Compare commits
37 Commits
0fa3d28c1b
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 942da74778 | |||
| 52ea621145 | |||
| f6d37bb1f2 | |||
| 2e2e75fe87 | |||
| 8f508034d5 | |||
| 7108aff54d | |||
| b0a4278699 | |||
| 73c51e514c | |||
| 596a17b252 | |||
| 5ff28fa3d4 | |||
| a672c9efed | |||
| bfe8965c06 | |||
| c72595d396 | |||
| 51b596c7a5 | |||
| e4e2ae3479 | |||
| 808c0d0a22 | |||
| e3938d2351 | |||
| 8a04363b11 | |||
| 1038f40721 | |||
| 4fd90b2497 | |||
| cb74fdef7b | |||
| 0ed6f3824a | |||
| 572dc49bc9 | |||
| 29627a0062 | |||
| 776941b323 | |||
| 5f8834d0d4 | |||
| 854fabd874 | |||
| 000bc0cc36 | |||
| 4d27a256d2 | |||
| 08bfced7ce | |||
| c266be0eba | |||
| 837214f41a | |||
| fa4bf360ff | |||
| 2072dd299d | |||
| af391efa89 | |||
| 8893e85d53 | |||
| 14ecd2fa18 |
@@ -10,8 +10,10 @@ jobs:
|
|||||||
name: Build And Publish Production Image
|
name: Build And Publish Production Image
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
env:
|
env:
|
||||||
REGISTRY: gitea.lab
|
REGISTRY: gitea.lab:80
|
||||||
IMAGE_NAME: sancho41/condado-newsletter
|
IMAGE_NAME: sancho41/condado-newsletter
|
||||||
|
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
|
||||||
|
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
@@ -20,18 +22,159 @@ jobs:
|
|||||||
- name: Verify Docker CLI
|
- name: Verify Docker CLI
|
||||||
run: docker version
|
run: docker version
|
||||||
|
|
||||||
|
- name: Log in to Docker Hub (optional)
|
||||||
|
if: ${{ secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }}
|
||||||
|
run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login docker.io -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
|
||||||
|
|
||||||
- name: Build all-in-one image
|
- name: Build all-in-one image
|
||||||
run: docker build -t condado-newsletter:latest -f Dockerfile.allinone .
|
run: docker build -t sancho41/condado-newsletter:latest -f Dockerfile.allinone .
|
||||||
|
|
||||||
- name: Log in to Gitea container registry
|
- name: Deploy stack via Portainer API
|
||||||
run: echo "${{ secrets.GITEA_REGISTRY_PASSWORD }}" | docker login ${REGISTRY} -u "${{ secrets.GITEA_REGISTRY_USERNAME }}" --password-stdin
|
env:
|
||||||
|
STACK_NAME: codado-newsletter-stack
|
||||||
- name: Tag registry images
|
PORTAINER_URL: http://portainer.lab/
|
||||||
|
PORTAINER_API_KEY: ${{ secrets.PORTAINER_API_KEY }}
|
||||||
|
PORTAINER_ENDPOINT_ID: ${{ secrets.PORTAINER_ENDPOINT_ID }}
|
||||||
run: |
|
run: |
|
||||||
docker tag condado-newsletter:latest ${REGISTRY}/${IMAGE_NAME}:latest
|
set -u
|
||||||
docker tag condado-newsletter:latest ${REGISTRY}/${IMAGE_NAME}:${{ github.sha }}
|
set +e
|
||||||
|
|
||||||
- name: Push registry images
|
PORTAINER_BASE_URL=$(printf '%s' "${PORTAINER_URL}" | sed -E 's/[[:space:]]+$//; s#/*$##')
|
||||||
run: |
|
|
||||||
docker push ${REGISTRY}/${IMAGE_NAME}:latest
|
echo "Portainer deploy debug"
|
||||||
