From: Shane Jaroch <chown_tee@proton.me>
Date: Mon, 19 Jan 2026 09:15:03 +0000 (-0500)
Subject: wip
X-Git-Url: https://git.nutra.tk/v2?a=commitdiff_plain;h=d4b482a8919e83991425252eca01170b4a4d801f;p=nutratech%2Fvps-root.git

wip
---

diff --git a/Makefile b/Makefile
index 8837b9a..9177dd1 100644
--- a/Makefile
+++ b/Makefile
@@ -40,15 +40,21 @@ VPS_USER ?= gg
 
 VPS := $(VPS_USER)@$(VPS_HOST)
 
-# Detect Environment
-ifeq ($(VPS_HOST),$(VPS_HOST_DEV))
-    ENV := dev
-else ifeq ($(VPS_HOST),$(VPS_HOST_PROD))
-    ENV := prod
+# Logic:
+# 1. Default ENV to dev.
+# 2. Allow user to override ENV=prod.
+# 3. Set VPS_HOST based on ENV.
+
+ENV ?= dev
+
+ifeq ($(ENV),prod)
+    VPS_HOST := $(VPS_HOST_PROD)
 else
-    ENV := dev
+    VPS_HOST := $(VPS_HOST_DEV)
 endif
 
+VPS := $(VPS_USER)@$(VPS_HOST)
+
 .PHONY: stage/nginx
 stage/nginx: ##H @Remote Stage files on the remote VPS
 	@echo "Staging files on $(VPS_HOST) (ENV=$(ENV))..."
@@ -63,7 +69,7 @@ stage/nginx: ##H @Remote Stage files on the remote VPS
 .PHONY: diff/nginx
 diff/nginx: ##H @Remote Show diff between local and remote
 	@echo "Checking diff against $(VPS_HOST)..."
-	ssh -t $(VPS) "bash ~/.nginx-staging/scripts/deploy.sh diff"
+	ssh -t $(VPS) "bash ~/.nginx-staging/scripts/deploy.sh diff $(ENV)"
 
 .PHONY: deploy/nginx
 deploy/nginx: ##H @Remote Deploy staged files to remote
@@ -74,7 +80,7 @@ deploy/nginx: stage/nginx test/nginx diff/nginx
 .PHONY: test/nginx
 test/nginx: ##H @Remote Test staged configuration without deploying
 	@echo "Testing staged config on $(VPS_HOST)..."
-	ssh -t $(VPS) "bash ~/.nginx-staging/scripts/deploy.sh test"
+	ssh -t $(VPS) "bash ~/.nginx-staging/scripts/deploy.sh test $(ENV)"
 
 .PHONY: deploy/klaus
 deploy/klaus: ##H @Remote Deploy Klaus (systemd + nginx) and install deps
@@ -106,26 +112,26 @@ certbot/nginx: ##H @Remote Run certbot on remote VPS
 diff/local: ##H @Local Show diff against system config
 ifdef SUDO_USER
 	@echo "Checking diff locally as $(SUDO_USER)..."
-	su -P $(SUDO_USER) -c "bash scripts/deploy.sh diff"
+	su -P $(SUDO_USER) -c "bash scripts/deploy.sh diff $(ENV)"
 else
 	@echo "Checking diff locally..."
-	bash scripts/deploy.sh diff
+	bash scripts/deploy.sh diff $(ENV)
 endif
 
 .PHONY: test/local
 test/local: ##H @Local Test current configuration
 	@echo "Testing locally..."
-	bash scripts/deploy.sh test
+	bash scripts/deploy.sh test $(ENV)
 
 .PHONY: deploy/local
 deploy/local: ##H Deploy Nginx and Gitweb configuration (local)
 ifdef SUDO_USER
 	@echo "Deploying locally as $(SUDO_USER)..."
 	@# We need to run the entire script as the SUDO_USER to ensure they can sudo inside it
-	su -P $(SUDO_USER) -c "bash scripts/deploy.sh"
+	su -P $(SUDO_USER) -c "bash scripts/deploy.sh $(ENV)"
 else
 	@echo "Deploying locally..."
-	bash scripts/deploy.sh
+	bash scripts/deploy.sh $(ENV)
 endif
 
 .PHONY: certbot/local
diff --git a/scripts/deploy.sh b/scripts/deploy.sh
index 1529978..1c61652 100755
--- a/scripts/deploy.sh
+++ b/scripts/deploy.sh
@@ -15,7 +15,8 @@ is_text_file() {
 echo "Source: $REPO_ROOT"
 
 if [ "$1" = "diff" ]; then
-    echo "Detected changes (diff):"
+    ENV="${2:-dev}"
+    echo "Detected changes (diff) for ENV=$ENV:"
     # We can't use simple diff -r because we need to exclude secrets.conf if encrypted
     # So we loop through source files
     for FILE in "$NGINX_CONF_SRC"/*.conf; do
@@ -24,7 +25,18 @@ if [ "$1" = "diff" ]; then
             echo "Skipping encrypted secrets.conf diff..."
             continue
         fi
-        diff -u --color=always "$DEST_CONF_DIR/$BASENAME" "$FILE" || true
+
+        # Logic to check against default.conf
+        TARGET_FILE="$DEST_CONF_DIR/$BASENAME"
+        if [[ "$BASENAME" == "default.dev.conf" || "$BASENAME" == "default.prod.conf" || "$BASENAME" == "default.conf" ]]; then
+            if [ "$BASENAME" == "default.${ENV}.conf" ]; then
+                TARGET_FILE="$DEST_CONF_DIR/default.conf"
+            else
+                continue
+            fi
+        fi
+
+        diff -u --color=always "$TARGET_FILE" "$FILE" || true
     done
 
     # Diff gitweb.conf
@@ -36,7 +48,8 @@ if [ "$1" = "diff" ]; then
 fi
 
 if [ "$1" = "test" ]; then
-    echo "Running pre-flight validation..."
+    ENV="${2:-dev}"
+    echo "Running pre-flight validation for ENV=$ENV..."
     TMP_WORK_DIR=$(mktemp -d)
     TMP_NGINX_CONF="$TMP_WORK_DIR/nginx.conf"
     TMP_CONF_D="$TMP_WORK_DIR/conf.d"
@@ -49,7 +62,19 @@ if [ "$1" = "test" ]; then
             echo "Skipping encrypted secrets.conf for test..."
             continue
         fi
-        cp "$FILE" "$TMP_CONF_D/"
+
+        # Handle default configuration switching
+        if [[ "$BASENAME" == "default.dev.conf" || "$BASENAME" == "default.prod.conf" || "$BASENAME" == "default.conf" ]]; then
+            if [ "$BASENAME" == "default.${ENV}.conf" ]; then
+                # Rename to default.conf
+                cp "$FILE" "$TMP_CONF_D/default.conf"
+            else
+                # Skip other environment configs
+                continue
+            fi
+        else
+            cp "$FILE" "$TMP_CONF_D/"
+        fi
     done
 
     # Generate test nginx.conf