Three coordinated fixes from the upgrade-flow redesign plan
(/home/bunker-admin/.claude/plans/okay-so-we-can-enumerated-hejlsberg.md):
1. scripts/lib/mkdocs-snapshot.sh (NEW): pre-upgrade tarball snapshot of
the entire mkdocs/ directory into the install root as
mkdocs-backup-<timestamp>.tar.gz. Discoverable via `ls`, retained last 5.
No-regrets fallback if anything in the upgrade goes sideways. Sourced
by upgrade.sh (and later by image-upgrade.sh under Approach B).
2. scripts/upgrade.sh Phase 6 self-destruct fix: previously, the broad
`docker compose up -d` recreated the ccp-agent container that was
running the script, sending SIGKILL to the bash process before
write_result could land result.json. Marcelle's test upgrade hit this
tonight. Fix: temporarily remove `ccp-agent` from COMPOSE_PROFILES
during Phase 6's broad up -d, then schedule a detached `nohup ... &
disown` restart at the very end of the script (after write_result and
archive_success_to_history). The deferred subshell sleeps 3s, then
recreates ccp-agent under its profile, picking up the new image.
3. scripts/upgrade-stash-cleanup.sh (NEW): one-shot utility to list and
drop accumulated `upgrade-*` git stashes left over by older upgrade.sh
runs whose pop failed silently (Pride Corner has three from 2026-03-09
alone). Warns loudly if any stash holds tenant mkdocs.yml content so
operators verify recovery before dropping.
The .gitignore now excludes /mkdocs-backup-*.tar.gz so the rescue
archives don't leak into commits.
This is Phase 1 of three: Approach B (image-only upgrade mode) and
Approach C (CCP template re-render) follow in subsequent commits.
Bunker Admin
api/dist/ (468 files, 11MB) and admin/tsconfig.tsbuildinfo were committed
before being added to .gitignore — the rule had no effect on the existing
tracked copies. Untrack them now so future Docker rebuilds stop showing
spurious diffs. Files stay on disk; rebuild regenerates everything.
Also add *.tsbuildinfo to .gitignore so future tsc incremental caches stay
out of git.
Major additions: onboarding tour system, correlation-id middleware, media
error handler, restore script, env validation script, Dockerignore files.
Updates across 70+ admin components for improved UX and error handling.
Bunker Admin
New install method: curl one-liner downloads a lightweight release
tarball (~9 MB) and runs the config wizard. No git clone needed,
no TypeScript compilation — pulls pre-built images from Gitea registry.
- docker-compose.prod.yml: production compose without build blocks or
source code volume mounts; IMAGE_TAG defaults to latest
- scripts/install.sh: curl-friendly installer (downloads tarball,
extracts, runs config.sh)
- scripts/build-release.sh: creates release tarball from dev repo
with only runtime files (configs, scripts, docs, empty data dirs)
- config.sh: release-mode detection (VERSION file + no .git dir),
auto-sets IMAGE_TAG=latest and NODE_ENV=production
- upgrade.sh: release-mode upgrade path (downloads new tarball from
Gitea Releases API instead of git pull, always uses registry mode)
- upgrade-check.sh: release-mode version check via Gitea API
- .gitignore: exclude releases/ and api/dist/
- Docs: updated getting-started with pre-built install instructions
Bunker Admin
Remove V1 legacy configs (admin.conf, public.conf) and orphaned backup that
were never used by the container. Stop tracking generated .conf files (built
from *.template by envsubst at startup). Backport improvements to templates:
variable proxy_pass for media-api (fixes startup crash when container is down),
extended bot detection list, and mkdocs-proxy location for volunteer map docs.
Bunker Admin
API container writes trigger files to a shared volume (data/upgrade/),
and a systemd path watcher on the host detects them and runs the
upgrade scripts. This avoids giving the container Docker socket access.
- Add upgrade-check.sh (git fetch + compare + write status.json)
- Add upgrade-watcher.sh (systemd bridge, dispatches check/upgrade)
- Add systemd path/service units with placeholder substitution
- Modify upgrade.sh with --api-mode flag (progress.json + result.json)
- Add API upgrade module (service + routes, SUPER_ADMIN only)
- Add System tab to Settings page with version info, changelog,
progress steps, and upgrade confirmation modal
- Add upgrade watcher installation to config.sh wizard
- Add data/upgrade/ shared volume to api service in docker-compose
Bunker Admin