docker push ${REGISTRY}/${IMAGE_NAME}:${{ github.sha }}
|
echo "PORTAINER_URL=${PORTAINER_URL}"
|
||||||
|
echo "PORTAINER_BASE_URL=${PORTAINER_BASE_URL}"
|
||||||
|
echo "STACK_NAME=${STACK_NAME}"
|
||||||
|
echo "PORTAINER_ENDPOINT_ID=${PORTAINER_ENDPOINT_ID}"
|
||||||
|
echo "HTTP_PROXY=${HTTP_PROXY:-<empty>}"
|
||||||
|
echo "HTTPS_PROXY=${HTTPS_PROXY:-<empty>}"
|
||||||
|
echo "NO_PROXY=${NO_PROXY:-<empty>}"
|
||||||
|
|
||||||
|
echo "Current runner network info:"
|
||||||
|
if command -v ip >/dev/null 2>&1; then
|
||||||
|
ip -4 addr show || true
|
||||||
|
ip route || true
|
||||||
|
else
|
||||||
|
hostname -I || true
|
||||||
|
fi
|
||||||
|
|
||||||
|
PORTAINER_HOST=$(printf '%s' "${PORTAINER_BASE_URL}" | sed -E 's#^[a-zA-Z]+://##; s#/.*$##; s/:.*$//')
|
||||||
|
echo "Resolved host target: ${PORTAINER_HOST}"
|
||||||
|
|
||||||
|
PORTAINER_IP=""
|
||||||
|
ACTIVE_PORTAINER_BASE_URL="${PORTAINER_BASE_URL}"
|
||||||
|
|
||||||
|
if command -v getent >/dev/null 2>&1; then
|
||||||
|
echo "Host lookup (getent):"
|
||||||
|
getent hosts "${PORTAINER_HOST}" || true
|
||||||
|
PORTAINER_IP=$(getent hosts "${PORTAINER_HOST}" | awk 'NR==1{print $1}')
|
||||||
|
if [ -n "${PORTAINER_IP}" ]; then
|
||||||
|
PORTAINER_IP_BASE_URL="${PORTAINER_BASE_URL/${PORTAINER_HOST}/${PORTAINER_IP}}"
|
||||||
|
echo "Portainer IP fallback URL: ${PORTAINER_IP_BASE_URL}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
STACKS_BODY=$(mktemp)
|
||||||
|
STACKS_ERR=$(mktemp)
|
||||||
|
|
||||||
|
STACKS_HTTP_CODE=$(curl -sS \
|
||||||
|
--noproxy "*" \
|
||||||
|
-o "${STACKS_BODY}" \
|
||||||
|
-w "%{http_code}" \
|
||||||
|
"${ACTIVE_PORTAINER_BASE_URL}/api/stacks" \
|
||||||
|
-H "X-API-Key: ${PORTAINER_API_KEY}" \
|
||||||
|
2>"${STACKS_ERR}")
|
||||||
|
STACKS_CURL_EXIT=$?
|
||||||
|
|
||||||
|
if [ "${STACKS_CURL_EXIT}" -eq 6 ] && [ -n "${PORTAINER_IP:-}" ]; then
|
||||||
|
echo "Retrying GET /api/stacks with IP fallback due to DNS failure"
|
||||||
|
STACKS_HTTP_CODE=$(curl -sS \
|
||||||
|
--noproxy "*" \
|
||||||
|
-o "${STACKS_BODY}" \
|
||||||
|
-w "%{http_code}" \
|
||||||
|
"${PORTAINER_IP_BASE_URL}/api/stacks" \
|
||||||
|
-H "X-API-Key: ${PORTAINER_API_KEY}" \
|
||||||
|
2>"${STACKS_ERR}")
|
||||||
|
STACKS_CURL_EXIT=$?
|
||||||
|
if [ "${STACKS_CURL_EXIT}" -eq 0 ]; then
|
||||||
|
ACTIVE_PORTAINER_BASE_URL="${PORTAINER_IP_BASE_URL}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "GET /api/stacks curl exit: ${STACKS_CURL_EXIT}"
|
||||||
|
echo "GET /api/stacks http code: ${STACKS_HTTP_CODE}"
|
||||||
|
echo "GET /api/stacks stderr:"
|
||||||
|
cat "${STACKS_ERR}" || true
|
||||||
|
echo "GET /api/stacks response (sanitized):"
|
||||||
|
jq -r '.[] | "Id=\(.Id) Name=\(.Name) EndpointId=\(.EndpointId)"' "${STACKS_BODY}" || true
|
||||||
|
|
||||||
|
if [ "${STACKS_CURL_EXIT}" -ne 0 ]; then
|
||||||
|
echo "Failed to reach Portainer API while listing stacks."
