feat: add phase 7.5 Nginx to Caddy migration script and update usage guide
This commit is contained in:
S
@@ -55,6 +55,7 @@ The entire process is driven from a MacBook over SSH. Nothing is installed on th
|
||||
| 6 | `phase6_github_mirrors.sh` | Configure push mirrors from Gitea to GitHub, disable GitHub Actions |
|
||||
| 7 | `phase7_branch_protection.sh` | Apply branch protection rules to all repos |
|
||||
| 8 | `phase8_cutover.sh` | Deploy Caddy HTTPS reverse proxy (Cloudflare DNS-01 or existing certs), mark GitHub repos as mirrors |
|
||||
| 7.5 (optional) | `phase7_5_nginx_to_caddy.sh` | One-time multi-domain Nginx -> Caddy migration helper (canary/full), supports `sintheus.com` + `privacyindesign.com` in one Caddy |
|
||||
| 9 | `phase9_security.sh` | Deploy Semgrep + Trivy + Gitleaks security scanning workflows |
|
||||
|
||||
Each phase has three scripts: the main script, a `_post_check.sh` that independently verifies success, and a `_teardown.sh` that cleanly reverses the phase.
|
||||
@@ -96,6 +97,8 @@ gitea-migration/
|
||||
├── run_all.sh # Full pipeline orchestration
|
||||
├── post-migration-check.sh # Read-only infrastructure state check
|
||||
├── teardown_all.sh # Reverse teardown (9 to 1)
|
||||
├── phase7_5_nginx_to_caddy.sh # Optional one-time Nginx -> Caddy consolidation step
|
||||
├── TODO.md # Phase 7.5 migration context, backlog, and DoD
|
||||
├── manage_runner.sh # Dynamic runner add/remove/list
|
||||
├── phase{1-9}_*.sh # Main phase scripts
|
||||
├── phase{1-9}_post_check.sh # Verification scripts
|
||||
|
||||
Reference in New Issue
Block a user