218 lines
5.4 KiB
YAML
218 lines
5.4 KiB
YAML
services:
|
|
db:
|
|
image: mysql:8.0
|
|
container_name: stupa_db
|
|
restart: unless-stopped
|
|
command:
|
|
[
|
|
"mysqld",
|
|
"--character-set-server=utf8mb4",
|
|
"--collation-server=utf8mb4_unicode_ci",
|
|
"--default-authentication-plugin=mysql_native_password",
|
|
]
|
|
environment:
|
|
MYSQL_DATABASE: ${MYSQL_DB:-stupa}
|
|
MYSQL_USER: ${MYSQL_USER:-stupa}
|
|
MYSQL_PASSWORD: ${MYSQL_PASSWORD:-secret}
|
|
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-rootsecret}
|
|
healthcheck:
|
|
test:
|
|
[
|
|
"CMD-SHELL",
|
|
"mysqladmin ping -h 127.0.0.1 -uroot -p${MYSQL_ROOT_PASSWORD:-rootsecret} --silent",
|
|
]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 6
|
|
ports:
|
|
- "3307:3306"
|
|
volumes:
|
|
- db_data:/var/lib/mysql
|
|
networks:
|
|
- stupa_network
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
container_name: stupa_redis
|
|
restart: unless-stopped
|
|
command: redis-server --appendonly yes
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
ports:
|
|
- "6379:6379"
|
|
volumes:
|
|
- redis_data:/data
|
|
networks:
|
|
- stupa_network
|
|
|
|
api:
|
|
build:
|
|
context: ./backend
|
|
dockerfile: Dockerfile
|
|
network: host
|
|
container_name: stupa_api
|
|
restart: unless-stopped
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_healthy
|
|
environment:
|
|
# Database
|
|
MYSQL_HOST: db
|
|
MYSQL_PORT: 3306
|
|
MYSQL_DB: ${MYSQL_DB:-stupa}
|
|
MYSQL_USER: ${MYSQL_USER:-stupa}
|
|
MYSQL_PASSWORD: ${MYSQL_PASSWORD:-secret}
|
|
|
|
# Redis
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
|
|
# Security
|
|
MASTER_KEY: ${MASTER_KEY:-change_me}
|
|
JWT_SECRET_KEY: ${JWT_SECRET_KEY:-change_me_jwt}
|
|
ENCRYPTION_KEY: ${ENCRYPTION_KEY:-change_me_encryption}
|
|
|
|
# OIDC Settings
|
|
OIDC_ENABLED: ${OIDC_ENABLED:-false}
|
|
OIDC_ISSUER: ${OIDC_ISSUER:-}
|
|
OIDC_CLIENT_ID: ${OIDC_CLIENT_ID:-}
|
|
OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET:-}
|
|
OIDC_REDIRECT_URI: ${OIDC_REDIRECT_URI:-http://localhost:3001/auth/callback}
|
|
OIDC_ADMIN_GROUPS: ${OIDC_ADMIN_GROUPS:-admin}
|
|
OIDC_BUDGET_REVIEWER_GROUPS: ${OIDC_BUDGET_REVIEWER_GROUPS:-haushaltsbeauftragte}
|
|
OIDC_FINANCE_REVIEWER_GROUPS: ${OIDC_FINANCE_REVIEWER_GROUPS:-finanzreferent}
|
|
OIDC_ASTA_GROUPS: ${OIDC_ASTA_GROUPS:-asta}
|
|
|
|
# Email Settings
|
|
EMAIL_ENABLED: ${EMAIL_ENABLED:-false}
|
|
SMTP_HOST: ${SMTP_HOST:-localhost}
|
|
SMTP_PORT: ${SMTP_PORT:-587}
|
|
SMTP_USERNAME: ${SMTP_USERNAME:-}
|
|
SMTP_PASSWORD: ${SMTP_PASSWORD:-}
|
|
EMAIL_FROM: ${EMAIL_FROM:-noreply@example.com}
|
|
EMAIL_FROM_NAME: ${EMAIL_FROM_NAME:-STUPA System}
|
|
|
|
# Rate Limiting
|
|
RATE_IP_PER_MIN: ${RATE_IP_PER_MIN:-60}
