Paul R Kartchner
f5f8bc631c
Some checks failed
CI Pipeline / Test Web Package (push) Waiting to run
CI Pipeline / Test Shared Package (push) Waiting to run
CI/CD Pipeline / Run Tests (push) Failing after 1s
CI/CD Pipeline / Code Quality (push) Failing after 5m39s
Basil CI/CD Pipeline / Code Linting (push) Has been cancelled
Basil CI/CD Pipeline / API Tests (push) Has been cancelled
Basil CI/CD Pipeline / Web Tests (push) Has been cancelled
Basil CI/CD Pipeline / Security Scanning (push) Has been cancelled
Basil CI/CD Pipeline / Build All Packages (push) Has been cancelled
Basil CI/CD Pipeline / E2E Tests (push) Has been cancelled
Basil CI/CD Pipeline / Build & Push Docker Images (push) Has been cancelled
Basil CI/CD Pipeline / Trigger Deployment (push) Has been cancelled
Basil CI/CD Pipeline / Shared Package Tests (push) Has been cancelled
CI Pipeline / Lint Code (push) Failing after 5m37s
CI Pipeline / Test API Package (push) Failing after 1s
E2E Tests / End-to-End Tests (push) Failing after 2s
E2E Tests / E2E Tests (Mobile) (push) Failing after 1s
CI/CD Pipeline / Build and Push Docker Images (push) Has been skipped
Security Scanning / Docker Image Security (push) Failing after 21s
CI Pipeline / Build All Packages (push) Has been cancelled
CI Pipeline / Generate Coverage Report (push) Has been cancelled
Docker Build & Deploy / Push Docker Images (push) Has been cancelled
Docker Build & Deploy / Deploy to Staging (push) Has been cancelled
Docker Build & Deploy / Deploy to Production (push) Has been cancelled
Docker Build & Deploy / Build Docker Images (push) Has been cancelled
Security Scanning / Security Summary (push) Has been cancelled
Security Scanning / Dependency License Check (push) Has been cancelled
Security Scanning / NPM Audit (push) Has been cancelled
Security Scanning / Code Quality Scan (push) Has been cancelled
- Merged 5 workflows into single main.yml - Added Harbor registry support for local container storage - Updated deployment script with Harbor login - Enhanced webhook receiver with Harbor password env var - Updated docker-compose.yml to use Harbor images - Archived old workflow files for reference - Added comprehensive workflow documentation Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
97 lines
3.1 KiB
YAML
97 lines
3.1 KiB
YAML
services:
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
container_name: basil-postgres
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_USER: basil
|
|
POSTGRES_PASSWORD: basil
|
|
POSTGRES_DB: basil
|
|
ports:
|
|
- "5432:5432"
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
networks:
|
|
- internal
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U basil"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
api:
|
|
image: ${DOCKER_REGISTRY:-harbor.pkartchner.com}/${DOCKER_USERNAME:-basil}/basil-api:${IMAGE_TAG:-latest}
|
|
build:
|
|
context: .
|
|
dockerfile: packages/api/Dockerfile
|
|
container_name: basil-api
|
|
restart: unless-stopped
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
environment:
|
|
NODE_ENV: production
|
|
PORT: 3001
|
|
# Use DATABASE_URL from .env if set, otherwise default to local postgres
|
|
DATABASE_URL: ${DATABASE_URL:-postgresql://basil:basil@postgres:5432/basil?schema=public}
|
|
STORAGE_TYPE: local
|
|
LOCAL_STORAGE_PATH: /app/uploads
|
|
BACKUP_PATH: /app/backups
|
|
CORS_ORIGIN: https://basil.pkartchner.com
|
|
# JWT Configuration
|
|
JWT_SECRET: ${JWT_SECRET:-change-this-to-a-random-secret-min-32-characters-long}
|
|
JWT_REFRESH_SECRET: ${JWT_REFRESH_SECRET:-change-this-to-another-random-secret-min-32-characters}
|
|
JWT_EXPIRES_IN: ${JWT_EXPIRES_IN:-15m}
|
|
JWT_REFRESH_EXPIRES_IN: ${JWT_REFRESH_EXPIRES_IN:-7d}
|
|
# Google OAuth
|
|
GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID}
|
|
GOOGLE_CLIENT_SECRET: ${GOOGLE_CLIENT_SECRET}
|
|
GOOGLE_CALLBACK_URL: ${GOOGLE_CALLBACK_URL:-https://basil.pkartchner.com/api/auth/google/callback}
|
|
# Application URLs
|
|
APP_URL: ${APP_URL:-https://basil.pkartchner.com}
|
|
API_URL: ${API_URL:-https://basil.pkartchner.com}
|
|
volumes:
|
|
- uploads_data:/app/uploads
|
|
- backups_data:/app/backups
|
|
networks:
|
|
- internal
|
|
- traefik
|
|
|
|
web:
|
|
image: ${DOCKER_REGISTRY:-harbor.pkartchner.com}/${DOCKER_USERNAME:-basil}/basil-web:${IMAGE_TAG:-latest}
|
|
build:
|
|
context: .
|
|
dockerfile: packages/web/Dockerfile
|
|
container_name: basil-web
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- api
|
|
networks:
|
|
- traefik
|
|
- internal
|
|
labels:
|
|
- "traefik.enable=true"
|
|
# HTTP router (will redirect to HTTPS)
|
|
- "traefik.http.routers.basil-http.rule=Host(`basil.pkartchner.com`)"
|
|
- "traefik.http.routers.basil-http.entrypoints=http"
|
|
- "traefik.http.routers.basil-http.middlewares=redirect-to-https"
|
|
# HTTPS router
|
|
- "traefik.http.routers.basil.rule=Host(`basil.pkartchner.com`)"
|
|
- "traefik.http.routers.basil.entrypoints=https"
|
|
- "traefik.http.routers.basil.tls.certresolver=letsencrypt"
|
|
- "traefik.http.routers.basil.middlewares=geoblock@file,secure-headers@file,crowdsec-bouncer@file"
|
|
# Service
|
|
- "traefik.http.services.basil.loadbalancer.server.port=80"
|
|
- "traefik.docker.network=traefik"
|
|
|
|
volumes:
|
|
postgres_data:
|
|
uploads_data:
|
|
backups_data:
|
|
|
|
networks:
|
|
traefik:
|
|
external: true
|
|
internal:
|
|
driver: bridge
|