|
||||||
|
exit "${STACKS_CURL_EXIT}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${STACKS_HTTP_CODE}" -lt 200 ] || [ "${STACKS_HTTP_CODE}" -ge 300 ]; then
|
||||||
|
echo "Portainer returned a non-success status for stack listing."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
STACK_ID=$(jq -r --arg stack_name "${STACK_NAME}" '.[] | select(.Name == $stack_name) | .Id' "${STACKS_BODY}" | head -n 1)
|
||||||
|
|
||||||
|
APPLY_BODY=$(mktemp)
|
||||||
|
APPLY_ERR=$(mktemp)
|
||||||
|
|
||||||
|
if [ -n "${STACK_ID}" ]; then
|
||||||
|
echo "Existing stack found with id=${STACK_ID}; sending update request"
|
||||||
|
|
||||||
|
PAYLOAD=$(jq -n \
|
||||||
|
--rawfile stack_file docker-compose.prod.yml \
|
||||||
|
'{StackFileContent: $stack_file, Env: [], Prune: false, PullImage: false}')
|
||||||
|
|
||||||
|
APPLY_HTTP_CODE=$(curl -sS -X PUT \
|
||||||
|
--noproxy "*" \
|
||||||
|
-o "${APPLY_BODY}" \
|
||||||
|
-w "%{http_code}" \
|
||||||
|
"${ACTIVE_PORTAINER_BASE_URL}/api/stacks/${STACK_ID}?endpointId=${PORTAINER_ENDPOINT_ID}" \
|
||||||
|
-H "X-API-Key: ${PORTAINER_API_KEY}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-d "${PAYLOAD}" \
|
||||||
|
2>"${APPLY_ERR}")
|
||||||
|
APPLY_CURL_EXIT=$?
|
||||||
|
else
|
||||||
|
echo "Stack not found; sending create request"
|
||||||
|
|
||||||
|
PAYLOAD=$(jq -n \
|
||||||
|
--arg name "${STACK_NAME}" \
|
||||||
|
--rawfile stack_file docker-compose.prod.yml \
|
||||||
|
'{Name: $name, StackFileContent: $stack_file, Env: [], FromAppTemplate: false}')
|
||||||
|
|
||||||
|
APPLY_HTTP_CODE=$(curl -sS -X POST \
|
||||||
|
--noproxy "*" \
|
||||||
|
-o "${APPLY_BODY}" \
|
||||||
|
-w "%{http_code}" \
|
||||||
|
"${ACTIVE_PORTAINER_BASE_URL}/api/stacks/create/standalone/string?endpointId=${PORTAINER_ENDPOINT_ID}" \
|
||||||
|
-H "X-API-Key: ${PORTAINER_API_KEY}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-d "${PAYLOAD}" \
|
||||||
|
2>"${APPLY_ERR}")
|
||||||
|
APPLY_CURL_EXIT=$?
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Apply curl exit: ${APPLY_CURL_EXIT}"
|
||||||
|
echo "Apply http code: ${APPLY_HTTP_CODE}"
|
||||||
|
echo "Apply stderr:"
|
||||||
|
cat "${APPLY_ERR}" || true
|
||||||
|
echo "Apply response body:"
|
||||||
|
cat "${APPLY_BODY}" || true
|
||||||
|
|
||||||
|
if [ "${APPLY_CURL_EXIT}" -ne 0 ]; then
|
||||||
|
echo "Failed to reach Portainer API while applying stack changes."
|
||||||
|
exit "${APPLY_CURL_EXIT}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${APPLY_HTTP_CODE}" -lt 200 ] || [ "${APPLY_HTTP_CODE}" -ge 300 ]; then
|
||||||
|
echo "Portainer returned a non-success status while applying stack changes."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Portainer deploy step completed successfully"
|
||||||
|
|||||||
57
.github/workflows/ci.yml
vendored
57
.github/workflows/ci.yml
vendored
@@ -1,57 +0,0 @@
|
|||||||
name: CI
|
|
||||||
|
|
||||||
on:
|
|
||||||
pull_request:
|
|
||||||
branches: ["develop"]
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
backend-test:
|
|
||||||
name: Backend Tests
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
defaults:
|
|
||||||
run:
|
|
||||||
working-directory: backend
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Set up JDK 21
|
|
||||||
uses: actions/setup-java@v4
|
|
||||||
with:
|
|
||||||
java-version: "21"
|
|
||||||
distribution: temurin
|
|
||||||
cache: gradle
|
|
||||||
|
|
||||||
- name: Make Gradle wrapper executable
|
|
||||||
run: chmod +x gradlew
|
|
||||||
|
|
||||||
- name: Run tests
|
|
||||||
run: ./gradlew test --no-daemon
|
|
||||||
|
|
