This is how I currently setup my production server that runs infinitd.rofer.me.
It uses a podman container automatically (re)started by a user systemd instance so it doesn't require root permissions.
- Enable per-user systemd to startup at login with: loginctl enable-linger
- Copy infinitd-backend.service to ~/.config/systemd/user/
- Reload systemd files: systemctl --user daemon-reload
- Enable it so it starts automatically: systemctl --user --enable infinitd-backend.service
- Make a bare clone of the repo named infinitd-backend.git
- Copy post-receive to infinitd-backend.git/hooks/
- Mark it as executable: chmod a+x infinitd-backend.git/hooks/post-receive
- Create a volume to store the game data: podman volume create backend-data
- Create a container to setup initial data: podman container create --name temp --mount type=volume,source=backend-data,target=/InfiniTDServer/data hello-world
- Copy your private Firebase key to the container: podman cp ./privateFirebaseKey.json temp:/InfiniTDServer/data/
- Cleanup the container: podman rm temp
- Point master to an older commit: git update-ref refs/heads/master HEAD^
- Push the latest commit to the server to trigger the post-recieve hook to build and start the container