diff --git a/build/Dockerfile b/build/Dockerfile
new file mode 100644
index 0000000..0e0bf75
--- /dev/null
+++ b/build/Dockerfile
@@ -0,0 +1,13 @@
+FROM eclipse-temurin:25-jre-alpine
+
+# Create a non-root user for security
+RUN addgroup -S spring && adduser -S spring -G spring
+USER spring:spring
+
+ARG JAR_FILE
+
+COPY ${JAR_FILE} app.jar
+
+EXPOSE 8082
+
+ENTRYPOINT ["java", "-jar", "/app.jar"]
\ No newline at end of file
diff --git a/build/Jenkinsfile b/build/Jenkinsfile
new file mode 100644
index 0000000..f49a976
--- /dev/null
+++ b/build/Jenkinsfile
@@ -0,0 +1,86 @@
+pipeline {
+ agent { label 'docker' }
+
+ environment {
+ REPO_URL = credentials('reposilite-url')
+ DOCKER_REGISTRY = credentials('docker-registry-url')
+ }
+
+ parameters {
+ booleanParam(name: 'DRY_RUN', defaultValue: true, description: 'If checked, no code will be pushed to Gitea, Reposilite, or Docker.')
+ }
+
+ stages {
+ stage('Provision Environment') {
+ steps {
+ sh '''
+ pixi install
+ pixi shell-hook > .pixi_activate
+ '''
+ }
+ }
+
+ stage('Version & Tag') {
+ steps {
+ withCredentials([usernamePassword(credentialsId: 'Jenkins_Gitea',
+ usernameVariable: 'GITEA_CREDS_USR',
+ passwordVariable: 'GITEA_CREDS_PSW')]) {
+ sh '''
+ source .pixi_activate
+
+ git config user.email "jenkins@77zzcx7.de"
+ git config user.name "Jenkins"
+
+ git remote set-url origin https://${GITEA_CREDS_USR}:${GITEA_CREDS_PSW}@${GIT_URL_CLEAN}
+
+ mvn release:prepare -B \
+ -s build/settings.xml \
+ -DdryRun=${DRY_RUN} \
+ -Dreposilite.url=${REPO_URL} \
+ -DtagNameFormat="v@{project.version}" \
+ -Darguments="-Dtag=v${project.version} -DskipTests"
+ '''
+ }
+ }
+ }
+
+ stage('Deploy Release') {
+ steps {
+ withCredentials([usernamePassword(credentialsId: 'reposilite-jenkins-cred',
+ usernameVariable: 'REPO_USER',
+ passwordVariable: 'REPO_TOKEN')]) {
+ sh '''
+ source .pixi_activate
+
+ mvn release:perform -B \
+ -s build/settings.xml \
+ -DdryRun=${DRY_RUN} \
+ -Dreposilite.url=${REPO_URL} \
+ -Darguments="-DskipTests"
+ '''
+ }
+ }
+ }
+
+ stage('Docker Build & Push') {
+ steps {
+ script {
+ def jarPath = sh(script: "ls web-container/target/checkout/target/*.jar | head -n 1", returnStdout: true).trim()
+ def releaseVer = sh(script: "source .pixi_activate && mvn help:evaluate -Dexpression=project.version -q -DforceStdout -f web-container/target/checkout/pom.xml", returnStdout: true).trim()
+
+ docker.withRegistry("${env.DOCKER_REGISTRY}", '') {
+ def customImage = docker.build("${env.DOCKER_REGISTRY}/my-app:${env.BUILD_ID}",
+ "-f build/Dockerfile --build-arg JAR_FILE=${jarPath} .")
+
+ if (params.DRY_RUN) {
+ echo "DRY_RUN - do not push image to registry"
+ }
+ else {
+ customImage.push("latest")
+ }
+ }
+ }
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/build/pixi.toml b/build/pixi.toml
new file mode 100644
index 0000000..bcc5808
--- /dev/null
+++ b/build/pixi.toml
@@ -0,0 +1,8 @@
+[project]
+name = "nbscloud"
+channels = ["conda-forge"]
+platforms = ["linux-64"]
+
+[dependencies]
+openjdk = "25.*"
+maven = "3.9.*"
\ No newline at end of file
diff --git a/build/settings.xml b/build/settings.xml
new file mode 100644
index 0000000..4d23a34
--- /dev/null
+++ b/build/settings.xml
@@ -0,0 +1,20 @@
+
+
+
+
+ 77zzcx7-releases
+ ${env.REPO_USER}
+ ${env.REPO_TOKEN}
+
+
+
+
+ central
+ *
+ 77zzcx7-central
+ ${env.REPO_URL}/releases
+
+
+
diff --git a/pom.xml b/pom.xml
index ca1c499..902d01f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -31,26 +31,26 @@
UTF-8
18
-
+ http://192.168.10.4:8100
77zzcx7-snapshots
- http://192.168.10.4:8100/snapshots/
+ ${repository.url}/snapshots/
77zzcx7-releases
- http://192.168.10.4:8100/releases/
+ ${repository.url}/releases/
scm:git:https://77zzcx7.de/gitea/MK13/NoBullShit-cloud.git
- ${scmDeveloperConnectionProp}
+ scm:git:https://77zzcx7.de/gitea/MK13/NoBullShit-cloud.git
https://77zzcx7.de/gitea/MK13/NoBullShit-cloud
- v14
-
+ v14
+