||||||
- name: Upload test results
|
|
||||||
if: always()
|
|
||||||
uses: actions/upload-artifact@v4
|
|
||||||
with:
|
|
||||||
name: backend-test-results
|
|
||||||
path: backend/build/reports/tests/
|
|
||||||
|
|
||||||
frontend-test:
|
|
||||||
name: Frontend Tests
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
defaults:
|
|
||||||
run:
|
|
||||||
working-directory: frontend
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Set up Node 20
|
|
||||||
uses: actions/setup-node@v4
|
|
||||||
with:
|
|
||||||
node-version: "20"
|
|
||||||
cache: npm
|
|
||||||
cache-dependency-path: frontend/package-lock.json
|
|
||||||
|
|
||||||
- name: Install dependencies
|
|
||||||
run: npm ci
|
|
||||||
|
|
||||||
- name: Run tests
|
|
||||||
run: npm run test
|
|
||||||
@@ -29,14 +29,10 @@ ENV DEBIAN_FRONTEND=noninteractive
|
|||||||
|
|
||||||
RUN apt-get update && apt-get install -y \
|
RUN apt-get update && apt-get install -y \
|
||||||
nginx \
|
nginx \
|
||||||
postgresql \
|
|
||||||
supervisor \
|
supervisor \
|
||||||
openjdk-21-jre-headless \
|
openjdk-21-jre-headless \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
# PostgreSQL data directory
|
|
||||||
RUN mkdir -p /var/lib/postgresql/data && chown -R postgres:postgres /var/lib/postgresql
|
|
||||||
|
|
||||||
# Copy frontend static files
|
# Copy frontend static files
|
||||||
COPY --from=frontend-build /app/frontend/dist /usr/share/nginx/html
|
COPY --from=frontend-build /app/frontend/dist /usr/share/nginx/html
|
||||||
|
|
||||||
|
|||||||
1020
INSTRUCTIONS.md
1020
INSTRUCTIONS.md
File diff suppressed because it is too large
Load Diff
@@ -14,8 +14,10 @@ import java.util.Date
|
|||||||
@Service
|
@Service
|
||||||
class JwtService(
|
class JwtService(
|
||||||
@Value("\${app.jwt.secret}") val secret: String,
|
@Value("\${app.jwt.secret}") val secret: String,
|
||||||
@Value("\${app.jwt.expiration-ms}") val expirationMs: Long
|
@Value("\${app.jwt.expiration-ms:86400000}") expirationMsRaw: String
|
||||||
) {
|
) {
|
||||||
|
private val expirationMs: Long = expirationMsRaw.toLongOrNull() ?: 86400000L
|
||||||
|
|
||||||
private val signingKey by lazy {
|
private val signingKey by lazy {
|
||||||
Keys.hmacShaKeyFor(secret.toByteArray(Charsets.UTF_8))
|
Keys.hmacShaKeyFor(secret.toByteArray(Charsets.UTF_8))
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ spring:
|
|||||||
|
|
||||||
jpa:
|
jpa:
|
||||||
hibernate:
|
hibernate:
|
||||||
ddl-auto: validate
|
ddl-auto: ${SPRING_JPA_HIBERNATE_DDL_AUTO:validate}
|
||||||
show-sql: false
|
show-sql: false
|
||||||
properties:
|
properties:
|
||||||
hibernate:
|
hibernate:
|
||||||
|
|||||||
@@ -40,7 +40,7 @@ class AuthServiceTest {
|
|||||||
fun should_returnValidClaims_when_jwtTokenParsed() {
|
fun should_returnValidClaims_when_jwtTokenParsed() {
|
||||||
val realJwtService = JwtService(
|
val realJwtService = JwtService(
|
||||||
secret = "test-secret-key-for-testing-only-must-be-at-least-32-characters",
|
secret = "test-secret-key-for-testing-only-must-be-at-least-32-characters",
|
||||||
expirationMs = 86400000L
|
expirationMsRaw = "86400000"
|
||||||
)
|
)
|
||||||
val token = realJwtService.generateToken()
|
val token = realJwtService.generateToken()
|
||||||
|
|
||||||
@@ -51,7 +51,7 @@ class AuthServiceTest {
|
|||||||
fun should_returnFalse_when_expiredTokenValidated() {
|
fun should_returnFalse_when_expiredTokenValidated() {
|
||||||
val realJwtService = JwtService(
|
val realJwtService = JwtService(
|
||||||
secret = "test-secret-key-for-testing-only-must-be-at-least-32-characters",
|
