121 lines
4.9 KiB
YAML
121 lines
4.9 KiB
YAML
# Use external network from infrastructure
|
|
networks:
|
|
mapleopentech-dev:
|
|
external: true
|
|
|
|
services:
|
|
app:
|
|
container_name: maplefile-backend-dev
|
|
stdin_open: true
|
|
build:
|
|
context: .
|
|
dockerfile: ./dev.Dockerfile
|
|
ports:
|
|
- "${SERVER_PORT:-8000}:${SERVER_PORT:-8000}"
|
|
env_file:
|
|
- .env
|
|
environment:
|
|
# Application Configuration
|
|
APP_ENVIRONMENT: ${APP_ENVIRONMENT:-development}
|
|
APP_VERSION: ${APP_VERSION:-0.1.0}
|
|
APP_DATA_DIRECTORY: ${APP_DATA_DIRECTORY:-/app/data}
|
|
|
|
# HTTP Server Configuration
|
|
SERVER_HOST: ${SERVER_HOST:-0.0.0.0}
|
|
SERVER_PORT: ${SERVER_PORT:-8000}
|
|
SERVER_READ_TIMEOUT: ${SERVER_READ_TIMEOUT:-30s}
|
|
SERVER_WRITE_TIMEOUT: ${SERVER_WRITE_TIMEOUT:-30s}
|
|
SERVER_IDLE_TIMEOUT: ${SERVER_IDLE_TIMEOUT:-60s}
|
|
SERVER_SHUTDOWN_TIMEOUT: ${SERVER_SHUTDOWN_TIMEOUT:-10s}
|
|
|
|
# Cassandra Database Configuration
|
|
# Connect to external infrastructure (use all 3 nodes in cluster)
|
|
DATABASE_HOSTS: ${DATABASE_HOSTS:-cassandra-1:9042,cassandra-2:9042,cassandra-3:9042}
|
|
DATABASE_KEYSPACE: ${DATABASE_KEYSPACE:-maplefile}
|
|
DATABASE_CONSISTENCY: ${DATABASE_CONSISTENCY:-QUORUM}
|
|
DATABASE_REPLICATION: ${DATABASE_REPLICATION:-3}
|
|
DATABASE_MIGRATIONS_PATH: ${DATABASE_MIGRATIONS_PATH:-file://migrations}
|
|
DATABASE_CONNECT_TIMEOUT: ${DATABASE_CONNECT_TIMEOUT:-10s}
|
|
DATABASE_REQUEST_TIMEOUT: ${DATABASE_REQUEST_TIMEOUT:-5s}
|
|
DATABASE_MAX_RETRIES: ${DATABASE_MAX_RETRIES:-3}
|
|
DATABASE_RETRY_DELAY: ${DATABASE_RETRY_DELAY:-1s}
|
|
|
|
# Redis Cache Configuration
|
|
# Connect to external infrastructure
|
|
CACHE_HOST: ${CACHE_HOST:-redis}
|
|
CACHE_PORT: ${CACHE_PORT:-6379}
|
|
CACHE_PASSWORD: ${CACHE_PASSWORD:-}
|
|
CACHE_DB: ${CACHE_DB:-0}
|
|
|
|
# S3 Configuration (SeaweedFS - S3-compatible storage)
|
|
# Using nginx-s3-proxy on port 8334 for CORS-enabled access
|
|
S3_ENDPOINT: ${S3_ENDPOINT:-http://nginx-s3-proxy:8334}
|
|
S3_ACCESS_KEY: ${S3_ACCESS_KEY:-any}
|
|
S3_SECRET_KEY: ${S3_SECRET_KEY:-any}
|
|
S3_BUCKET: ${S3_BUCKET:-maplefile}
|
|
S3_REGION: ${S3_REGION:-us-east-1}
|
|
S3_USE_SSL: ${S3_USE_SSL:-false}
|
|
S3_USE_PATH_STYLE: ${S3_USE_PATH_STYLE:-true}
|
|
|
|
# JWT Authentication
|
|
JWT_SECRET: ${JWT_SECRET:-change-me-in-production}
|
|
JWT_ACCESS_TOKEN_DURATION: ${JWT_ACCESS_TOKEN_DURATION:-15m}
|
|
JWT_REFRESH_TOKEN_DURATION: ${JWT_REFRESH_TOKEN_DURATION:-168h}
|
|
