Operations runbook · Automatic deploys via Forgejo → Coolify webhooks
Every Coolify app (FleetOps + FleetNow, staging & prod) deploys automatically on a
git push. The chain is:
git push → Forgejo webhook → Coolify rebuilds the app whose branch matches → Traefik serves the new container
Each Coolify application tracks one branch. A push to that branch fires the webhook;
Coolify rebuilds only the app(s) bound to the pushed branch. So staging pushes
deploy the *.fivetitude.com apps, and main merges deploy the
*.rahamafresh.com (prod) apps.
staging vs main).https://<coolify-domain>/webhooks/source/gitea/events/manual)
and the Webhook Secret.| Field | Value |
|---|---|
| Target URL | the Coolify Webhook URL (Part A) |
| HTTP Method | POST |
| POST Content Type | application/json |
| Secret | the Coolify Webhook Secret (must match exactly) |
| Trigger On | Push Events (or Custom → Push only) |
| Branch filter | the app's branch (staging or main) — optional but tidy |
| Active | checked |
There is one Coolify app per environment, each on its own branch, and each app has its own webhook secret. Add a separate Forgejo webhook per app (same repo), each with its own URL/secret and branch filter:
| App | Domain | Branch |
|---|---|---|
| FleetOps staging | fleetops.fivetitude.com | staging |
| FleetOps prod | fleetops.rahamafresh.com | main |
| FleetNow staging | fleetnow.fivetitude.com | staging |
| FleetNow prod | fleetnow.rahamafresh.com | main |
Promotion: feature → staging (auto-deploys staging) → main (auto-deploys prod).
| Symptom | Cause & fix |
|---|---|
| Delivery 2xx but no deploy | Auto Deploy off. Turn it on at Configuration → Advanced → Auto Deploy. |
| Delivery 401 / 403 | Secret mismatch — re-copy the Coolify secret into the Forgejo webhook's Secret field. |
| Delivery 404 / 502 on the webhook | Wrong Target URL, or Coolify unreachable. |
| Site returns 502 | Coolify "Ports Exposes" ≠ container port. Set it to 80 and redeploy. |
| Site returns 503 / self-signed cert | No healthy backend yet, or the domain doesn't match the Traefik rule (often a domain typo). Fix the domain and redeploy. |
| Deploys, but it's the wrong code | Wrong branch. Set the app's Branch (e.g. staging) in the Source config, Save, then redeploy (Force rebuild). |
*.rahamafresh.com) must stay on main. Pointing one at staging
would push unreviewed code to the client's live site.