From e16f401dc50e05d46cda6ffc8cc17e530ecd8bd1 Mon Sep 17 00:00:00 2001
From: Dmitriy Petrov <floplopru@gmail.com>
Date: Sat, 9 May 2026 10:41:36 +0300
Subject: [PATCH] Run gateway builds on 107 and deploy on 111

---
 .gitea/workflows/gateway-build.yml | 38 +++++++++++++++++++++++-------
 1 file changed, 30 insertions(+), 8 deletions(-)

diff --git a/.gitea/workflows/gateway-build.yml b/.gitea/workflows/gateway-build.yml
index 7037c4f..54a8359 100644
--- a/.gitea/workflows/gateway-build.yml
+++ b/.gitea/workflows/gateway-build.yml
@@ -7,10 +7,12 @@ on:
 
 env:
   DEPLOY_PATH: /opt/vpn-proxy
+  BASE_IMAGE: mirror.gcr.io/library/debian:bookworm-slim
+  SINGBOX_VERSION: 1.12.13
 
 jobs:
-  build-and-deploy:
-    runs-on: lxc-111
+  build-and-push:
+    runs-on: lxc-107
     steps:
       - name: Clone repository
         env:
@@ -23,33 +25,53 @@ jobs:
           cd repo
           git checkout ${{ gitea.sha }}
 
-      - name: Build frontend
+      - name: Build frontend and gateway image
         run: |
           set -euo pipefail
           cd repo
           npm ci --no-audit --no-fund
           npm run build
 
-      - name: Build and push gateway image
-        run: |
-          set -euo pipefail
-          cd repo
           REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
           IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway"
 
+          echo "Build runner: $(hostname)"
+          echo "Base image: ${{ env.BASE_IMAGE }}"
+          echo "Docker context: $(docker context show 2>/dev/null || true)"
+          docker info 2>/dev/null | sed -n '/HTTP Proxy:/p;/HTTPS Proxy:/p;/Name:/p'
+
           echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "$REGISTRY_HOST" -u "${{ gitea.actor }}" --password-stdin
           DOCKER_BUILDKIT=1 docker build \
             --network host \
+            --pull=false \
+            --build-arg BASE_IMAGE="${{ env.BASE_IMAGE }}" \
+            --build-arg SINGBOX_VERSION="${{ env.SINGBOX_VERSION }}" \
             -t "${IMAGE}:latest" \
             -t "${IMAGE}:${{ gitea.sha }}" \
             .
           docker push "${IMAGE}:latest"
           docker push "${IMAGE}:${{ gitea.sha }}"
 
+  deploy:
+    runs-on: lxc-111
+    needs: build-and-push
+    steps:
+      - name: Clone repository
+        env:
+          GIT_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
+        run: |
+          set -euo pipefail
+          SERVER_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
+          rm -rf repo
+          git clone --depth 2 "http://${{ gitea.actor }}:${GIT_TOKEN}@${SERVER_HOST}/${{ gitea.repository }}.git" repo
+          cd repo
+          git checkout ${{ gitea.sha }}
+
       - name: Deploy gateway to LXC 111
         run: |
           set -euo pipefail
           cd repo
           REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
           IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}/gateway"
-          DEPLOY_PATH="${{ env.DEPLOY_PATH }}" GATEWAY_IMAGE="${IMAGE}:latest" bash scripts/deploy-gateway.sh
+          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "$REGISTRY_HOST" -u "${{ gitea.actor }}" --password-stdin
+          DEPLOY_PATH="${{ env.DEPLOY_PATH }}" GATEWAY_IMAGE="${IMAGE}:${{ gitea.sha }}" bash scripts/deploy-gateway.sh