secret = "test-secret-key-for-testing-only-must-be-at-least-32-characters",
|
||||||
expirationMs = 1L
|
expirationMsRaw = "1"
|
||||||
)
|
)
|
||||||
val token = realJwtService.generateToken()
|
val token = realJwtService.generateToken()
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,26 @@
|
|||||||
|
package com.condado.newsletter.service
|
||||||
|
|
||||||
|
import io.jsonwebtoken.Jwts
|
||||||
|
import io.jsonwebtoken.security.Keys
|
||||||
|
import org.junit.jupiter.api.Assertions.assertTrue
|
||||||
|
import org.junit.jupiter.api.Test
|
||||||
|
|
||||||
|
class JwtServiceTest {
|
||||||
|
|
||||||
|
private val secret = "12345678901234567890123456789012"
|
||||||
|
|
||||||
|
@Test
|
||||||
|
fun should_generate_token_when_expiration_is_empty() {
|
||||||
|
val jwtService = JwtService(secret, "")
|
||||||
|
|
||||||
|
val token = jwtService.generateToken()
|
||||||
|
|
||||||
|
val claims = Jwts.parser()
|
||||||
|
.verifyWith(Keys.hmacShaKeyFor(secret.toByteArray(Charsets.UTF_8)))
|
||||||
|
.build()
|
||||||
|
.parseSignedClaims(token)
|
||||||
|
.payload
|
||||||
|
|
||||||
|
assertTrue(claims.expiration.after(claims.issuedAt))
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -1,15 +1,36 @@
|
|||||||
services:
|
services:
|
||||||
condado-newsletter:
|
condado-newsletter-postgress:
|
||||||
image: gitea.lab/sancho41/condado-newsletter:latest
|
image: postgres:16
|
||||||
container_name: condado-newsletter
|
container_name: condado-newsletter-postgress
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
environment:
|
||||||
|
POSTGRES_DB: ${APP_DB_NAME:-condado}
|
||||||
|
POSTGRES_USER: ${SPRING_DATASOURCE_USERNAME}
|
||||||
|
POSTGRES_PASSWORD: ${SPRING_DATASOURCE_PASSWORD}
|
||||||
|
volumes:
|
||||||
|
- postgres-data:/var/lib/postgresql/data
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready -U ${SPRING_DATASOURCE_USERNAME} -d ${APP_DB_NAME:-condado}"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 10
|
||||||
|
|
||||||
|
condado-newsletter:
|
||||||
|
image: sancho41/condado-newsletter:latest
|
||||||
|
container_name: condado-newsletter
|
||||||
|
restart: unless-stopped
|
||||||
|
depends_on:
|
||||||
|
condado-newsletter-postgress:
|
||||||
|
condition: service_healthy
|
||||||
environment:
|
environment:
|
||||||
SPRING_PROFILES_ACTIVE: prod
|
SPRING_PROFILES_ACTIVE: prod
|
||||||
|
SPRING_JPA_HIBERNATE_DDL_AUTO: ${SPRING_JPA_HIBERNATE_DDL_AUTO:-update}
|
||||||
|
SPRING_DATASOURCE_URL: jdbc:postgresql://condado-newsletter-postgress:5432/${APP_DB_NAME:-condado}
|
||||||
SPRING_DATASOURCE_USERNAME: ${SPRING_DATASOURCE_USERNAME}
|
SPRING_DATASOURCE_USERNAME: ${SPRING_DATASOURCE_USERNAME}
|
||||||
SPRING_DATASOURCE_PASSWORD: ${SPRING_DATASOURCE_PASSWORD}
|
SPRING_DATASOURCE_PASSWORD: ${SPRING_DATASOURCE_PASSWORD}
|
||||||
APP_PASSWORD: ${APP_PASSWORD}
|
APP_PASSWORD: ${APP_PASSWORD}
|
||||||
JWT_SECRET: ${JWT_SECRET}
|
JWT_SECRET: ${JWT_SECRET}
|
||||||
JWT_EXPIRATION_MS: ${JWT_EXPIRATION_MS}
|
JWT_EXPIRATION_MS: ${JWT_EXPIRATION_MS:-86400000}
|
||||||
MAIL_HOST: ${MAIL_HOST}
|
MAIL_HOST: ${MAIL_HOST}
|
||||||
MAIL_PORT: ${MAIL_PORT}
|
MAIL_PORT: ${MAIL_PORT}
|
||||||
MAIL_USERNAME: ${MAIL_USERNAME}
|
MAIL_USERNAME: ${MAIL_USERNAME}
|
||||||
@@ -25,8 +46,6 @@ services:
|
|||||||
extra_hosts:
|
extra_hosts:
|
||||||
- "celtinha.desktop:host-gateway"
|
- "celtinha.desktop:host-gateway"
|
||||||
- "host.docker.internal:host-gateway"
|
- "host.docker.internal:host-gateway"
|
||||||
volumes:
|
|
||||||
- postgres-data:/var/lib/postgresql/data
|
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.condado.rule=Host(`condado-newsletter.lab`)"
