Initial commit: ROA2WEB - FastAPI + Vue.js + Telegram Bot

Modern ERP Reports Application with microservices architecture

Tech Stack:
- Backend: FastAPI + python-oracledb (Oracle DB integration)
- Frontend: Vue.js 3 + PrimeVue + Vite
- Telegram Bot: python-telegram-bot + SQLite
- Infrastructure: Shared database pool, JWT authentication, SSH tunnel

Features:
- FastAPI backend with async Oracle connection pool
- Vue.js 3 responsive frontend with PrimeVue components
- Telegram bot alternative interface
- Microservices architecture with shared components
- Complete deployment support (Linux Docker + Windows IIS)
- Comprehensive testing (Playwright E2E + pytest)

Repository Structure:
- reports-app/ - Main application (backend, frontend, telegram-bot)
- shared/ - Shared components (database pool, auth, utils)
- deployment/ - Deployment scripts (Linux & Windows)
- docs/ - Project documentation
- security/ - Security scanning and git hooks

docker-compose.production.yml

@@ -0,0 +1,157 @@
+# ROA2WEB Docker Compose - Production Configuration
+# Use this file for production deployment: docker-compose -f docker-compose.yml -f docker-compose.production.yml up
+
+version: '3.8'
+
+services:
+  # Backend production configuration
+  roa-backend:
+    deploy:
+      replicas: 1
+      resources:
+        limits:
+          cpus: '1.0'
+          memory: 1G
+        reservations:
+          cpus: '0.5'
+          memory: 512M
+      restart_policy:
+        condition: on-failure
+        delay: 10s
+        max_attempts: 3
+    environment:
+      - DEBUG=false
+      - ENVIRONMENT=production
+      - WORKERS=4
+      - ORACLE_PASSWORD_FILE=/run/secrets/oracle_password
+      - JWT_SECRET_KEY_FILE=/run/secrets/jwt_secret_key
+    command: ["python", "-m", "uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "4"]
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "100m"
+        max-file: "5"
+    secrets:
+      - oracle_password
+      - jwt_secret_key
+    depends_on:
+      - roa-redis  # Only Redis dependency in production
+
+  # Frontend production configuration
+  roa-frontend:
+    deploy:
+      replicas: 1
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 256M
+        reservations:
+          cpus: '0.25'
+          memory: 128M
+    environment:
+      - NODE_ENV=production
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "50m"
+        max-file: "3"
+
+  # Gateway production configuration with SSL
+  roa-gateway:
+    deploy:
+      replicas: 1
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 512M
+        reservations:
+          cpus: '0.25'
+          memory: 256M
+    environment:
+      - ENVIRONMENT=production
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ssl-certs:/etc/letsencrypt
+      - nginx-logs:/var/log/nginx
+      - ./nginx/ssl:/etc/nginx/ssl:ro
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "100m"
+        max-file: "5"
+
+  # SSH Tunnel is disabled in production
+  roa-ssh-tunnel:
+    deploy:
+      replicas: 0  # Disable SSH tunnel in production
+
+  # Redis production configuration
+  roa-redis:
+    deploy:
+      replicas: 1
+      resources:
+        limits:
+          cpus: '0.25'
+          memory: 256M
+        reservations:
+          cpus: '0.1'
+          memory: 128M
+    command: redis-server --appendonly yes --requirepass_file /run/secrets/redis_password --maxmemory 128mb --maxmemory-policy allkeys-lru
+    secrets:
+      - redis_password
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "50m"
+        max-file: "3"
+
+  # SSL Certificate Management (Let's Encrypt)
+  certbot:
+    image: certbot/certbot:latest
+    container_name: roa-certbot
+    volumes:
+      - ssl-certs:/etc/letsencrypt
+      - ./nginx/html:/var/www/certbot
+    command: certonly --webroot --webroot-path=/var/www/certbot --email ${SSL_EMAIL} --agree-tos --no-eff-email --keep-until-expiring -d ${DOMAIN}
+    depends_on:
+      - roa-gateway
+
+  # Monitoring and logging (optional)
+  # Uncomment if you want to add monitoring
+  # prometheus:
+  #   image: prom/prometheus:latest
+  #   container_name: roa-prometheus
+  #   ports:
+  #     - "9090:9090"
+  #   volumes:
+  #     - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
+  #   networks:
+  #     - roa-network
+
+  # grafana:
+  #   image: grafana/grafana:latest
+  #   container_name: roa-grafana
+  #   ports:
+  #     - "3001:3000"
+  #   environment:
+  #     - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD:-admin}
+  #   volumes:
+  #     - grafana-data:/var/lib/grafana
+  #   networks:
+  #     - roa-network
+
+# Production secrets management
+secrets:
+  oracle_password:
+    file: ./secrets/oracle_password.txt
+  jwt_secret_key:
+    file: ./secrets/jwt_secret_key.txt
+  redis_password:
+    file: ./secrets/redis_password.txt
+
+# Additional volumes for production
+# volumes:
+#   grafana-data:
+#     driver: local