From 29217e883b56e648aeaf11c7b86ba47021d0bddb Mon Sep 17 00:00:00 2001
From: Pepe Ziberi <pepe@lageplan.ch>
Date: Tue, 19 May 2026 20:26:43 +0200
Subject: [PATCH] refactor(ci): switch to Watchtower-only auto-update, remove
 Portainer webhook

---
 .gitea/workflows/deploy.yml  |  8 +-------
 docker-compose.portainer.yml | 16 +++++++++-------
 2 files changed, 10 insertions(+), 14 deletions(-)

diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index d5d36bd..ec4b5c9 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -26,7 +26,7 @@ jobs:
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ secrets.REGISTRY_USER }}
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          password: ${{ secrets.REGISTRY_PASSWORD }}
 
       - name: Extract metadata
         id: meta
@@ -47,9 +47,3 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=registry,ref=${{ env.IMAGE }}:cache
           cache-to: type=registry,ref=${{ env.IMAGE }}:cache,mode=max
-
-      - name: Trigger Portainer webhook
-        if: ${{ success() && secrets.PORTAINER_WEBHOOK_URL != '' }}
-        run: |
-          echo "Triggering Portainer redeploy..."
-          curl -sfSL -X POST "${{ secrets.PORTAINER_WEBHOOK_URL }}" || echo "Webhook failed (non-critical)"
diff --git a/docker-compose.portainer.yml b/docker-compose.portainer.yml
index 6235998..a9fa9b9 100644
--- a/docker-compose.portainer.yml
+++ b/docker-compose.portainer.yml
@@ -1,17 +1,16 @@
 ##############################################
-# Lageplan — Portainer Stack (Auto-Deploy)
+# Lageplan — Portainer Stack (Watchtower Auto-Update)
 #
 # Setup in Portainer:
 #   1. Stacks → Add Stack → "Repository"
 #   2. Git-URL: https://git.purepixel.ch/adminpepe/Lageplan.git
 #   3. Compose-Pfad: docker-compose.portainer.yml
-#   4. "GitOps updates" aktivieren + Webhook kopieren
-#   5. Webhook in Gitea eintragen (Repo → Einstellungen → Webhooks)
-#   6. Environment-Variablen setzen (siehe unten)
-#   7. Deploy
+#   4. "GitOps updates" aktivieren
+#   5. Environment-Variablen setzen (siehe unten)
+#   6. Deploy
 #
 # Danach: Push auf main → Gitea Actions baut Image →
-#         Portainer Webhook/Watchtower holt neues Image
+#         Watchtower erkennt neues Image und startet Container neu
 #
 # Benötigte Environment-Variablen:
 #   POSTGRES_USER        (default: lageplan)
@@ -108,8 +107,11 @@ services:
         condition: service_healthy
     networks:
       - lageplan
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
 
   # ─── Watchtower (Auto-Restart bei neuen Images) ─
+  # Überwacht nur Container mit Label com.centurylinklabs.watchtower.enable=true
   watchtower:
     image: containrrr/watchtower
     restart: unless-stopped
@@ -118,7 +120,7 @@ services:
     environment:
       WATCHTOWER_POLL_INTERVAL: 60
       WATCHTOWER_CLEANUP: "true"
-      WATCHTOWER_LABEL_ENABLE: "false"
+      WATCHTOWER_LABEL_ENABLE: "true"
       # Gitea Registry Auth
       REPO_USER: ${GITEA_REGISTRY_USER}
       REPO_PASS: ${GITEA_REGISTRY_PASS}