matthias.lotz
dd71dcab44
- Von 16 .env Dateien auf 2 zentrale reduziert * docker/dev/.env - Development Secrets * docker/prod/.env - Production Secrets - Alle ENV-Variablen jetzt in docker-compose.yml environment sections - .env COPY aus allen Dockerfiles entfernt (wurden durch volume mounts überschrieben) - Frontend env.sh umgeschrieben: Liest ENV-Variablen statt .env Datei - CLIENT_URL komplett entfernt (wurde nirgendwo verwendet) - Fix: management.js nutzt platform_name statt name (DB-Schema korrekt) ENV-Handling jetzt deutlich einfacher und wartbarer! Von 4 Frontend ENV-Variablen auf 3 reduziert (API_URL, PUBLIC_HOST, INTERNAL_HOST)
68 lines
1.9 KiB
YAML
68 lines
1.9 KiB
YAML
# Production Environment
|
|
# Usage: docker compose -f docker/prod/docker-compose.yml up -d
|
|
# Or use: ./prod.sh
|
|
|
|
services:
|
|
frontend:
|
|
container_name: image-uploader-frontend
|
|
image: gitea.lan.hobbyhimmel.de/hobbyhimmel/image-uploader-frontend:latest
|
|
ports:
|
|
- "80:80"
|
|
build:
|
|
context: ../../
|
|
dockerfile: docker/prod/frontend/Dockerfile
|
|
depends_on:
|
|
- backend
|
|
environment:
|
|
- API_URL=http://backend:5000
|
|
- PUBLIC_HOST=public.test.local
|
|
- INTERNAL_HOST=internal.test.local
|
|
|
|
networks:
|
|
- npm-nw
|
|
- prod-internal
|
|
|
|
backend:
|
|
container_name: image-uploader-backend
|
|
image: gitea.lan.hobbyhimmel.de/hobbyhimmel/image-uploader-backend:latest
|
|
build:
|
|
context: ../../
|
|
dockerfile: docker/prod/backend/Dockerfile
|
|
ports:
|
|
- "5000:5000"
|
|
volumes:
|
|
- image_data:/usr/src/app/src/data
|
|
networks:
|
|
- prod-internal
|
|
environment:
|
|
- REMOVE_IMAGES=false
|
|
- NODE_ENV=production
|
|
- ADMIN_SESSION_SECRET=${ADMIN_SESSION_SECRET}
|
|
- ADMIN_SESSION_DIR=/usr/src/app/src/data/sessions
|
|
# ⚠️ Für HTTP-only Labs per Override auf "false" setzen (nicht im Repo committen)
|
|
- ADMIN_SESSION_COOKIE_SECURE=true
|
|
# Host Configuration (Public/Internal Separation)
|
|
- PUBLIC_HOST=public.test.local
|
|
- INTERNAL_HOST=internal.test.local
|
|
- ENABLE_HOST_RESTRICTION=true
|
|
- PUBLIC_UPLOAD_RATE_LIMIT=20
|
|
- PUBLIC_UPLOAD_RATE_WINDOW=3600000
|
|
# Trust nginx-proxy-manager (1 hop)
|
|
- TRUST_PROXY_HOPS=1
|
|
# Telegram Bot Configuration (optional)
|
|
- TELEGRAM_ENABLED=${TELEGRAM_ENABLED:-false}
|
|
- TELEGRAM_BOT_TOKEN=${TELEGRAM_BOT_TOKEN}
|
|
- TELEGRAM_CHAT_ID=${TELEGRAM_CHAT_ID}
|
|
- TELEGRAM_SEND_TEST_ON_START=false
|
|
|
|
|
|
|
|
networks:
|
|
npm-nw:
|
|
external: true
|
|
prod-internal:
|
|
driver: bridge
|
|
|
|
volumes:
|
|
image_data:
|
|
driver: local |