2.8 KiB
phase-6.md — Deploy: steveternet compose + Traefik, env, docs, model script
Re-ground: CLAUDE.md + ADR-0002 (placement), 0010 (security). Plan, get
approval, implement. This phase touches two repos and must mirror existing
steveternet conventions — read them, don't invent.
Objective
Make foreman deployable on orgrimmar via Komodo, exposed through Traefik, with its model roster and operational notes documented.
Tasks — read first (gitea MCP, steve/steveternet)
Study these for the exact conventions (network name, entrypoint, certresolver,
router/service label format, restart policy, .env usage):
kalimdor/orgrimmar/warhol-queue/{docker-compose.yml,.env.example},
kalimdor/orgrimmar/ratchet/docker-compose.yml,
kalimdor/orgrimmar/mort/docker-compose.yml, and
kalimdor/orgrimmar/traefik/ (incl. custom/).
Tasks — foreman repo
- Finalize the
Dockerfilefrom Phase 1 (label image, pin base digests if that's the house style). .env.example: every config key with safe placeholder values, includingFOREMAN_OLLAMA_URL(the Mac's Tailscale address) andFOREMAN_TOKEN.scripts/pull-models.sh: the roster pulls (qwen3:14b,qwen3:30b,nomic-embed-text, with the optional ones commented) plus the Mac-sidelaunchctl setenv OLLAMA_MAX_LOADED_MODELS 2 / OLLAMA_KEEP_ALIVE -1 / OLLAMA_CONTEXT_LENGTH 8192lines as comments.docs/deploy.md: how it deploys (Komodo + compose), the security model (Traefik internal-only or Tailscale; not a public entrypoint; Ollama target firewalled to foreman), and the Mac prerequisites (Ollama bound to the tailnet,caffeinate/pmset).
Tasks — steveternet repo (gitea MCP; branch/PR, not main)
- Create
kalimdor/orgrimmar/foreman/docker-compose.ymlmirroring the analogs: pull the foreman image from the gitea registry, the standard Traefik network + router/service labels,restartpolicy, env from.env, and a named volume for the SQLite DB. Decide (and note) whether the router is internal-only. - Add
kalimdor/orgrimmar/foreman/.env.example. - If host-level routing belongs in
traefik/custom/(as some services do), add the file there instead/as-well, following those examples.
Definition of done
docker build .clean; compose validates (docker compose config).- Labels/network/entrypoint match a sibling service exactly (diff against
ratchet/warhol-queueand confirm). docs/deploy.mdis enough for a cold deploy. steveternet changes are on a branch/PR for review.
Wrap up: progress.md (mark the project deployable), commit foreman docs/scripts
on phase-6-deploy; report the steveternet branch/PR. Then give me a short
end-to-end smoke-test checklist (pull models on the Mac → deploy foreman → go-llm
chat → POST /jobs with a webhook).