|
- "traefik.http.routers.condado.rule=Host(`condado-newsletter.lab`)"
|
||||||
@@ -34,8 +53,8 @@ services:
|
|||||||
- "homepage.group=Hyperlink"
|
- "homepage.group=Hyperlink"
|
||||||
- "homepage.name=Condado Newsletter"
|
- "homepage.name=Condado Newsletter"
|
||||||
- "homepage.description=Automated newsletter generator using AI"
|
- "homepage.description=Automated newsletter generator using AI"
|
||||||
- "homepage.logo=https://raw.githubusercontent.com/celtinha/condado-newsletter/main/docs/logo.png"
|
- "homepage.logo=claude-dark.png"
|
||||||
- "homepage.url=http://condado-newsletter.lab"
|
- "homepage.href=http://condado-newsletter.lab"
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
postgres-data:
|
postgres-data:
|
||||||
|
|||||||
@@ -4,14 +4,13 @@ services:
|
|||||||
postgres:
|
postgres:
|
||||||
image: postgres:16-alpine
|
image: postgres:16-alpine
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
container_name: condado-newsletter-postgres
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_DB: condado
|
POSTGRES_DB: condado
|
||||||
POSTGRES_USER: ${SPRING_DATASOURCE_USERNAME}
|
POSTGRES_USER: ${SPRING_DATASOURCE_USERNAME}
|
||||||
POSTGRES_PASSWORD: ${SPRING_DATASOURCE_PASSWORD}
|
POSTGRES_PASSWORD: ${SPRING_DATASOURCE_PASSWORD}
|
||||||
volumes:
|
volumes:
|
||||||
- postgres-data:/var/lib/postgresql/data
|
- postgres-data:/var/lib/postgresql/data
|
||||||
networks:
|
|
||||||
- condado-net
|
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "pg_isready -U ${SPRING_DATASOURCE_USERNAME} -d condado"]
|
test: ["CMD-SHELL", "pg_isready -U ${SPRING_DATASOURCE_USERNAME} -d condado"]
|
||||||
interval: 10s
|
interval: 10s
|
||||||
@@ -20,6 +19,7 @@ services:
|
|||||||
|
|
||||||
# ── Backend (Spring Boot) ────────────────────────────────────────────────────
|
# ── Backend (Spring Boot) ────────────────────────────────────────────────────
|
||||||
backend:
|
backend:
|
||||||
|
container_name: condado-newsletter-backend
|
||||||
build:
|
build:
|
||||||
context: ./backend
|
context: ./backend
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
@@ -29,7 +29,7 @@ services:
|
|||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
environment:
|
environment:
|
||||||
SPRING_PROFILES_ACTIVE: dev
|
SPRING_PROFILES_ACTIVE: dev
|
||||||
SPRING_DATASOURCE_URL: ${SPRING_DATASOURCE_URL}
|
SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/condado
|
||||||
SPRING_DATASOURCE_USERNAME: ${SPRING_DATASOURCE_USERNAME}
|
SPRING_DATASOURCE_USERNAME: ${SPRING_DATASOURCE_USERNAME}
|
||||||
SPRING_DATASOURCE_PASSWORD: ${SPRING_DATASOURCE_PASSWORD}
|
SPRING_DATASOURCE_PASSWORD: ${SPRING_DATASOURCE_PASSWORD}
|
||||||
APP_PASSWORD: ${APP_PASSWORD}
|
APP_PASSWORD: ${APP_PASSWORD}
|
||||||
@@ -50,36 +50,42 @@ services:
|
|||||||
extra_hosts:
|
extra_hosts:
|
||||||
- "celtinha.desktop:host-gateway"
|
- "celtinha.desktop:host-gateway"
|
||||||
- "host.docker.internal:host-gateway"
|
- "host.docker.internal:host-gateway"
|
||||||
networks:
|
|
||||||
- condado-net
|
|
||||||
|
|
||||||
# ── Frontend + Nginx ─────────────────────────────────────────────────────────
|
# ── Frontend + Nginx ─────────────────────────────────────────────────────────
|
||||||
nginx:
|
nginx:
|
||||||
|
container_name: condado-newsletter-frontend
|
||||||
build:
|
build:
|
||||||
context: ./frontend
|
context: ./frontend
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
args:
|
args:
|
||||||
VITE_API_BASE_URL: ${VITE_API_BASE_URL}
|
VITE_API_BASE_URL: ${VITE_API_BASE_URL}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
