rewrite

2025-11-04 09:56:37 +01:00
parent 32ef62e4ac
commit addb21bc3e
34 changed files with 3864 additions and 367 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,3 +1,5 @@
+version: '3.9'
+
 services:
  haproxy-configurator:
    build:
@@ -6,35 +8,108 @@ services:
    container_name: haproxy-configurator
    restart: unless-stopped
    
+    # ===== PORTS =====
    ports:
-      - "15000:5000"
-      - "80:80"
-      - "443:443"
-      - "8404:8404"
+      - "15001:5000"          # Flask app (manager UI)
+      - "81:80"               # HAProxy HTTP
+      - "444:443"             # HAProxy HTTPS
+      - "8405:8404"           # HAProxy Stats (hardcoded 8404 inside)
    
+    # ===== VOLUMES =====
    volumes:
-      - ./config:/app/config
-      - ./haproxy:/etc/haproxy
-      - ./logs:/var/log
-      - ./ssl:/app/ssl
-
+      # Application data
+      - ./instance:/app/instance              # SQLite database
+      - ./uploads/certificates:/app/uploads/certificates  # SSL certificates
+      - ./backups:/app/backups                # Config backups
+      
+      # HAProxy config
+      - ./haproxy:/etc/haproxy                # HAProxy config directory
+      - ./logs/haproxy:/var/log/haproxy       # HAProxy logs
+      
+      # Logs
+      - ./logs/app:/app/logs                  # Application logs
+      - ./logs/supervisor:/var/log/supervisor # Supervisor logs
+    
+    # ===== ENVIRONMENT =====
    environment:
+      # Flask
      - FLASK_ENV=production
      - FLASK_APP=app.py
+      - FLASK_DEBUG=0
      - PYTHONUNBUFFERED=1
+      - PYTHONDONTWRITEBYTECODE=1
+      
+      # Database
+      - DATABASE_URL=sqlite:////app/instance/app.db
+      
+      # Admin credentials (initial)
+      - ADMIN_USERNAME=admin
+      - ADMIN_PASSWORD=admin123
+      
+      # Secret key (CHANGE IN PRODUCTION!)
+      - SECRET_KEY=change-me-in-production-$(openssl rand -hex 16)
+      
+      # HAProxy
+      - HAPROXY_CONFIG_PATH=/etc/haproxy/haproxy.cfg
+      - HAPROXY_STATS_PORT=8404
    
+    # ===== CAPABILITIES =====
    cap_add:
      - NET_ADMIN
      - SYS_ADMIN
+      - DAC_OVERRIDE
    
+    # ===== LOGGING =====
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"
+        labels: "service=haproxy-configurator"
    
-    networks: [intranet]
+    # ===== HEALTHCHECK =====
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:5000/api/current-user", "--fail"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 40s
+    
+    # ===== NETWORK =====
+    networks:
+      - intranet
+    
+    # ===== DEPENDENCIES =====
+    depends_on:
+      - haproxy-configurator-init
+  
+  # ===== INIT SERVICE (tworzy tabele i strukturę) =====
+  haproxy-configurator-init:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: haproxy-configurator-init
+    entrypoint: >
+      sh -c "
+        echo '[INIT] Initializing database...';
+        python -c 'from app import app; from database import init_db; init_db(app)';
+        echo '[INIT] Database initialized!';
+        exit 0;
+      "
+    volumes:
+      - ./instance:/app/instance
+      - ./uploads/certificates:/app/uploads/certificates
+      - ./backups:/app/backups
+    environment:
+      - FLASK_ENV=production
+      - FLASK_APP=app.py
+      - PYTHONUNBUFFERED=1
+    networks:
+      - intranet
+    restart: "no"

 networks:
  intranet:
-    external: true
+    driver: bridge
+    # uncomment dla external network:
+    # external: true