ship.git/internal, branch agent-mode Deploy to your VPS in one command https://code.northwest.io/ship.git/atom?h=agent-mode 2026-02-17T15:59:50+00:00 Fix port collision bug, add --container-port flag 2026-02-17T15:59:50+00:00 Clawd ai@clawd.bot 2026-02-17T15:59:50+00:00 urn:sha1:d97bb6f53eefd2139115d39bca7e17d565222472 Port allocation: - Use atomic flock-based allocation via /etc/ship/next_port - Prevents race conditions when multiple deploys run concurrently - Each app still gets its port stored in /etc/ship/ports/<name> Docker container port: - Add --container-port flag (default 80) - Template now uses {{.ContainerPort}} instead of hardcoded 80 - Supports containers that listen on 8080, 3000, etc. Remove v1 code, simplify state to just base_domain 2026-02-17T15:54:26+00:00 Clawd ai@clawd.bot 2026-02-17T15:54:26+00:00 urn:sha1:6b2c04728cd914f27ae62c1df0bf5df24ac9a628 - Delete all v1 commands (deploy, init, list, status, remove, etc.) - Delete v1 env/ and host/ subcommand directories - Simplify state.go: remove NextPort, Apps, AllocatePort, etc. - Local state now only tracks default_host + base_domain per host - Ports and deploys are tracked on the server (/etc/ship/ports/) - host init now creates minimal state.json Fix Docker port mapping: map host port to container port 80 2026-02-17T01:18:07+00:00 Clawd ai@clawd.bot 2026-02-17T01:18:07+00:00 urn:sha1:3cd1ee83993b2543a7701a48d048c417c52bfdcb Most Docker web containers (nginx, etc.) listen on port 80 internally. The previous mapping assumed the container listened on the allocated port. fix: make ErrorResponse implement error interface for v1 compat 2026-02-16T02:57:28+00:00 Clawd ai@clawd.bot 2026-02-16T02:57:28+00:00 urn:sha1:626055c95ded6ef22c913b47266125884a84fa1c feat(v2): implement ship host init with JSON output 2026-02-16T02:52:55+00:00 Clawd ai@clawd.bot 2026-02-16T02:52:55+00:00 urn:sha1:a7436dfcc01a599bbb99a810bd59e92b21252c78 - host_v2.go: full host initialization with JSON responses - Installs Caddy, Docker on Ubuntu/Debian - Creates /etc/ship/{env,ports,ttl} directories - Installs TTL cleanup timer (hourly systemd timer) - Cleanup script removes expired deploys completely - Preserves git deploy setup functionality (optional) - Added ErrInvalidArgs error code Critical 'host init' functionality preserved for v2 feat(v2): add output and detect packages 2026-02-16T02:47:15+00:00 Clawd ai@clawd.bot 2026-02-16T02:47:15+00:00 urn:sha1:5b8893550130ad8ffe39a6523a11994757493691 - internal/output: JSON response types, error codes, exit codes, pretty output - internal/detect: auto-detection of project type (static/docker/binary) - PROGRESS.md: track rebuild progress Foundation for agent-first JSON interface per SPEC.md Add cgit web interface for browsing repos 2026-02-14T15:56:22+00:00 bndw ben@bdw.to 2026-02-14T15:56:22+00:00 urn:sha1:f0dfabe5b7f1f8d23169c6e62a2f0c27bd6c5463 Adds cgit as a web frontend for browsing git repositories. Visiting the base domain now shows a cgit repo index with trees, commits, diffs, and blame views. Public repos (marked with git-daemon-export-ok) are browsable and cloneable over HTTPS. - Install cgit during host init - Configure cgit with dark theme and base domain integration - Add cgit CGI handler to base domain Caddyfile - Update README to emphasize git-centric workflow with cgit frontend Remove --module flag, add --public, make hooks smarter 2026-02-11T05:29:20+00:00 bndw ben@bdw.to 2026-02-11T05:29:20+00:00 urn:sha1:c49a067ac84ac5c1691ecf4db6a9bf791246899f Drop git-module type — the post-receive hook now checks for a Dockerfile before building, so repos without one simply skip deploy on push. This covers Go modules and libraries that only need vanity imports. Add --public flag to ship init for per-repo HTTPS clone visibility. Show visibility column in ship list. Harden security: name validation, scoped sudoers, safe.directory 2026-02-11T05:29:08+00:00 bndw ben@bdw.to 2026-02-11T05:29:08+00:00 urn:sha1:47d4b3b6e4d68660e6e1e05fe2e1c0839f86e40e - Add ValidateName() enforcing ^[a-z][a-z0-9-]{0,62}$ on all entry points - Tighten sudoers to restrict cp sources/destinations and chown targets - Scope git safe.directory to www-data user only (preserves CVE-2022-24765) - Add www-data to git group and caddy to www-data group for fcgiwrap - Fix vanity import template to use orig_uri placeholder - Restart (not reload) services after group changes - Add name validation to env subcommands and deploy_cmd Add git-centric deployment with Docker builds and vanity imports 2026-02-08T20:32:59+00:00 bndw ben@bdw.to 2026-02-08T20:32:59+00:00 urn:sha1:a8ad8e934d15d2bf84f942414a89af1d2691adbc New deployment model where projects start with a git remote on the VPS. Pushing to the remote triggers automatic docker build and deploy via post-receive hooks. The base domain serves Go vanity imports and git HTTPS cloning via Caddy + fcgiwrap. - Add `ship init <name>` command to create bare repos and .ship/ config - Add `ship deploy <name>` command for manual rebuilds - Extend `ship host init --base-domain` to set up Docker, git user, fcgiwrap, sudoers, and vanity import infrastructure - Add git-app and git-static types alongside existing app and static - Update remove, status, logs, restart, list, and config-update to handle new types