From 3e8925c609f1df7547f58faf7c64b3c5d27959bb Mon Sep 17 00:00:00 2001
From: Dmitriy Petrov <floplopru@gmail.com>
Date: Sat, 9 May 2026 10:51:23 +0300
Subject: [PATCH] Fix gateway workflow runner selection

---
 .gitea/workflows/gateway-build.yml | 65 +++++-------------------------
 scripts/build-on-107-deploy-111.sh | 56 ++++++++++++++++++-------
 2 files changed, 52 insertions(+), 69 deletions(-)

diff --git a/.gitea/workflows/gateway-build.yml b/.gitea/workflows/gateway-build.yml
index 98b76cc..8e63985 100644
--- a/.gitea/workflows/gateway-build.yml
+++ b/.gitea/workflows/gateway-build.yml
@@ -11,8 +11,8 @@ env:
   SINGBOX_VERSION: 1.12.13
 
 jobs:
-  build-and-push:
-    runs-on: lxc-107
+  build-and-deploy:
+    runs-on: ubuntu-22.04
     steps:
       - name: Clone repository
         env:
@@ -25,60 +25,15 @@ jobs:
           cd repo
           git checkout ${{ gitea.sha }}
 
-      - name: Build frontend and gateway image
+      - name: Build on runner 107 and deploy to 111
         run: |
           set -euo pipefail
           cd repo
-          npm ci --no-audit --no-fund
-          npm run build
 
-          REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
-          IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway"
-
-          echo "Build runner: $(hostname)"
-          echo "Base image: ${{ env.BASE_IMAGE }}"
-          echo "Docker context: $(docker context show 2>/dev/null || true)"
-          docker info 2>/dev/null | sed -n '/HTTP Proxy:/p;/HTTPS Proxy:/p;/Name:/p'
-          docker image inspect "${{ env.BASE_IMAGE }}" >/dev/null || {
-            echo "Runtime base image ${{ env.BASE_IMAGE }} is missing on lxc-107."
-            echo "Seed it once on 107 with: ./scripts/build-runtime-base.sh"
-            exit 1
-          }
-
-          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "$REGISTRY_HOST" -u "${{ gitea.actor }}" --password-stdin
-          DOCKER_BUILDKIT=1 docker build \
-            --network host \
-            --pull=false \
-            --build-arg BASE_IMAGE="${{ env.BASE_IMAGE }}" \
-            --build-arg SINGBOX_VERSION="${{ env.SINGBOX_VERSION }}" \
-            --build-arg INSTALL_RUNTIME_DEPS=false \
-            --build-arg INSTALL_SINGBOX=false \
-            -t "${IMAGE}:latest" \
-            -t "${IMAGE}:${{ gitea.sha }}" \
-            .
-          docker push "${IMAGE}:latest"
-          docker push "${IMAGE}:${{ gitea.sha }}"
-
-  deploy:
-    runs-on: lxc-111
-    needs: build-and-push
-    steps:
-      - name: Clone repository
-        env:
-          GIT_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
-        run: |
-          set -euo pipefail
-          SERVER_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
-          rm -rf repo
-          git clone --depth 2 "http://${{ gitea.actor }}:${GIT_TOKEN}@${SERVER_HOST}/${{ gitea.repository }}.git" repo
-          cd repo
-          git checkout ${{ gitea.sha }}
-
-      - name: Deploy gateway to LXC 111
-        run: |
-          set -euo pipefail
-          cd repo
-          REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
-          IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway"
-          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "$REGISTRY_HOST" -u "${{ gitea.actor }}" --password-stdin
-          DEPLOY_PATH="${{ env.DEPLOY_PATH }}" GATEWAY_IMAGE="${IMAGE}:${{ gitea.sha }}" bash scripts/deploy-gateway.sh
+          BUILD_HOST=local \
+          DEPLOY_HOST=111 \
+          DEPLOY_PATH="${{ env.DEPLOY_PATH }}" \
+          BASE_IMAGE="${{ env.BASE_IMAGE }}" \
+          SINGBOX_VERSION="${{ env.SINGBOX_VERSION }}" \
+          IMAGE_TAG="${{ gitea.sha }}" \
+          bash scripts/build-on-107-deploy-111.sh
diff --git a/scripts/build-on-107-deploy-111.sh b/scripts/build-on-107-deploy-111.sh
index 7ecdaf0..794e848 100755
--- a/scripts/build-on-107-deploy-111.sh
+++ b/scripts/build-on-107-deploy-111.sh
@@ -21,25 +21,53 @@ echo "Image: ${GATEWAY_IMAGE}"
 echo "Base image: ${BASE_IMAGE}"
 
 echo "Syncing source to ${BUILD_HOST}:${BUILD_PATH}"
-ssh "${BUILD_HOST}" "mkdir -p '${BUILD_PATH}'"
-rsync -az --delete \
-  --exclude '.git' \
-  --exclude '.vpn-proxy' \
-  --exclude 'node_modules' \
-  --exclude 'dist' \
-  ./ "${BUILD_HOST}:${BUILD_PATH}/"
+if [ "${BUILD_HOST}" = "local" ]; then
+  BUILD_PATH="$(pwd)"
+  echo "Using local source at ${BUILD_PATH}"
+else
+  ssh "${BUILD_HOST}" "mkdir -p '${BUILD_PATH}'"
+  rsync -az --delete \
+    --exclude '.git' \
+    --exclude '.vpn-proxy' \
+    --exclude 'node_modules' \
+    --exclude 'dist' \
+    ./ "${BUILD_HOST}:${BUILD_PATH}/"
+fi
 
