feat: Kamal production deployment with CI/CD by zainfathoni · Pull Request #199 · zainfathoni/kelas.rumahberbagi.com

zainfathoni · 2026-01-01T11:10:07Z

Closes rb-4ca

Summary

Complete production deployment infrastructure using Kamal 2.0 with automated CI/CD pipeline.

Production Environment

URL: https://kelas.rumahberbagi.com
VPS: 103.235.75.227 (Jetorbit)
SSL: Managed by kamal-proxy (Let's Encrypt)
Database: SQLite at /data/kelas/db/prod.db

Key Changes

Deployment Infrastructure

Dockerfile - Multi-stage build for Remix app with Prisma
config/deploy.yml - Kamal 2.0 configuration
.kamal/secrets.example - Template for local secrets

CI/CD Pipeline

.github/workflows/ci.yml - Renamed from test.yml for consistency
.github/workflows/deploy.yml - Auto-deploy after CI passes on main
Docker layer caching via GitHub Actions cache
Uses workflow_run trigger (no duplicate test jobs)

Documentation

docs/deployment.md - Deployment guide with secrets setup
docs/backup-setup.md - Database backup configuration
docs/decisions/001-kamal-deployment.md - ADR

Vercel Disabled

vercel.json - Set deploymentEnabled: false

GitHub Secrets Required

Repository secrets:

SSH_PRIVATE_KEY
KAMAL_REGISTRY_PASSWORD
MAILGUN_SENDING_KEY
MAILGUN_DOMAIN

Production environment secrets:

SESSION_SECRET
MAGIC_LINK_SECRET

Test Plan

Manual Kamal deployment successful
Production site accessible at https://kelas.rumahberbagi.com
GitHub secrets configured
CI/CD workflow triggers on merge to main
Auto-deployment completes successfully

- Add docs/decisions/001-kamal-deployment.md documenting the decision to use Kamal instead of PM2+nginx for production deployment - Remove docs/vps-deployment.md (superseded by Kamal approach) Key decision drivers: - Multi-app hosting support for future applications - Built-in HA capability with multiple servers - Docker-based consistency between environments - Zero-downtime deployments via Traefik

vercel · 2026-01-01T11:10:12Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
kelas	Ready	Preview, Comment	Jan 10, 2026 9:08am

Create production-ready Dockerfile with: - Build stage: node:24-alpine, npm ci, Prisma generate, Remix build - Production stage: pruned deps, non-root user, OpenSSL for Prisma - Explicit remix-serve path for CJS compatibility with Node 24 Update .dockerignore with comprehensive exclusions for faster builds.

- Create config/deploy.yml with server, registry, proxy, and env setup - Add .kamal/secrets.example documenting required secrets - Add .kamal/secrets to .gitignore

- Remove duplicate ghcr.io from image path - Use absolute path for DATABASE_URL (file:/app/prisma/prod.db) - Change 'multiarch: false' to 'arch: amd64' for Kamal 2.0

- Add backup-db.sh for daily SQLite backups with 30-day retention - Add restore-db.sh for safe database restoration - Add download-backup.sh to fetch backups to local machine - Add backup-setup.md documentation - Add prisma/backups/ to .gitignore Closes rb-4ca.7 Amp-Thread-ID: https://ampcode.com/threads/T-019ba70f-5528-749c-bab6-85ffe771776f Co-authored-by: Amp <amp@ampcode.com>

- Add playwright.docker.config.ts for testing deployed containers - Add npm scripts: test:e2e:docker, test:e2e:production - Add e2e/smoke.spec.ts for public pages (no auth required) - Support DOCKER_URL/BASE_URL env vars for flexible target URLs - Update docs with E2E testing instructions Tested against production: 6/6 smoke tests pass Co-authored-by: Amp <amp@ampcode.com> Amp-Thread-ID: https://ampcode.com/threads/T-019ba71d-6242-72af-920f-7986c36e6c86

- Disable Vercel deployments (deploymentEnabled: false) - Create .github/workflows/deploy.yml with full test suite - Deploy only after lint, type-check, unit-test, e2e-test pass - Add Docker layer caching (type=gha) for faster builds - Document required GitHub Secrets in docs/deployment.md Closes rb-s6j Amp-Thread-ID: https://ampcode.com/threads/T-019ba734-5d2d-76f9-af80-0cef9b28f467 Co-authored-by: Amp <amp@ampcode.com>

- Split secrets into Repository (shared) and Environment (per-env) - Add environment: production to deploy job - Use dummy values for E2E test secrets (not needed for testing)

Deploy workflow now triggers after CI workflow passes on main, instead of duplicating all test jobs.

zainfathoni added 2 commits January 1, 2026 18:06

docs: add command to add comments in the work management section

09dc442

vercel Bot deployed to Preview January 1, 2026 11:10 View deployment

zainfathoni added 4 commits January 8, 2026 07:24

fix: remove unused plugins from settings

be35df0

feat: add Kamal 2.0 deployment configuration

8d46f83

- Create config/deploy.yml with server, registry, proxy, and env setup - Add .kamal/secrets.example documenting required secrets - Add .kamal/secrets to .gitignore

fix: correct Kamal deploy config for local Docker testing

647ef94

- Remove duplicate ghcr.io from image path - Use absolute path for DATABASE_URL (file:/app/prisma/prod.db) - Change 'multiarch: false' to 'arch: amd64' for Kamal 2.0

vercel Bot deployed to Preview January 10, 2026 00:05 View deployment

zainfathoni added 2 commits January 10, 2026 15:24

fix(deploy): update VPS IP address in Kamal config

812febe

feat: add UI Preview skill and configuration for Chrome DevTools

2bacc1f

vercel Bot deployed to Preview January 10, 2026 08:25 View deployment

fix: update payment recipient to Zain Fathoni

9e13ca8

vercel Bot deployed to Preview January 10, 2026 08:31 View deployment

vercel Bot deployed to Preview January 10, 2026 08:50 View deployment

zainfathoni marked this pull request as ready for review January 10, 2026 08:53