ci: implement 3-stage deployment pipeline with semantic-release

README.md

@@ -1,95 +1,142 @@
-# 🚀 Personal Portfolio Website
+# 🚀 Portfolio Bonanza
 
-My schnazzy portfolio turbocharged with Nuxt 4 and zero-downtime deployment wizardry! ✨
+A spicy little portfolio site with some absolutely ridiculous SMS shenanigans built on Nuxt 4! Looks like things are getting too spicy for the pepper! 🌶️ 
 
-## ⭐ What's Inside
+## ✨ The Good Stuff
 
-- 🌙 **Dark UI** with DaisyUI components
-- 📱 **SMS Contact Form** with phone verification (because emails are so last millennium)
-- 🎨 **Smooth animations** and typing effects
-- 🐳 **Zero-downtime deployments** via Docker + HAProxy
-- 🔐 **WireGuard tunnel** to home SMS gateway
+- 🌙 **Night mode everything** - DaisyUI components that won't burn your eyeballs
+- 📱 **SMS contact form** - Because I get wayyy too many emails already 
+- 🎭 **Snazzy animations** - ScrollReveal + Typed.js doing their thang
+- 🐳 **Zero-downtime deploys** - Blue-green magic with Docker & HAProxy
+- 🔧 **Overengineered infrastructure** - We like to do things the hard way over here
 
-## 🚀 Quick Start
+## 🏃‍♂️ Getting Started
 
 ```bash
-# Install dependencies
+# Grab the dependencies
 bun install
 
-# Start development server
+# Copy example env file and edit
+cp .env.example .env && nano .env
+
+# Fire up the dev server
 bun run dev
 
-# Build for production
+# Build the contraption
 bun run build
 
-# Generate static site
+# Bake it
 bun run generate
 ```
 
-**Coffee Levels:**  
-☕  
-☕☕  
-☕☕☕  
-☕☕☕☕  
-🚨🚨🚨🚨🚨  
+**Current vibe levels:**  
+😴 sleepy  
+🙂 caffeinated  
+🤓 productive  
+🔥 on fire  
+💀 send halp  
 
-## 📱 Contact System Flow
+## 📞 Contact Form Wizardry
 
-A bamboozling two-step form: collect message → verify phone → SMS me directly!
-Rate limited to prevent spam-a-geddon. 🚫
+Two-step verification dance: drop your message → prove you're human with SMS → message gets yeeted to my phone via some questionable infrastructure choices.
 
-## 🏗️ Architecture
+Rate-limited because spam just sucksssss! 🛡️
+
+## 🏗️ Infrastructure Tomfoolery
+
+Here's where things get ~completely~ unhinged:
 
 ```
-🌍 Internet → VPS → 🔐 WireGuard → 🏠 Android SMS Gateway
+🌐 Your Browser → Some VPS → 🔐 WireGuard Tunnel 
+→ 🏠 Home Network → 🧟‍♂️ My Frankenstein Phone/SMS-Gateway 
+→ 📱 Someone's Legit Regular Phone
 ```
 
-Copy `.env.example` to `.env` for configuration.
+### The SMS Gateway Setup
+
+I'm running the `android-sms-gateway` app on a completely deranged setup:
+- **Hardware:** Pixel 1 with the battery surgically removed (no spicy pillows please)
+- **Power:** Permanently plugged into the wall like some kind of cursed landline
+- **Network:** Hardwired ethernet via USB-C adapter ("WhyFight" with WiFi?)
+- **Purpose:** Sits there 24/7 just waiting to send OTPs and forward your messages to my actual phone
+
+The whole contraption lives on my home network and the VPS reaches it through a WireGuard tunnel because apparently I enjoy making simple things complicated just to save $2 a month!
+
+## 🌳 Git Workflow Madness
+
+This repo follows a three-branch strategy with automated promotions because manually managing branches is for chumps:
+
+- **`dev`** - Where the magic happens! All new features and fixes go here
+- **`staging`** - Integration testing playground, auto-promoted from develop daily Monday-Friday at 13:00 UTC/05:00 AM PST
+- **`main`** - Production branch, gets promoted from staging weekly on Mondays at 12:00 UTC/04:00 AM PST
+
+### The Repository Setup
+
+We're running a bit of a funky setup here:
+- **Primary repo:** Self-hosted Forgejo instance (because it's more fun that way!)
+- **Mirror:** GitHub (push-only mirror for CI/CD and visibility)
+- **CI/CD:** GitHub Actions (triggered by the mirror's pushes or scheduled)
+
+So the workflow is: push to Forgejo origin → auto-mirrors to GitHub → GitHub Actions does the heavy lifting.
+
+### Branch Promotion Dance 💃
+
+**Daily (develop → staging):**
+- Checks if develop has new commits since last staging update
+- Validates that the latest build actually passed
+- Fast-forward merge to staging (keeps history clean)
+- Supports `[skip ci]` in commit messages for any oopsies or boo-boos
+
+**Weekly (staging → main):**
+- Runs semantic-release on staging for proper versioning
+- Fast-forward merge to main for production release
+- Some branch rebasing gymnastics to keep develop up-to-date
+- Also supports `[skip ci]`
 