 echo "Building image on ${BUILD_HOST}"
-ssh "${BUILD_HOST}" \
-  "set -e; echo 'Docker context:' \$(docker context show 2>/dev/null || true); docker info 2>/dev/null | sed -n '/HTTP Proxy:/p;/HTTPS Proxy:/p;/Name:/p'; docker image inspect '${BASE_IMAGE}' >/dev/null || { echo 'Runtime base image ${BASE_IMAGE} is missing on ${BUILD_HOST}.'; echo 'Seed it once with: ./scripts/build-runtime-base.sh'; exit 1; }; cd '${BUILD_PATH}' && npm ci && npm run build && docker build --pull='${DOCKER_BUILD_PULL}' --build-arg BASE_IMAGE='${BASE_IMAGE}' --build-arg SINGBOX_VERSION='${SINGBOX_VERSION}' --build-arg INSTALL_RUNTIME_DEPS='${INSTALL_RUNTIME_DEPS}' --build-arg INSTALL_SINGBOX='${INSTALL_SINGBOX}' -t '${GATEWAY_IMAGE}' ."
+BUILD_COMMAND="set -e; echo 'Docker context:' \$(docker context show 2>/dev/null || true); docker info 2>/dev/null | sed -n '/HTTP Proxy:/p;/HTTPS Proxy:/p;/Name:/p'; docker image inspect '${BASE_IMAGE}' >/dev/null || { echo 'Runtime base image ${BASE_IMAGE} is missing on ${BUILD_HOST}.'; echo 'Seed it once with: ./scripts/build-runtime-base.sh'; exit 1; }; cd '${BUILD_PATH}' && npm ci && npm run build && docker build --pull='${DOCKER_BUILD_PULL}' --build-arg BASE_IMAGE='${BASE_IMAGE}' --build-arg SINGBOX_VERSION='${SINGBOX_VERSION}' --build-arg INSTALL_RUNTIME_DEPS='${INSTALL_RUNTIME_DEPS}' --build-arg INSTALL_SINGBOX='${INSTALL_SINGBOX}' -t '${GATEWAY_IMAGE}' ."
+if [ "${BUILD_HOST}" = "local" ]; then
+  bash -lc "${BUILD_COMMAND}"
+else
+  ssh "${BUILD_HOST}" "${BUILD_COMMAND}"
+fi
 
 echo "Loading image into ${DEPLOY_HOST}"
-ssh "${BUILD_HOST}" "docker save '${GATEWAY_IMAGE}'" | ssh "${DEPLOY_HOST}" "docker load"
+if [ "${BUILD_HOST}" = "local" ] && [ "${DEPLOY_HOST}" = "local" ]; then
+  docker image inspect "${GATEWAY_IMAGE}" >/dev/null
+elif [ "${BUILD_HOST}" = "local" ]; then
+  docker save "${GATEWAY_IMAGE}" | ssh "${DEPLOY_HOST}" "docker load"
+elif [ "${DEPLOY_HOST}" = "local" ]; then
+  ssh "${BUILD_HOST}" "docker save '${GATEWAY_IMAGE}'" | docker load
+else
+  ssh "${BUILD_HOST}" "docker save '${GATEWAY_IMAGE}'" | ssh "${DEPLOY_HOST}" "docker load"
+fi
 
 echo "Copying deploy script to ${DEPLOY_HOST}:${DEPLOY_PATH}"
-ssh "${DEPLOY_HOST}" "mkdir -p '${DEPLOY_PATH}'"
-rsync -az scripts/deploy-gateway.sh "${DEPLOY_HOST}:${DEPLOY_PATH}/deploy-gateway.sh"
+if [ "${DEPLOY_HOST}" = "local" ]; then
+  mkdir -p "${DEPLOY_PATH}"
+  cp scripts/deploy-gateway.sh "${DEPLOY_PATH}/deploy-gateway.sh"
+else
+  ssh "${DEPLOY_HOST}" "mkdir -p '${DEPLOY_PATH}'"
+  rsync -az scripts/deploy-gateway.sh "${DEPLOY_HOST}:${DEPLOY_PATH}/deploy-gateway.sh"
+fi
 
 echo "Starting gateway on ${DEPLOY_HOST}"
-ssh "${DEPLOY_HOST}" \
-  "cd '${DEPLOY_PATH}' && chmod +x ./deploy-gateway.sh && DEPLOY_PATH='${DEPLOY_PATH}' GATEWAY_IMAGE='${GATEWAY_IMAGE}' PULL_IMAGE=false ./deploy-gateway.sh"
+if [ "${DEPLOY_HOST}" = "local" ]; then
+  cd "${DEPLOY_PATH}"
+  chmod +x ./deploy-gateway.sh
+  DEPLOY_PATH="${DEPLOY_PATH}" GATEWAY_IMAGE="${GATEWAY_IMAGE}" PULL_IMAGE=false ./deploy-gateway.sh
+else
+  ssh "${DEPLOY_HOST}" \
+    "cd '${DEPLOY_PATH}' && chmod +x ./deploy-gateway.sh && DEPLOY_PATH='${DEPLOY_PATH}' GATEWAY_IMAGE='${GATEWAY_IMAGE}' PULL_IMAGE=false ./deploy-gateway.sh"
+fi