mikrotik-bot/INFRA_PLAN.md

# CI/CD Infrastructure Plan - Proxmox

## ARCH:OVERVIEW
```
[DEV] → [Git Server] → [CI/CD] → [Registry] → [Portainer] → [MikroTik Bot]
```

## QUICK:START
```bash
cd infra/
chmod +x *.sh
./deploy-all.sh
```

**Результат:** Полная CI/CD инфраструктура за 10 минут!

## VMs/LXC:SETUP

### 1. Git Server (LXC)
- **OS**: Ubuntu 22.04 LXC
- **Memory**: 2GB RAM, 20GB disk
- **Service**: Gitea (lightweight GitHub alternative)
- **Features**: 
  - Web UI для управления репозиториями
  - Webhook support для CI/CD
  - Built-in Actions (CI/CD)
  - Issues, PRs, Wiki

### 2. CI/CD + Registry (LXC)
- **OS**: Ubuntu 22.04 LXC  
- **Memory**: 4GB RAM, 50GB disk
- **Services**:
  - GitLab Runner / Gitea Actions Runner
  - Docker Registry (private)
  - Nexus/Harbor (опционально)

### 3. Production Environment (LXC)
- **OS**: Ubuntu 22.04 LXC
- **Memory**: 2GB RAM, 20GB disk
- **Services**:
  - Portainer CE
  - MikroTik Telegram Bot
  - Watchtower (автообновление)

## NETWORK:CONFIG
```
Proxmox Bridge (vmbr1): 10.10.0.0/24
├── Git Server:      10.10.0.10
├── CI/CD Registry:  10.10.0.20  
├── Production:      10.10.0.30
└── Gateway:         10.10.0.1 (access from home LAN)
```

## SERVICES:STACK

### Git Server (Gitea)
```yaml
version: '3.8'
services:
  gitea:
    image: gitea/gitea:latest
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=sqlite3
      - GITEA__server__DOMAIN=git.home.lab
      - GITEA__server__ROOT_URL=http://git.home.lab:3000
    volumes:
      - gitea_data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:22"
    restart: unless-stopped
```

### CI/CD + Registry
```yaml
version: '3.8'
services:
  # Private Docker Registry
  registry:
    image: registry:2
    container_name: docker-registry
    environment:
      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
    volumes:
      - registry_data:/data
    ports:
      - "5000:5000"
    restart: unless-stopped
    
  # Gitea Actions Runner
  runner:
    image: gitea/act_runner:latest
    container_name: gitea-runner
    environment:
      GITEA_INSTANCE_URL: http://10.10.0.10:3000
      GITEA_RUNNER_REGISTRATION_TOKEN: "your_token"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - runner_data:/data
    restart: unless-stopped
```

### Production (Portainer + Apps)
```yaml
version: '3.8'
services:
  portainer:
    image: portainer/portainer-ce:latest
    container_name: portainer
    command: -H unix:///var/run/docker.sock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer_data:/data
    ports:
      - "9000:9000"
    restart: unless-stopped
```

## WORKFLOW:CI_CD

### 1. Development Flow
```
git push → Gitea → webhook → Actions → build → registry → webhook → Portainer → deploy
```

### 2. Gitea Actions Workflow (.gitea/workflows/deploy.yml)
```yaml
name: Build and Deploy
on:
  push:
    branches: [main]
    
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - name: Build Image
      run: |
        docker build -t 10.10.0.20:5000/mikrotik-bot:${{ github.sha }} .
        docker push 10.10.0.20:5000/mikrotik-bot:${{ github.sha }}
        docker tag 10.10.0.20:5000/mikrotik-bot:${{ github.sha }} 10.10.0.20:5000/mikrotik-bot:latest
        docker push 10.10.0.20:5000/mikrotik-bot:latest
    - name: Deploy to Production
      run: |
        curl -X POST "http://10.10.0.30:9000/api/webhooks/YOUR_WEBHOOK_KEY"
```

## DEPLOY:STEPS

### Phase 1: Infrastructure Setup
1. **Create LXC containers** in Proxmox
2. **Network configuration** (vmbr1 bridge)
3. **Install Docker** on all containers
4. **Configure DNS** (local or Pi-hole): git.home.lab, registry.home.lab, portainer.home.lab

### Phase 2: Services Deployment  
1. **Deploy Gitea** (10.10.0.10:3000)
2. **Create mikrotik-bot repository**
3. **Deploy Registry** (10.10.0.20:5000)
4. **Setup Gitea Actions Runner**
5. **Deploy Portainer** (10.10.0.30:9000)

### Phase 3: CI/CD Configuration
1. **Configure Gitea webhook** → Actions
2. **Setup registry access** (insecure for local)
3. **Create Portainer webhook** for auto-deploy
4. **Test full pipeline**

### Phase 4: Production Deploy
1. **Push code** to Gitea
2. **Verify automatic build** in registry
3. **Confirm auto-deploy** to Portainer
4. **Setup monitoring** and alerts

## SECURITY:CONSIDERATIONS
- **Registry**: HTTP (internal network only)
- **Gitea**: HTTP (можно добавить HTTPS с self-signed)
- **Firewall**: только нужные порты
- **Backup**: регулярные снапшоты LXC
- **Access**: VPN или закрытая сеть

## MONITORING:STACK (Optional)
```yaml
# Prometheus + Grafana
prometheus:
  image: prom/prometheus:latest
  ports: ["9090:9090"]
  
grafana:
  image: grafana/grafana:latest  
  ports: ["3001:3000"]
  
# Log aggregation
loki:
  image: grafana/loki:latest
  ports: ["3100:3100"]
```

## RESOURCES:REQUIREMENTS
- **Total RAM**: 8GB (2+4+2)
- **Total Disk**: 90GB (20+50+20)
- **Network**: 1Gbps internal
- **Backup**: еженедельные снапшоты

## BENEFITS:SELFHOSTED
✅ Полный контроль над кодом и инфраструктурой  
✅ Нет зависимости от внешних сервисов  
✅ Быстрая локальная сеть (Gigabit)  
✅ Бесплатно (кроме электричества)  
✅ Легкое масштабирование в Proxmox  
✅ Интеграция с домашней сетью

## MIGRATION:PATH
Existing code → Gitea → Actions → Registry → Portainer

## FILES:CREATED
```
infra/
├── setup-lxc.sh              # Автоматическое создание LXC
├── deploy-all.sh              # Полное развертывание
├── gitea-compose.yml          # Git сервер + DB
├── registry-compose.yml       # Registry + UI + Watchtower
├── production-compose.yml     # Portainer + Apps
└── README.md                  # Подробные инструкции
.gitea/workflows/
└── deploy.yml                 # CI/CD pipeline
```

## USAGE:SUMMARY
1. **Один скрипт** развертывает всю инфраструктуру
2. **Настройка** заняет 15-20 минут
3. **Push код** → автоматический деплой
4. **Мониторинг** через веб интерфейсы
5. **Масштабирование** добавлением новых LXC