a8e201dc52
✅ Production-Ready Containerization: - Multi-stage frontend build (Vue.js + Nginx) - Optimized backend container (Node.js + Alpine) - PostgreSQL 15 with persistent storage and health checks - Custom Docker network for secure service communication ✅ Interactive Setup Wizard (setup.sh): - Beautiful CLI interface with colors and progress indicators - Automatic secure password and JWT secret generation - Complete environment configuration with validation - Domain, SSL, Azure AD, and OpenAI API setup - One-command deployment with immediate startup option ✅ Production Security & Performance: - Nginx reverse proxy with rate limiting and security headers - HTTPS/SSL support with custom certificate mounting - CORS protection and request validation - Non-root container execution for all services - Health checks and monitoring for reliability ✅ Management & Operations: - Comprehensive deploy.sh script with all common operations - Database backup and restore capabilities - Service logs management and troubleshooting tools - Docker Compose orchestration with dependency management - Development vs production environment support ✅ Enterprise Features: - Azure AD SSO integration with hybrid authentication - OpenAI API configuration and secure key management - Multi-environment support (localhost vs production) - Comprehensive documentation and troubleshooting guides - Resource optimization and performance tuning 🏗️ Architecture: - Frontend: Vue.js + Vite → Nginx (port 80/443) - Backend: Node.js + Express (internal port 3000) - Database: PostgreSQL 15 (internal port 5432) - Networking: Isolated Docker bridge network - Storage: Named volumes for data persistence 🚀 Deployment Commands: - ./setup.sh - Interactive deployment wizard - ./scripts/deploy.sh [start|stop|build|logs|status] - docker-compose up -d --build - Automatic migrations and admin user creation 🔒 Security Hardening: - Rate limiting on API endpoints (10 req/s) and auth (5 req/min) - Security headers (X-Frame-Options, CSP, HSTS) - CORS validation and origin checking - SSL/TLS encryption support - Container isolation and minimal attack surface 📚 Complete Documentation: - Comprehensive README with architecture overview - Troubleshooting guide with common issues - Development vs production configuration - Performance tuning and scaling recommendations 🎯 One-Command Production Deployment: Everything needed to deploy Ideas Generator 2025 in production with enterprise security, monitoring, and Azure AD SSO integration. 🚀 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
116 lines
No EOL
3.4 KiB
YAML
116 lines
No EOL
3.4 KiB
YAML
version: '3.8'
|
|
|
|
# Ideas Generator 2025 - Docker Compose Configuration
|
|
# Production-ready deployment with all services
|
|
|
|
services:
|
|
# PostgreSQL Database
|
|
database:
|
|
image: postgres:15-alpine
|
|
container_name: ideas-gen-database
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_DB: ${DATABASE_NAME:-ideas_gen_prod}
|
|
POSTGRES_USER: ${DATABASE_USER:-ideas_admin}
|
|
POSTGRES_PASSWORD: ${DATABASE_PASSWORD}
|
|
POSTGRES_HOST_AUTH_METHOD: ${POSTGRES_HOST_AUTH_METHOD:-scram-sha-256}
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
- ./postgres/init.sql:/docker-entrypoint-initdb.d/init.sql:ro
|
|
networks:
|
|
- ideas-gen-network
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${DATABASE_USER:-ideas_admin} -d ${DATABASE_NAME:-ideas_gen_prod}"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 30s
|
|
|
|
# Node.js Backend API
|
|
backend:
|
|
build:
|
|
context: ..
|
|
dockerfile: docker/Dockerfile.backend
|
|
container_name: ideas-gen-backend
|
|
restart: unless-stopped
|
|
environment:
|
|
# Database Configuration
|
|
DATABASE_HOST: database
|
|
DATABASE_PORT: 5432
|
|
DATABASE_NAME: ${DATABASE_NAME:-ideas_gen_prod}
|
|
DATABASE_USER: ${DATABASE_USER:-ideas_admin}
|
|
DATABASE_PASSWORD: ${DATABASE_PASSWORD}
|
|
|
|
# Application Configuration
|
|
NODE_ENV: production
|
|
PORT: 3000
|
|
JWT_SECRET: ${JWT_SECRET}
|
|
|
|
# OpenAI Configuration
|
|
OPENAI_API_KEY: ${OPENAI_API_KEY}
|
|
|
|
# Azure AD Configuration
|
|
AZURE_TENANT_ID: ${AZURE_TENANT_ID:-e519c2e6-bc6d-4fdf-8d9c-923c2f002385}
|
|
AZURE_CLIENT_ID: ${AZURE_CLIENT_ID:-9079054c-9620-4757-a256-23413042f1ef}
|
|
|
|
# Application URLs
|
|
FRONTEND_URL: ${FRONTEND_URL:-http://localhost}
|
|
BACKEND_URL: ${BACKEND_URL:-http://localhost/api}
|
|
|
|
# Security
|
|
CORS_ORIGIN: ${CORS_ORIGIN:-http://localhost,https://localhost}
|
|
|
|
depends_on:
|
|
database:
|
|
condition: service_healthy
|
|
networks:
|
|
- ideas-gen-network
|
|
volumes:
|
|
# Mount logs directory for persistence
|
|
- backend_logs:/app/logs
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:3000/health || exit 1"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 60s
|
|
|
|
# Vue.js Frontend + Nginx
|
|
frontend:
|
|
build:
|
|
context: ..
|
|
dockerfile: docker/Dockerfile.frontend
|
|
container_name: ideas-gen-frontend
|
|
restart: unless-stopped
|
|
environment:
|
|
NGINX_HOST: ${DOMAIN_NAME:-localhost}
|
|
ports:
|
|
- "${HTTP_PORT:-80}:80"
|
|
- "${HTTPS_PORT:-443}:443"
|
|
depends_on:
|
|
backend:
|
|
condition: service_healthy
|
|
networks:
|
|
- ideas-gen-network
|
|
volumes:
|
|
# SSL certificates (if using HTTPS)
|
|
- "${SSL_CERT_PATH:-./certs}:/etc/nginx/certs:ro"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:80/health || exit 1"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 30s
|
|
|
|
# Named volumes for data persistence
|
|
volumes:
|
|
postgres_data:
|
|
name: ideas-gen-postgres-data
|
|
backend_logs:
|
|
name: ideas-gen-backend-logs
|
|
|
|
# Custom network for service communication
|
|
networks:
|
|
ideas-gen-network:
|
|
name: ideas-gen-network
|
|
driver: bridge |