Initial commit: Open sourcing all of the Maple Open Technologies code.

2025-12-02 14:33:08 -05:00 · 2025-12-02 14:33:08 -05:00 · 755d54a99d
commit 755d54a99d
2010 changed files with 448675 additions and 0 deletions
--- a/cloud/infrastructure/production/setup/templates/backend-stack.yml
+++ b/cloud/infrastructure/production/setup/templates/backend-stack.yml
@ -0,0 +1,111 @@
+version: '3.8'
+
+networks:
+  maple-private-prod:
+    external: true
+  maple-public-prod:
+    external: true
+
+secrets:
+  maplepress_jwt_secret:
+    external: true
+  redis_password:
+    external: true
+  meilisearch_master_key:
+    external: true
+  # Uncomment if using S3/SeaweedFS:
+  # s3_access_key:
+  #   external: true
+  # s3_secret_key:
+  #   external: true
+
+services:
+  backend:
+    image: registry.digitalocean.com/ssp/maplepress_backend:latest
+    hostname: backend
+    networks:
+      - maple-public-prod    # Receive requests from NGINX
+      - maple-private-prod   # Access databases
+    secrets:
+      - maplepress_jwt_secret
+      - redis_password
+      - meilisearch_master_key
+      # Uncomment if using S3:
+      # - s3_access_key
+      # - s3_secret_key
+    environment:
+      # Application Configuration
+      - APP_ENVIRONMENT=production
+      - APP_VERSION=${APP_VERSION:-1.0.0}
+
+      # HTTP Server Configuration
+      - SERVER_HOST=0.0.0.0
+      - SERVER_PORT=8000
+
+      # Cassandra Database Configuration
+      # Use all 3 Cassandra nodes for high availability
+      - DATABASE_HOSTS=cassandra-1:9042,cassandra-2:9042,cassandra-3:9042
+      - DATABASE_KEYSPACE=maplepress
+      - DATABASE_CONSISTENCY=QUORUM
+      - DATABASE_REPLICATION=3
+      - DATABASE_MIGRATIONS_PATH=file://migrations
+
+      # Meilisearch Configuration
+      - MEILISEARCH_HOST=http://meilisearch:7700
+
+      # Logger Configuration
+      - LOGGER_LEVEL=info
+      - LOGGER_FORMAT=json
+
+      # S3/Object Storage Configuration (if using)
+      # - AWS_ENDPOINT=https://your-region.digitaloceanspaces.com
+      # - AWS_REGION=us-east-1
+      # - AWS_BUCKET_NAME=maplepress-prod
+
+    # Read secrets and set as environment variables using entrypoint
+    entrypoint: ["/bin/sh", "-c"]
+    command:
+      - |
+        export APP_JWT_SECRET=$$(cat /run/secrets/maplepress_jwt_secret)
+        export CACHE_PASSWORD=$$(cat /run/secrets/redis_password)
+        export MEILISEARCH_API_KEY=$$(cat /run/secrets/meilisearch_master_key)
+        # Uncomment if using S3:
+        # export AWS_ACCESS_KEY=$$(cat /run/secrets/s3_access_key)
+        # export AWS_SECRET_KEY=$$(cat /run/secrets/s3_secret_key)
+
+        # Set Redis configuration
+        export CACHE_HOST=redis
+        export CACHE_PORT=6379
+        export CACHE_DB=0
+
+        # Start the backend
+        exec /app/maplepress-backend
+
+    deploy:
+      replicas: 1
+      placement:
+        constraints:
+          - node.labels.backend == true
+      restart_policy:
+        condition: on-failure
+        delay: 10s
+        max_attempts: 3
+      resources:
+        limits:
+          memory: 1G
+          cpus: '1.0'
+        reservations:
+          memory: 512M
+          cpus: '0.5'
+      update_config:
+        parallelism: 1
+        delay: 10s
+        failure_action: rollback
+        order: start-first  # Zero-downtime: start new before stopping old
+
+    healthcheck:
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "--header=X-Tenant-ID: healthcheck", "http://localhost:8000/health"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      start_period: 60s