Initial commit: ROA2WEB - FastAPI + Vue.js + Telegram Bot
Modern ERP Reports Application with microservices architecture Tech Stack: - Backend: FastAPI + python-oracledb (Oracle DB integration) - Frontend: Vue.js 3 + PrimeVue + Vite - Telegram Bot: python-telegram-bot + SQLite - Infrastructure: Shared database pool, JWT authentication, SSH tunnel Features: - FastAPI backend with async Oracle connection pool - Vue.js 3 responsive frontend with PrimeVue components - Telegram bot alternative interface - Microservices architecture with shared components - Complete deployment support (Linux Docker + Windows IIS) - Comprehensive testing (Playwright E2E + pytest) Repository Structure: - reports-app/ - Main application (backend, frontend, telegram-bot) - shared/ - Shared components (database pool, auth, utils) - deployment/ - Deployment scripts (Linux & Windows) - docs/ - Project documentation - security/ - Security scanning and git hooks
This commit is contained in:
157
docker-compose.production.yml
Normal file
157
docker-compose.production.yml
Normal file
@@ -0,0 +1,157 @@
|
||||
# ROA2WEB Docker Compose - Production Configuration
|
||||
# Use this file for production deployment: docker-compose -f docker-compose.yml -f docker-compose.production.yml up
|
||||
|
||||
version: '3.8'
|
||||
|
||||
services:
|
||||
# Backend production configuration
|
||||
roa-backend:
|
||||
deploy:
|
||||
replicas: 1
|
||||
resources:
|
||||
limits:
|
||||
cpus: '1.0'
|
||||
memory: 1G
|
||||
reservations:
|
||||
cpus: '0.5'
|
||||
memory: 512M
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
delay: 10s
|
||||
max_attempts: 3
|
||||
environment:
|
||||
- DEBUG=false
|
||||
- ENVIRONMENT=production
|
||||
- WORKERS=4
|
||||
- ORACLE_PASSWORD_FILE=/run/secrets/oracle_password
|
||||
- JWT_SECRET_KEY_FILE=/run/secrets/jwt_secret_key
|
||||
command: ["python", "-m", "uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "4"]
|
||||
logging:
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "100m"
|
||||
max-file: "5"
|
||||
secrets:
|
||||
- oracle_password
|
||||
- jwt_secret_key
|
||||
depends_on:
|
||||
- roa-redis # Only Redis dependency in production
|
||||
|
||||
# Frontend production configuration
|
||||
roa-frontend:
|
||||
deploy:
|
||||
replicas: 1
|
||||
resources:
|
||||
limits:
|
||||
cpus: '0.5'
|
||||
memory: 256M
|
||||
reservations:
|
||||
cpus: '0.25'
|
||||
memory: 128M
|
||||
environment:
|
||||
- NODE_ENV=production
|
||||
logging:
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "50m"
|
||||
max-file: "3"
|
||||
|
||||
# Gateway production configuration with SSL
|
||||
roa-gateway:
|
||||
deploy:
|
||||
replicas: 1
|
||||
resources:
|
||||
limits:
|
||||
cpus: '0.5'
|
||||
memory: 512M
|
||||
reservations:
|
||||
cpus: '0.25'
|
||||
memory: 256M
|
||||
environment:
|
||||
- ENVIRONMENT=production
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
volumes:
|
||||
- ssl-certs:/etc/letsencrypt
|
||||
- nginx-logs:/var/log/nginx
|
||||
- ./nginx/ssl:/etc/nginx/ssl:ro
|
||||
logging:
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "100m"
|
||||
max-file: "5"
|
||||
|
||||
# SSH Tunnel is disabled in production
|
||||
roa-ssh-tunnel:
|
||||
deploy:
|
||||
replicas: 0 # Disable SSH tunnel in production
|
||||
|
||||
# Redis production configuration
|
||||
roa-redis:
|
||||
deploy:
|
||||
replicas: 1
|
||||
resources:
|
||||
limits:
|
||||
cpus: '0.25'
|
||||
memory: 256M
|
||||
reservations:
|
||||
cpus: '0.1'
|
||||
memory: 128M
|
||||
command: redis-server --appendonly yes --requirepass_file /run/secrets/redis_password --maxmemory 128mb --maxmemory-policy allkeys-lru
|
||||
secrets:
|
||||
- redis_password
|
||||
logging:
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "50m"
|
||||
max-file: "3"
|
||||
|
||||
# SSL Certificate Management (Let's Encrypt)
|
||||
certbot:
|
||||
image: certbot/certbot:latest
|
||||
container_name: roa-certbot
|
||||
volumes:
|
||||
- ssl-certs:/etc/letsencrypt
|
||||
- ./nginx/html:/var/www/certbot
|
||||
command: certonly --webroot --webroot-path=/var/www/certbot --email ${SSL_EMAIL} --agree-tos --no-eff-email --keep-until-expiring -d ${DOMAIN}
|
||||
depends_on:
|
||||
- roa-gateway
|
||||
|
||||
# Monitoring and logging (optional)
|
||||
# Uncomment if you want to add monitoring
|
||||
# prometheus:
|
||||
# image: prom/prometheus:latest
|
||||
# container_name: roa-prometheus
|
||||
# ports:
|
||||
# - "9090:9090"
|
||||
# volumes:
|
||||
# - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
|
||||
# networks:
|
||||
# - roa-network
|
||||
|
||||
# grafana:
|
||||
# image: grafana/grafana:latest
|
||||
# container_name: roa-grafana
|
||||
# ports:
|
||||
# - "3001:3000"
|
||||
# environment:
|
||||
# - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD:-admin}
|
||||
# volumes:
|
||||
# - grafana-data:/var/lib/grafana
|
||||
# networks:
|
||||
# - roa-network
|
||||
|
||||
# Production secrets management
|
||||
secrets:
|
||||
oracle_password:
|
||||
file: ./secrets/oracle_password.txt
|
||||
jwt_secret_key:
|
||||
file: ./secrets/jwt_secret_key.txt
|
||||
redis_password:
|
||||
file: ./secrets/redis_password.txt
|
||||
|
||||
# Additional volumes for production
|
||||
# volumes:
|
||||
# grafana-data:
|
||||
# driver: local
|
||||
Reference in New Issue
Block a user