alexei.dolgolyov
32de5b26a8
Blue-green zero-downtime deploys, promote flow validation. Dual auth: local (bcrypt + JWT) and OAuth2/OIDC (any provider). Auth middleware, login page, auth settings UI. Structured logging (slog JSON), config export to YAML. Graceful shutdown with deploy draining. Multi-stage Dockerfile and production docker-compose.yml. Swap phase order: Volumes & Env before UI Polish.
47 lines
1.5 KiB
YAML
47 lines
1.5 KiB
YAML
services:
|
|
docker-watcher:
|
|
build: .
|
|
image: docker-watcher:latest
|
|
container_name: docker-watcher
|
|
restart: unless-stopped
|
|
ports:
|
|
- "8080:8080"
|
|
volumes:
|
|
# Mount Docker socket for container management.
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
# Persistent data (SQLite database).
|
|
- docker-watcher-data:/app/data
|
|
# Optional seed config (read on first launch only).
|
|
- ./docker-watcher.yaml:/app/docker-watcher.yaml:ro
|
|
environment:
|
|
# Required: protects all credentials stored in the database.
|
|
- ENCRYPTION_KEY=${ENCRYPTION_KEY:?Set ENCRYPTION_KEY in .env}
|
|
# Optional: default admin password on first launch (default: "admin").
|
|
- ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin}
|
|
# Optional: override seed file location.
|
|
- SEED_FILE=/app/docker-watcher.yaml
|
|
# Optional: override data directory.
|
|
- DATA_DIR=/app/data
|
|
# Optional: override listen address.
|
|
- LISTEN_ADDR=:8080
|
|
# Optional: override NPM URL (otherwise uses value from settings).
|
|
# - NPM_URL=http://npm:81
|
|
# Optional: override polling interval.
|
|
# - POLLING_INTERVAL=5m
|
|
networks:
|
|
- staging-net
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/api/auth/login"]
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 10s
|
|
|
|
volumes:
|
|
docker-watcher-data:
|
|
driver: local
|
|
|
|
networks:
|
|
staging-net:
|
|
external: true
|