ports:
|
|
||||||
- "80:80"
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- backend
|
- backend
|
||||||
networks:
|
networks:
|
||||||
- condado-net
|
- traefik
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.routers.condado.rule=Host(`condado-newsletter.lab`)"
|
||||||
|
- "traefik.http.services.condado.loadbalancer.server.port=80"
|
||||||
|
- "homepage.group=Hyperlink"
|
||||||
|
- "homepage.name=Condado Newsletter"
|
||||||
|
- "homepage.description=Automated newsletter generator using AI"
|
||||||
|
- "homepage.logo=claude-dark.png"
|
||||||
|
- "homepage.href=http://condado-newsletter.lab"
|
||||||
|
|
||||||
# ── Mailhog (DEV ONLY — SMTP trap) ───────────────────────────────────────────
|
# ── Mailhog (DEV ONLY — SMTP trap) ───────────────────────────────────────────
|
||||||
mailhog:
|
mailhog:
|
||||||
|
container_name: condado-newsletter-mailhog
|
||||||
image: mailhog/mailhog:latest
|
image: mailhog/mailhog:latest
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
ports:
|
ports:
|
||||||
- "8025:8025"
|
- "8025:8025"
|
||||||
networks:
|
|
||||||
- condado-net
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
postgres-data:
|
postgres-data:
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
condado-net:
|
traefik:
|
||||||
driver: bridge
|
external: true
|
||||||
|
name: traefik
|
||||||
|
|||||||
@@ -5,28 +5,29 @@ APP_DB_NAME=${APP_DB_NAME:-condado}
|
|||||||
APP_DB_USER=${SPRING_DATASOURCE_USERNAME:-condado}
|
APP_DB_USER=${SPRING_DATASOURCE_USERNAME:-condado}
|
||||||
APP_DB_PASSWORD=${SPRING_DATASOURCE_PASSWORD:-condado}
|
APP_DB_PASSWORD=${SPRING_DATASOURCE_PASSWORD:-condado}
|
||||||
|
|
||||||
# ── Initialise PostgreSQL data directory on first run ─────────────────────────
|
|
||||||
if [ ! -f /var/lib/postgresql/data/PG_VERSION ]; then
|
|
||||||
echo "Initialising PostgreSQL data directory..."
|
|
||||||
su -c "/usr/lib/postgresql/16/bin/initdb -D /var/lib/postgresql/data --encoding=UTF8 --locale=C" postgres
|
|
||||||
|
|
||||||
# Start postgres temporarily to create the app database and user
|
|
||||||
su -c "/usr/lib/postgresql/16/bin/pg_ctl -D /var/lib/postgresql/data -w start" postgres
|
|
||||||
|
|
||||||
su -c "psql -v ON_ERROR_STOP=1 -c \"CREATE USER ${APP_DB_USER} WITH PASSWORD '${APP_DB_PASSWORD}';\"" postgres
|
|
||||||
su -c "psql -v ON_ERROR_STOP=1 -c \"CREATE DATABASE ${APP_DB_NAME} OWNER ${APP_DB_USER};\"" postgres
|
|
||||||
|
|
||||||
su -c "/usr/lib/postgresql/16/bin/pg_ctl -D /var/lib/postgresql/data -w stop" postgres
|
|
||||||
echo "PostgreSQL initialised."
|
|
||||||
fi
|
|
||||||
|
|
||||||
# ── Ensure supervisor log directory exists ────────────────────────────────────
|
# ── Ensure supervisor log directory exists ────────────────────────────────────
|
||||||
mkdir -p /var/log/supervisor
|
mkdir -p /var/log/supervisor
|
||||||
|
|
||||||
# ── Defaults for all-in-one local PostgreSQL ─────────────────────────────────
|
# ── Defaults for external PostgreSQL service in production compose ───────────
|
||||||
export SPRING_DATASOURCE_URL=${SPRING_DATASOURCE_URL:-jdbc:postgresql://localhost:5432/${APP_DB_NAME}}
|
export SPRING_DATASOURCE_URL=${SPRING_DATASOURCE_URL:-jdbc:postgresql://condado-newsletter-postgress:5432/${APP_DB_NAME}}
|
||||||
export SPRING_DATASOURCE_USERNAME=${SPRING_DATASOURCE_USERNAME:-${APP_DB_USER}}
|
export SPRING_DATASOURCE_USERNAME=${SPRING_DATASOURCE_USERNAME:-${APP_DB_USER}}
|
||||||
export SPRING_DATASOURCE_PASSWORD=${SPRING_DATASOURCE_PASSWORD:-${APP_DB_PASSWORD}}
|
export SPRING_DATASOURCE_PASSWORD=${SPRING_DATASOURCE_PASSWORD:-${APP_DB_PASSWORD}}