 ## 🚢 Deployment Shenanigans
 
-Push to `staging` or `release` branches to trigger blue-green deployments!
+Any (automated) pushes to `staging` or `main` branches to trigger blue-green staging and production deployments! Easy peasy lemon squeezy!
 
 ### Blue-Green Magic ✨
-1. **Build Phase:** Build new containers alongside old ones
+1. **Build Phase:** Build new containers and validate
 2. **Deploy Phase:** Health check the newbies
-3. **Switch Phase:** HAProxy traffic switcheroo
-4. **Cleanup Phase:** Cleanup old containers
+3. **Switch Phase:** HAProxy config update and traffic switcheroo
+4. **Cleanup Phase:** Nuke old containers from high orbit
 5. **Moon Phases:** 🌑 🌒 🌓 🌔 🌝 🌖 🌗 🌘 🌚
 
 ### GitHub Secrets Setup
-Set these in your repo for deployment thingamajigs:
-- `DEPLOY_KEY`, `DEPLOY_HOST` - SSH access stuff
-- SMS gateway credentials and phone number
-- `NUXT_SUPER_SECRET_SALT` - for cryptographic tomfoolery
+Deployments generate the needed .env from GitHub secrets, so make sure to slap some secrets up first!
 
 ### WireGuard Setup
-Copy `wireguard/wg0.conf.template` → `wg0.conf` and fill in your tunnel deets.
+The stack is rocking gluetun, so just set up your WIREGUARD_ environment variables in Github secrets:
 
 ## 🔒 Security Fortress
 
 - 🔐 WireGuard tunnel encryption
 - 🛡️ Container firewalls and non-root execution
 - 🔢 TOTP phone verification + rate limiting
-- 🔤 ASCII-only validation (emoji-proof!)
+- 🔤 ASCII-only validation (No spammy weird characters please!)
 
-## 🔧 Troubleshooting
+## 🆘 When Things Go Wrong
 
 ```bash
-# Check container health
-docker-compose ps && docker logs portfolio
+# Check if containers are actually alive
+docker compose ps && docker compose logs portfolio
 
-# Test SMS connectivity
-docker exec portfolio curl -f http://192.168.0.XXX:9090
+# Poke the SMS gateway to see if it's responsive
+docker compose exec portfolio curl -f http://your-sms-gateway-ip:9090/health
+
+# Check WireGuard tunnel status
+docker compose exec portfolio wg show
 ```
 
-**Debug Panic Levels:** 😎 → 🤔 → 😅 → 😰 → 💀 → 🍕
+**Debugging stages of grief:** 😎 confident → 🤔 confused → 😅 nervous → 😰 panicking → 💀 accepting fate → 🍕 ordering pizza
 
 ## 📁 What's Where
 
 ```
 ├── app/          # Nuxt 4 frontend
-├── server/       # API routes + SMS gateway libs
+├── server/       # API routes
 ├── deploy/       # Deployment scripts
 └── .github/      # CI/CD workflows
 ```
@@ -104,4 +151,4 @@ This project is licensed under **AGPL 3.0 only** - see the [LICENSE](LICENSE) fi
 
 ---
 
-*Built with ❤️ and lots of ☕*
+*Built with ❤️ and lots of ☕! (Sheesh, if you've read this far, just hire me, please!)*