- README.md: update prompt count ~65 to ~70
- contracts/gitea-api.md: fix "Used in" annotations — POST
branch_protections is Phase 7 only (not Phase 9), DELETE
branch_protections is Phase 7 teardown only (Phase 9 uses PATCH),
add missing used-in entries for GET commits and GET contents
- PLAN.md: replace stale UNRAID_GITEA_PORT/FEDORA_GITEA_PORT with
macvlan vars, update REPO_N_NAME to REPO_NAMES, fix version defaults
(1.23->1.25, 0.2.11->0.3.0), add missing setup/ files to tree,
fix prompt table to match current ~70 variables, update require_vars
lists to match actual scripts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- manage_runner.sh: fix RUNNER_DEFAULT_IMAGE clobbering by renaming
per-runner var to RUNNER_SECTION_IMAGE; .env fallback now works
- manage_runner.sh: render native runner config.yaml before registration
so act_runner can read it during --config flag
- manage_runner.sh: add SSH credential validation for remote hosts
(fail early with clear error instead of cryptic SSH failure)
- phase1/phase2: add UNRAID_DB_IP/FEDORA_DB_IP to conditional
require_vars when DB_TYPE != sqlite3
- cleanup.sh: only clear manifest when all actions for host succeeded;
failed actions are preserved for retry
- phase8_cutover.sh: strip empty environment: block from Caddy
docker-compose when TLS_MODE=existing
- phase5_migrate_pipelines.sh, phase5_teardown.sh, phase9_teardown.sh:
wrap cd+git in subshells so working directory is always restored
- phase3_post_check.sh: handle both string and numeric runner status
from Gitea API (offline vs 2)
- configure_env.sh: fix TOTAL_PROMPTS base count (63->64) and move
DB/repo count adjustments before their prompts are shown
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
MIGRATION_POLL_INTERVAL_SEC and MIGRATION_POLL_TIMEOUT_SEC were in
.env.example and used by phase4, but missing from validate_env()
arrays and configure_env.sh prompts. Preflight would not catch
invalid values. Now validated as positive_integer and prompted
in the REPOSITORIES section of the wizard.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
CADDY_DOMAIN was required/validated/prompted but never used — the
Caddyfile only referenced GITEA_DOMAIN, producing a single-domain
cert. Now the template uses *.CADDY_DOMAIN as the site address
(wildcard cert) with a host matcher routing GITEA_DOMAIN to Gitea.
This means the cert covers all subdomains under the base domain.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Previously, a failure on any repo (clone, commit, push) would kill the
entire script via set -e. Remaining repos were never processed and the
FAILED counter was always 0. Now clone and commit/push failures
increment FAILED and continue to the next repo, matching the pattern
used in phase4_migrate_repos.sh.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
get_repo_list() — never called, scripts use read -ra directly
wait_for_ssh() — never called, scripts use ssh_check
validate_optional() — never called, optional type unused in arrays
manifest_exists() — never called
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Identical copies of _set_db_vars() and _strip_block() existed in
phase1, phase2, and phase8. Moved to lib/common.sh as set_db_vars()
and strip_template_block() (public API, no underscore prefix).
Removed dead _strip_block definition from phase8 (defined but never called).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
No phase script deploys Caddy on Fedora — only Unraid gets a Caddy
container. Removed from .env.example, validation arrays, preflight
required vars, IP ping check, wizard prompts, and doc references.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Phase 5 authenticates via GITEA_ADMIN_TOKEN only (git_with_auth uses
the token, not the password). Phase 9 already correctly omits it.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
restore_to_primary.sh uses GITEA_DB_USER, GITEA_DB_PASSWD, and
GITEA_DB_NAME for external DB restore but never required them upfront.
Adds conditional require_vars when GITEA_DB_TYPE != sqlite3.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Added note that plan describes original architecture with diffs noted
- Architecture table: Nginx+Certbot→Caddy+Cloudflare DNS-01
- File structure: nginx-gitea.conf.tpl→Caddyfile.tpl + caddy compose
- Variable table: NGINX_*/SSL_MODE/SSL_EMAIL→TLS_MODE/CADDY_*/CLOUDFLARE_*
- Preflight checks: port checks→container IP availability, Nginx→Caddy path
- Phase 8: complete rewrite from 10-step Nginx flow to 6-step Caddy flow
- Template section: replaced nginx template spec with Caddy template spec
- Removed stale port variables from "Not checked" list
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
