Add MkDocs GitHub Pages publish workflow

.github/workflows/publish-docs.yml

@@ -0,0 +1,70 @@
+name: Publish documentation site
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: github-pages
+  cancel-in-progress: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install tooling
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y graphviz jq python3 python3-pip
+
+          if ! docker compose version >/dev/null 2>&1; then
+            sudo apt-get install -y docker-compose-v2 || sudo apt-get install -y docker-compose || true
+          fi
+
+          if ! docker compose version >/dev/null 2>&1; then
+            echo "docker compose CLI is unavailable on this runner" >&2
+            exit 1
+          fi
+
+          python3 -m pip install --user mkdocs pyyaml jinja2
+
+      - name: Generate documentation
+        run: |
+          chmod +x scripts/docs/*.sh
+          scripts/docs/generate-all.sh
+
+      - name: Build MkDocs site
+        run: |
+          python3 -m mkdocs build --strict
+
+      - name: Configure GitHub Pages
+        uses: actions/configure-pages@v5
+
+      - name: Upload GitHub Pages artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: site
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

.gitignore

@@ -29,3 +29,4 @@ secrets/*
 !.env.example
 core/traefik/certs/*
 !core/traefik/certs/.gitkeep
+site/

docs/repo-structure.md

@@ -33,7 +33,7 @@ This page explains where to find authoritative files quickly.
 
 ## Fast path for future Codex runs
 
-1. Read [README.md](../README.md).
+1. Read [README.md](https://github.com/beatz174-bit/docker/blob/main/README.md).
 2. Read [docs/source-of-truth.md](source-of-truth.md).
 3. Read [docs/docker-environment.md](docker-environment.md).
 4. Read [docs/terraform-workflows.md](terraform-workflows.md).

docs/security-secrets.md

@@ -4,11 +4,11 @@
 
 This page explains how secret material is organized in this repository and where to find both human-readable and machine-readable references.
 
-For machine-readable inventory metadata, use [`../secrets/inventory.json`](../secrets/inventory.json).
+For machine-readable inventory metadata, use [`secrets/inventory.json`](https://github.com/beatz174-bit/docker/blob/main/secrets/inventory.json).
 
 ## Scope and authority
 
-- Canonical example template: [`../secrets/.env.secrets.example`](../secrets/.env.secrets.example)
+- Canonical example template: [`secrets/.env.secrets.example`](https://github.com/beatz174-bit/docker/blob/main/secrets/.env.secrets.example)
 - Runtime-loaded secret env file (local, non-committed): `../secrets/stack-secrets.env`
 - Dynu DNS inventory env file (local, non-committed): `../secrets/dynu.env`
 - Docker secret files (local, non-committed): `../secrets/*.txt`
@@ -30,7 +30,7 @@ Treat the example template as the canonical shape for expected environment varia
 
 ## Machine-readable inventory
 
-- Primary automation source: [`../secrets/inventory.json`](../secrets/inventory.json)
+- Primary automation source: [`secrets/inventory.json`](https://github.com/beatz174-bit/docker/blob/main/secrets/inventory.json)
 - Human guidance source: this page
 
 Automation should parse `secrets/inventory.json` directly rather than scraping Markdown tables.

docs/terraform-workflows.md

@@ -90,4 +90,4 @@ Treat generated files as:
 
 - [docs/source-of-truth.md](source-of-truth.md)
 - [docs/infrastructure-inventory.md](infrastructure-inventory.md)
-- [infrastructure/terraform/README.md](../infrastructure/terraform/README.md)
+- [infrastructure/terraform/README.md](https://github.com/beatz174-bit/docker/blob/main/infrastructure/terraform/README.md)

mkdocs.yml

@@ -18,3 +18,9 @@ nav:
 
 theme:
   name: mkdocs
+
+validation:
+  nav:
+    omitted_files: ignore
+exclude_docs: |
+  README.md