## Issue
Previous fix enabled LittleShop__UseTor=true, which tried to route internal
Docker API calls through Tor. Tor correctly rejected these private addresses.
## Root Cause
Two separate Tor configuration flags exist:
1. Privacy__EnableTor - Controls Telegram Bot API calls (external, public)
2. LittleShop__UseTor - Controls LittleShop API calls (internal, private)
## Solution
- Set LittleShop__UseTor=false (internal calls direct - no Tor)
- Set Privacy__EnableTor=true (Telegram API calls via Tor)
## Impact
✅ Telegram Bot API calls now route through Tor (privacy protected)
✅ Internal API calls go direct (no Tor rejection errors)
✅ Proper separation of concerns
## Technical Details
TelegramBotService.cs:77 checks Privacy:EnableTor
Program.cs:63 checks LittleShop:UseTor
These control different HTTP clients for different purposes.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
## Issue
TeleBot was bypassing Tor gateway despite infrastructure being available.
## Root Cause
Deployment configuration explicitly disabled Tor:
- LittleShop__UseTor=false (line 118)
## Fix
Changed deployment configuration to enable Tor routing:
- LittleShop__UseTor=true
## Impact
✅ All Telegram API calls now route through Tor network
✅ Bot's real IP hidden from Telegram servers
✅ Enhanced privacy protection
⚠️ Slight latency increase due to Tor overhead
## Verification Required
Monitor tor-gateway logs after deployment to confirm traffic routing.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Keep authentication fix in Program.cs but use original CI/CD pipeline configuration that builds from Dockerfile
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated .gitlab-ci.yml with complete build, test, and deploy stages
- Added authentication redirect fix in Program.cs (302 redirect for admin routes)
- Fixed Cookie vs Bearer authentication conflict for admin panel
- Configure pipeline to build from .NET 9.0 source
- Deploy to Hostinger VPS with proper environment variables
- Include rollback capability for production deployments
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Added auto-deploy on successful builds for main branch
- Deployment uses commit SHA when no tag is present
- Manual deployment still available for tagged releases
- Follows same pattern as TeleBot deployment
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Remove docker:24-dind service to use runner's mounted Docker socket.
This fixes the 403 Git access error and Docker socket conflict.
Changes:
- Remove services: docker:24-dind from build and deploy jobs
- Change image from docker:24-dind to docker:24
- Update DOCKER_HOST to use unix socket
Co-Authored-By: Claude <noreply@anthropic.com>
