Make sure prod app deploys to correct app folder

.forgejo/workflows/ci.yml

@@ -186,8 +186,25 @@ jobs:
     if: github.ref == 'refs/heads/main'
 
     steps:
-    - name: Checkout code
+    - name: Setup deployment directory
+      run: |
+        # Create deployment directory if it doesn't exist
+        sudo mkdir -p /opt/${{ secrets.APP_NAME || 'sharenet' }}
+        sudo chown ${{ secrets.PROD_SERVICE_USER || 'prod-service' }}:${{ secrets.PROD_SERVICE_USER || 'prod-service' }} /opt/${{ secrets.APP_NAME || 'sharenet' }}
+        sudo chmod 755 /opt/${{ secrets.APP_NAME || 'sharenet' }}
+
+    - name: Checkout code to deployment directory
       uses: actions/checkout@v4
+      with:
+        path: /opt/${{ secrets.APP_NAME || 'sharenet' }}
+
+    - name: Set proper ownership
+      run: |
+        # Ensure proper ownership of all files
+        sudo chown -R ${{ secrets.PROD_SERVICE_USER || 'prod-service' }}:${{ secrets.PROD_SERVICE_USER || 'prod-service' }} /opt/${{ secrets.APP_NAME || 'sharenet' }}
+        
+        # Change to deployment directory for all subsequent operations
+        cd /opt/${{ secrets.APP_NAME || 'sharenet' }}
 
     - name: Create environment file for deployment
       run: |

CI_CD_PIPELINE_SETUP_GUIDE.md

@@ -932,7 +932,8 @@ sudo systemctl enable forgejo-runner.service
 
 **What this does**:
 - Creates the systemd service configuration for the Forgejo runner
-- Sets the working directory to `/etc/forgejo-runner` where the `.runner` file is located
+- Sets the working directory to `/etc/forgejo-runner` where the `.runner` configuration file is located
+- The runner will start here but the CI workflow will deploy the application to `/opt/APP_NAME`
 - Enables the service to start automatically on boot
 - Sets up proper restart behavior for reliability
 
@@ -1310,6 +1311,23 @@ sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
 sudo usermod -aG docker PROD_SERVICE_USER
 ```
 
+#### 12.4 Create Application Directory
+
+```bash
+# Create application directory for deployment
+sudo mkdir -p /opt/APP_NAME
+sudo chown PROD_SERVICE_USER:PROD_SERVICE_USER /opt/APP_NAME
+sudo chmod 755 /opt/APP_NAME
+
+# Verify the directory was created correctly
+ls -la /opt/APP_NAME
+```
+
+**What this does**:
+- Creates the application directory that will be used for deployment
+- Sets proper ownership for the PROD_SERVICE_USER
+- Ensures the directory exists before the CI workflow runs
+
 ### Step 13: Configure Docker for Harbor Access
 
 **Important**: The Production Linode needs to be able to pull Docker images from the Harbor registry on the CI/CD Linode. We need to configure Docker to trust the Harbor SSL certificate.
@@ -1511,7 +1529,14 @@ sudo journalctl -u forgejo-runner.service -f --no-pager
 - `systemctl status` should show "active (running)"
 - Forgejo web interface should show the runner as online with "prod" label
 
-**Important**: The CI/CD workflow (`.forgejo/workflows/ci.yml`) is already configured to use this production runner. The deploy job runs on `runs-on: [self-hosted, prod]`, which means it will execute on any runner with the "prod" label. When the workflow runs, it will:
+**Important**: The CI/CD workflow (`.forgejo/workflows/ci.yml`) is already configured to use this production runner. The deploy job runs on `runs-on: [self-hosted, prod]`, which means it will execute on any runner with the "prod" label. 
+
+**Architecture**:
+- **Runner Configuration**: Located in `/etc/forgejo-runner/.runner` (system configuration)
+- **Application Deployment**: Located in `/opt/APP_NAME/` (application software)
+- **Workflow Process**: Runner starts in `/etc/forgejo-runner`, then checks out directly to `/opt/APP_NAME`
+
+When the workflow runs, it will:
 
 1. Pull the latest Docker images from Harbor registry
 2. Use the `docker-compose.prod.yml` file to deploy the application stack