JWT_SESSION_DURATION: ${JWT_SESSION_DURATION:-24h}
|
|
JWT_SESSION_CLEANUP_INTERVAL: ${JWT_SESSION_CLEANUP_INTERVAL:-1h}
|
|
|
|
# Email (Mailgun)
|
|
MAILGUN_API_KEY: ${MAILGUN_API_KEY:-}
|
|
MAILGUN_DOMAIN: ${MAILGUN_DOMAIN:-}
|
|
MAILGUN_API_BASE: ${MAILGUN_API_BASE:-https://api.mailgun.net/v3}
|
|
MAILGUN_FROM_EMAIL: ${MAILGUN_FROM_EMAIL:-noreply@maplefile.app}
|
|
MAILGUN_FROM_NAME: ${MAILGUN_FROM_NAME:-MapleFile}
|
|
MAILGUN_FRONTEND_URL: ${MAILGUN_FRONTEND_URL:-http://localhost:3000}
|
|
|
|
# Invite Email Configuration
|
|
MAPLEFILE_INVITE_MAX_EMAILS_PER_DAY: ${MAPLEFILE_INVITE_MAX_EMAILS_PER_DAY:-3}
|
|
|
|
# Login Rate Limiting
|
|
LOGIN_RATE_LIMIT_MAX_ATTEMPTS_PER_IP: ${LOGIN_RATE_LIMIT_MAX_ATTEMPTS_PER_IP:-50}
|
|
LOGIN_RATE_LIMIT_IP_WINDOW: ${LOGIN_RATE_LIMIT_IP_WINDOW:-15m}
|
|
LOGIN_RATE_LIMIT_MAX_FAILED_PER_ACCOUNT: ${LOGIN_RATE_LIMIT_MAX_FAILED_PER_ACCOUNT:-10}
|
|
LOGIN_RATE_LIMIT_LOCKOUT_DURATION: ${LOGIN_RATE_LIMIT_LOCKOUT_DURATION:-30m}
|
|
|
|
# Observability
|
|
OBSERVABILITY_ENABLED: ${OBSERVABILITY_ENABLED:-true}
|
|
OBSERVABILITY_PORT: ${OBSERVABILITY_PORT:-9090}
|
|
OBSERVABILITY_HEALTH_TIMEOUT: ${OBSERVABILITY_HEALTH_TIMEOUT:-5s}
|
|
OBSERVABILITY_METRICS_ENABLED: ${OBSERVABILITY_METRICS_ENABLED:-true}
|
|
OBSERVABILITY_HEALTH_ENABLED: ${OBSERVABILITY_HEALTH_ENABLED:-true}
|
|
OBSERVABILITY_DETAILED_HEALTH: ${OBSERVABILITY_DETAILED_HEALTH:-false}
|
|
|
|
# Logging
|
|
LOG_LEVEL: ${LOG_LEVEL:-info}
|
|
LOG_FORMAT: ${LOG_FORMAT:-json}
|
|
LOG_STACKTRACE: ${LOG_STACKTRACE:-false}
|
|
LOG_CALLER: ${LOG_CALLER:-true}
|
|
|
|
# Security
|
|
SECURITY_GEOLITE_DB_PATH: ${SECURITY_GEOLITE_DB_PATH:-./data/GeoLite2-Country.mmdb}
|
|
SECURITY_BANNED_COUNTRIES: ${SECURITY_BANNED_COUNTRIES:-}
|
|
SECURITY_RATE_LIMIT_ENABLED: ${SECURITY_RATE_LIMIT_ENABLED:-true}
|
|
SECURITY_IP_BLOCK_ENABLED: ${SECURITY_IP_BLOCK_ENABLED:-true}
|
|
|
|
# Leader Election
|
|
LEADER_ELECTION_ENABLED: ${LEADER_ELECTION_ENABLED:-true}
|
|
LEADER_ELECTION_LOCK_TTL: ${LEADER_ELECTION_LOCK_TTL:-10s}
|
|
LEADER_ELECTION_HEARTBEAT_INTERVAL: ${LEADER_ELECTION_HEARTBEAT_INTERVAL:-3s}
|
|
LEADER_ELECTION_RETRY_INTERVAL: ${LEADER_ELECTION_RETRY_INTERVAL:-2s}
|
|
|
|
volumes:
|
|
- ./:/go/src/codeberg.org/mapleopentech/monorepo/cloud/maplefile-backend
|
|
networks:
|
|
- mapleopentech-dev
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test:
|
|
["CMD", "curl", "-f", "http://localhost:${SERVER_PORT:-8000}/health"]
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 30s
|