|
|
RATE_KEY_PER_MIN: ${RATE_KEY_PER_MIN:-30}
|
|
|
|
# Storage
|
|
UPLOAD_DIR: /app/uploads
|
|
TEMPLATE_DIR: /app/templates
|
|
ATTACHMENT_STORAGE: ${ATTACHMENT_STORAGE:-filesystem}
|
|
FILESYSTEM_PATH: /app/attachments
|
|
|
|
# Workflow
|
|
WORKFLOW_REQUIRED_VOTES: ${WORKFLOW_REQUIRED_VOTES:-5}
|
|
WORKFLOW_APPROVAL_THRESHOLD: ${WORKFLOW_APPROVAL_THRESHOLD:-50.0}
|
|
|
|
# Application
|
|
FRONTEND_URL: ${FRONTEND_URL:-http://localhost:3001}
|
|
ENVIRONMENT: ${ENVIRONMENT:-production}
|
|
DEBUG: ${DEBUG:-false}
|
|
TZ: ${TZ:-Europe/Berlin}
|
|
ports:
|
|
- "8000:8000"
|
|
volumes:
|
|
- ./backend/uploads:/app/uploads
|
|
- ./backend/templates:/app/templates
|
|
- ./backend/attachments:/app/attachments
|
|
- pdf_forms:/app/pdf_forms
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "wget -qO- http://127.0.0.1:8000/health || exit 1"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 6
|
|
networks:
|
|
- stupa_network
|
|
|
|
frontend:
|
|
build:
|
|
context: ./frontend
|
|
dockerfile: Dockerfile
|
|
network: host
|
|
args:
|
|
- VITE_API_URL=${VITE_API_URL:-http://localhost:8000}
|
|
- VITE_OIDC_ENABLED=${OIDC_ENABLED:-false}
|
|
- VITE_EMAIL_ENABLED=${EMAIL_ENABLED:-false}
|
|
container_name: stupa_frontend
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- api
|
|
ports:
|
|
- "3001:80"
|
|
environment:
|
|
- NODE_ENV=production
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "wget -qO- http://localhost/ || exit 1"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 6
|
|
networks:
|
|
- stupa_network
|
|
|
|
form_designer:
|
|
image: node:18-alpine
|
|
container_name: stupa_form_designer
|
|
restart: unless-stopped
|
|
working_dir: /app
|
|
command: npm run dev
|
|
depends_on:
|
|
- api
|
|
ports:
|
|
- "3002:3000"
|
|
volumes:
|
|
- ./form-designer:/app
|
|
- /app/node_modules
|
|
environment:
|
|
- NODE_ENV=development
|
|
- VITE_API_URL=http://localhost:8000
|
|
networks:
|
|
- stupa_network
|
|
profiles:
|
|
- dev
|
|
|
|
adminer:
|
|
image: adminer:4
|
|
container_name: stupa_adminer
|
|
restart: unless-stopped
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
environment:
|
|
ADMINER_DEFAULT_SERVER: db
|
|
ADMINER_DESIGN: pepa-linha-dark
|
|
ports:
|
|
- "8081:8080"
|
|
networks:
|
|
- stupa_network
|
|
|
|
mailhog:
|
|
image: mailhog/mailhog:latest
|
|
container_name: stupa_mailhog
|
|
restart: unless-stopped
|
|
ports:
|
|
- "1025:1025" # SMTP server
|
|
- "8025:8025" # Web UI
|
|
networks:
|
|
- stupa_network
|
|
profiles:
|
|
- dev
|
|
|
|
volumes:
|
|
db_data:
|
|
driver: local
|
|
redis_data:
|
|
driver: local
|
|
pdf_forms:
|
|
driver: local
|
|
|
|
networks:
|
|
stupa_network:
|
|
driver: bridge
|