64-unknown-linux-gnu/release/enuxia-quiz ./
+COPY --from=builder /app/target/release/enuxia-quiz ./
 COPY --from=builder /app/target/site ./site
 
 RUN mkdir -p /data
@@ -60,5 +36,4 @@ ENV LEPTOS_SITE_ADDR=0.0.0.0:3000
 ENV DATABASE_URL=sqlite:///data/quiz.db
 
 EXPOSE 3000
-
 CMD ["./enuxia-quiz"]