|
||||||
|
export JWT_EXPIRATION_MS=${JWT_EXPIRATION_MS:-86400000}
|
||||||
|
|
||||||
|
# ── Log all Spring Boot environment variables for debugging ──────────────────
|
||||||
|
echo "========================================"
|
||||||
|
echo "Spring Boot Configuration:"
|
||||||
|
echo "========================================"
|
||||||
|
echo "SPRING_DATASOURCE_URL=${SPRING_DATASOURCE_URL}"
|
||||||
|
echo "SPRING_DATASOURCE_USERNAME=${SPRING_DATASOURCE_USERNAME}"
|
||||||
|
echo "SPRING_DATASOURCE_PASSWORD=${SPRING_DATASOURCE_PASSWORD}"
|
||||||
|
echo "JWT_EXPIRATION_MS=${JWT_EXPIRATION_MS}"
|
||||||
|
echo "JAVA_OPTS=${JAVA_OPTS:-not set}"
|
||||||
|
echo "OPENAI_API_KEY=${OPENAI_API_KEY:-not set}"
|
||||||
|
echo "========================================"
|
||||||
|
|
||||||
# ── Start all services via supervisord ───────────────────────────────────────
|
# ── Start all services via supervisord ───────────────────────────────────────
|
||||||
|
# Export unbuffered output for both Python and Java
|
||||||
|
export PYTHONUNBUFFERED=1
|
||||||
|
export JAVA_OPTS="${JAVA_OPTS} -Dfile.encoding=UTF-8 -Djava.awt.headless=true"
|
||||||
exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
|
exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
|
||||||
|
|||||||
@@ -1,27 +1,26 @@
|
|||||||
[supervisord]
|
[supervisord]
|
||||||
nodaemon=true
|
nodaemon=true
|
||||||
logfile=/var/log/supervisor/supervisord.log
|
silent=false
|
||||||
|
logfile=/dev/stdout
|
||||||
|
logfile_maxbytes=0
|
||||||
pidfile=/var/run/supervisord.pid
|
pidfile=/var/run/supervisord.pid
|
||||||
|
loglevel=info
|
||||||
[program:postgres]
|
|
||||||
command=/usr/lib/postgresql/16/bin/postgres -D /var/lib/postgresql/data
|
|
||||||
user=postgres
|
|
||||||
autostart=true
|
|
||||||
autorestart=true
|
|
||||||
stdout_logfile=/var/log/supervisor/postgres.log
|
|
||||||
stderr_logfile=/var/log/supervisor/postgres.err.log
|
|
||||||
|
|
||||||
[program:backend]
|
[program:backend]
|
||||||
command=java -jar /app/app.jar
|
command=java -Dspring.output.ansi.enabled=always -Dlogging.level.root=DEBUG -jar /app/app.jar
|
||||||
autostart=true
|
autostart=true
|
||||||
autorestart=true
|
autorestart=true
|
||||||
startsecs=15
|
startsecs=15
|
||||||
stdout_logfile=/var/log/supervisor/backend.log
|
stdout_logfile=/dev/stdout
|
||||||
stderr_logfile=/var/log/supervisor/backend.err.log
|
stdout_logfile_maxbytes=0
|
||||||
|
stderr_logfile=/dev/stderr
|
||||||
|
stderr_logfile_maxbytes=0
|
||||||
|
|
||||||
[program:nginx]
|
[program:nginx]
|
||||||
command=/usr/sbin/nginx -g "daemon off;"
|
command=/usr/sbin/nginx -g "daemon off;"
|
||||||
autostart=true
|
autostart=true
|
||||||
autorestart=true
|
autorestart=true
|
||||||
stdout_logfile=/var/log/supervisor/nginx.log
|
stdout_logfile=/dev/stdout
|
||||||
stderr_logfile=/var/log/supervisor/nginx.err.log
|
stdout_logfile_maxbytes=0
|
||||||
|
stderr_logfile=/dev/stderr
|
||||||
|
stderr_logfile_maxbytes=0
|
||||||
|
|||||||
@@ -15,6 +15,9 @@ http {
|
|||||||
gzip_types text/plain text/css application/json application/javascript
|
gzip_types text/plain text/css application/json application/javascript
|
||||||
text/xml application/xml application/xml+rss text/javascript;
|
text/xml application/xml application/xml+rss text/javascript;
|
||||||
|
|
||||||
|
access_log /dev/stdout;
|
||||||
|
error_log /dev/stderr;
|
||||||
|
|
||||||
server {
|
server {
|
||||||
listen 80;
|
listen 80;
|
||||||
server_name _;
|
server_name _;
|
||||||
|
|||||||
Reference in New Issue
Block a user