Coolify's last deploy reused the cached image — the new
/api/cli/meshes/[slug] route never made it into .next/server.
Adding force=true to the deploy API call so Coolify rebuilds
from the current commit instead of replaying the cache.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
new workflow joins the tailnet via tailscale oauth then triggers
the coolify deploy endpoint. path filter scoped to web app + every
package transpiled into it, so broker/cli/docs changes skip it.
concurrency group coalesces rapid pushes.
requires three repo secrets: COOLIFY_TOKEN, TS_OAUTH_CLIENT_ID,
TS_OAUTH_SECRET (the OAuth client needs the devices:write scope and
the tag:ci tag in tailnet ACL tagOwners).
inline coolify token removed from CLAUDE.md — it now references
the repo secret. broker deploy is unchanged: it runs through the
gitea-vps webhook.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
