@@ -114,3 +114,59 @@ For each app page:
114114- Preserve existing facts; do not drop meaningful technical details.
115115- Rephrase/move content rather than delete unless it is redundant filler.
116116- Keep wording concise and direct.
117+
118+ ## Container and Versioning Rules
119+
120+ These rules are mandatory for app/service onboarding and version updates.
121+
122+ ### Single source of truth for container versions
123+
124+ - Do not write runtime image tags/digests directly in ` deploy/vps/docker-compose.yml ` .
125+ - ` deploy/vps/docker-compose.yml ` must use ` build: ` entries that point to Dockerfiles in ` apps/ ` .
126+ - Pin base images in Dockerfiles with immutable digests (` FROM image@sha256:... ` ).
127+ - Never use floating tags like ` latest ` or ` release ` in runtime Dockerfiles.
128+
129+ ### Required Dockerfile layout
130+
131+ For each app, Dockerfiles must live in the app root folder:
132+
133+ - Primary app service: ` apps/<app>/Dockerfile `
134+ - Additional services: ` apps/<app>/Dockerfile.<service> `
135+
136+ Examples:
137+
138+ - ` apps/immich/Dockerfile `
139+ - ` apps/immich/Dockerfile.machine-learning `
140+ - ` apps/immich/Dockerfile.postgres `
141+ - ` apps/immich/Dockerfile.valkey `
142+ - ` apps/seafile/Dockerfile `
143+ - ` apps/seafile/Dockerfile.mysql `
144+ - ` apps/seafile/Dockerfile.memcached `
145+
146+ Do not introduce new canonical Dockerfiles in nested subfolders like ` apps/<app>/<service>/Dockerfile ` .
147+
148+ ### Backward compatibility for existing paths
149+
150+ - Dockerfile paths used by external deploy templates (Railway/Dokploy) are treated as stable API.
151+ - If a path is already used publicly, do not remove or move it in a patch/minor change.
152+ - If a path migration is needed:
153+ - Keep the old Dockerfile as a compatibility stub.
154+ - Add a deprecation comment pointing to the canonical root-level Dockerfile.
155+ - Remove old paths only in a clearly documented breaking release.
156+
157+ ### Compose authoring rules when adding a service
158+
159+ When adding a new service to ` deploy/vps/docker-compose.yml ` :
160+
161+ - Use:
162+ - ` build.context: ../../apps/<app> `
163+ - ` build.dockerfile: Dockerfile ` or ` Dockerfile.<service> `
164+ - Do not use direct ` image: ` references for services managed by this repo.
165+
166+ ### Docs and automation updates required with each new service
167+
168+ When adding/changing an app service, also update:
169+
170+ - ` apps/<app>/README.md ` technical specs (env vars, volumes, healthchecks, dependencies).
171+ - ` deploy/vps/apps/<app>/.env.example ` when relevant.
172+ - ` .github/dependabot.yml ` Docker entries for the affected app root directory.
0 commit comments