Phase 7: Hardening — logging, security, Docker, production readiness

Backend: - Structured JSON logging (python-json-logger) with request ID correlation - RequestIDMiddleware (server-generated UUID, no client trust) - Global exception handlers: AppException, RequestValidationError, generic 500 — all return consistent {"error": {code, message, request_id}} format - Async rate limiting with lock + stale key eviction on auth endpoints - Health endpoint checks DB connectivity, returns version + status - Custom exception classes (NotFoundException, ForbiddenException, etc.) - OpenAPI docs with tag descriptions, conditional URL (disabled in production) - LOG_LEVEL, DOCS_ENABLED, RATE_LIMIT_* settings added Docker: - Backend: multi-stage build (builder + runtime), non-root user, HEALTHCHECK - Frontend: removed dead user, HEALTHCHECK directive - docker-compose: restart policies, healthchecks, Redis service, named volumes for uploads/PDFs, rate limit env vars forwarded - Alembic migrations run only in Dockerfile CMD (removed from lifespan) Nginx: - server_tokens off - CSP, Referrer-Policy, Permissions-Policy headers - HSTS ready (commented, enable with TLS) Config & Docs: - .env.production.example with production-ready settings - CLAUDE.md project conventions (structure, workflow, naming, how-to) - .env.example updated with new variables Review fixes applied: - Rate limiter: async lock prevents race condition, stale key eviction - Request ID: always server-generated (no log injection) - Removed duplicate alembic migration from lifespan - Removed dead app user from frontend Dockerfile - Health check logs DB errors - Rate limit env vars forwarded in docker-compose Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 14:52:21 +03:00
parent fed6a3df1b
commit 4cbce89129
18 changed files with 485 additions and 15 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,6 +1,7 @@
 services:
  postgres:
    image: postgres:16-alpine
+    restart: unless-stopped
    environment:
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
@@ -13,8 +14,20 @@ services:
      timeout: 5s
      retries: 5

+  redis:
+    image: redis:7-alpine
+    restart: unless-stopped
+    volumes:
+      - redis_data:/data
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 5s
+      timeout: 3s
+      retries: 5
+
  backend:
    build: ./backend
+    restart: unless-stopped
    environment:
      DATABASE_URL: ${DATABASE_URL}
      SECRET_KEY: ${SECRET_KEY}
@@ -23,20 +36,38 @@ services:
      ACCESS_TOKEN_EXPIRE_MINUTES: ${ACCESS_TOKEN_EXPIRE_MINUTES}
      REFRESH_TOKEN_EXPIRE_DAYS: ${REFRESH_TOKEN_EXPIRE_DAYS}
      REFRESH_TOKEN_EXPIRE_HOURS: ${REFRESH_TOKEN_EXPIRE_HOURS}
+      ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY:-}
+      CLAUDE_MODEL: ${CLAUDE_MODEL:-claude-sonnet-4-20250514}
      FIRST_ADMIN_EMAIL: ${FIRST_ADMIN_EMAIL}
      FIRST_ADMIN_USERNAME: ${FIRST_ADMIN_USERNAME}
      FIRST_ADMIN_PASSWORD: ${FIRST_ADMIN_PASSWORD}
+      LOG_LEVEL: ${LOG_LEVEL:-INFO}
+      DOCS_ENABLED: ${DOCS_ENABLED:-true}
+      RATE_LIMIT_REQUESTS: ${RATE_LIMIT_REQUESTS:-20}
+      RATE_LIMIT_WINDOW_SECONDS: ${RATE_LIMIT_WINDOW_SECONDS:-60}
+    volumes:
+      - upload_data:/data/uploads
+      - pdf_data:/data/pdfs
    depends_on:
      postgres:
        condition: service_healthy
+      redis:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8000/api/v1/health"]
+      interval: 30s
+      timeout: 5s
+      retries: 3

  frontend:
    build: ./frontend
+    restart: unless-stopped
    depends_on:
      - backend

  nginx:
    build: ./nginx
+    restart: unless-stopped
    ports:
      - "80:80"
    depends_on:
@@ -45,3 +76,6 @@ services:

 volumes:
  postgres_data:
+  redis_data:
+  upload_data:
+  pdf_data: