tronosfera/Law
1
0
Fork 0
mirror of https://github.com/TronoSfera/Law.git synced 2026-05-18 18:13:46 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

add cert 2.4

Browse source
This commit is contained in:
TronoSfera 2026-02-28 16:09:47 +03:00
parent 5962f70298
commit cf7656399b
5 changed files with 28 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Makefile
View file

@ -10,7 +10,7 @@ DOMAIN ?= ruakb.ru
WWW_DOMAIN ?= www.ruakb.ru WWW_DOMAIN ?= www.ruakb.ru
LETSENCRYPT_EMAIL ?= admin@ruakb.ru LETSENCRYPT_EMAIL ?= admin@ruakb.ru
LOCAL_COMPOSE = docker compose -f docker-compose.yml LOCAL_COMPOSE = docker compose -f docker-compose.yml -f docker-compose.local.yml
PROD_COMPOSE = docker compose -f docker-compose.yml -f docker-compose.prod.nginx.yml PROD_COMPOSE = docker compose -f docker-compose.yml -f docker-compose.prod.nginx.yml
CERT_COMPOSE = docker compose -f docker-compose.yml -f docker-compose.prod.nginx.yml -f docker-compose.prod.cert.yml CERT_COMPOSE = docker compose -f docker-compose.yml -f docker-compose.prod.nginx.yml -f docker-compose.prod.cert.yml
@ -57,7 +57,7 @@ check-cert-files: check-prod-files
@test -f deploy/nginx/edge-https.conf || (echo "[ERROR] Missing deploy/nginx/edge-https.conf. Run: git pull"; exit 1) @test -f deploy/nginx/edge-https.conf || (echo "[ERROR] Missing deploy/nginx/edge-https.conf. Run: git pull"; exit 1)
prod-up: check-prod-files prod-up: check-prod-files
$(PROD_COMPOSE) up -d --build $(PROD_COMPOSE) up -d --build --force-recreate --remove-orphans
$(PROD_COMPOSE) exec -T backend alembic upgrade head $(PROD_COMPOSE) exec -T backend alembic upgrade head
prod-down: check-prod-files prod-down: check-prod-files

3
README.md
View file

@ -4,7 +4,7 @@ Backend skeleton: public requests + OTP + public JWT cookie + admin (admin/lawye
## Run (Docker) ## Run (Docker)
```bash ```bash
cp .env.example .env cp .env.example .env
docker compose up --build docker compose -f docker-compose.yml -f docker-compose.local.yml up --build
``` ```
Landing (frontend): http://localhost:8081 Landing (frontend): http://localhost:8081
Admin UI: http://localhost:8081/admin Admin UI: http://localhost:8081/admin
@ -43,6 +43,7 @@ Checks:
curl -I https://ruakb.ru curl -I https://ruakb.ru
curl -fsS https://ruakb.ru/health curl -fsS https://ruakb.ru/health
curl -fsS https://ruakb.ru/chat-health curl -fsS https://ruakb.ru/chat-health
ss -lntp | egrep ':(80|443|5432|6379|8002|8081|9000|9001)\\b'
``` ```
## Migrations ## Migrations

2
context/13_production_deploy_ruakb.md
View file

@ -4,6 +4,7 @@
Развернуть платформу на сервере `45.150.36.116` c HTTPS на `80/443` для домена `ruakb.ru`. Развернуть платформу на сервере `45.150.36.116` c HTTPS на `80/443` для домена `ruakb.ru`.
## Что добавлено ## Что добавлено
- `docker-compose.local.yml` — локальные публикации портов (`8081/8080/8002/5432/6379/9000/9001`)
- `docker-compose.prod.nginx.yml` — production override: - `docker-compose.prod.nginx.yml` — production override:
- edge nginx на `80/443` - edge nginx на `80/443`
- certbot volume для сертификатов - certbot volume для сертификатов
@ -39,6 +40,7 @@ curl -I http://ruakb.ru
curl -I https://ruakb.ru curl -I https://ruakb.ru
curl -fsS https://ruakb.ru/health curl -fsS https://ruakb.ru/health
curl -fsS https://ruakb.ru/chat-health curl -fsS https://ruakb.ru/chat-health
ss -lntp | egrep ':(80|443|5432|6379|8002|8081|9000|9001)\b'
``` ```
## Обновление ## Обновление

22
docker-compose.local.yml Normal file
View file

@ -0,0 +1,22 @@
services:
frontend:
ports:
- "8081:80"
- "8080:80"
backend:
ports:
- "8002:8000"
db:
ports:
- "5432:5432"
redis:
ports:
- "6379:6379"
minio:
ports:
- "9000:9000"
- "9001:9001"

5
docker-compose.yml
View file

@ -16,7 +16,6 @@ services:
timeout: 5s timeout: 5s
retries: 5 retries: 5
start_period: 20s start_period: 20s
ports: ["8081:80", "8080:80"]
e2e: e2e:
build: build:
@ -53,7 +52,6 @@ services:
timeout: 5s timeout: 5s
retries: 5 retries: 5
start_period: 25s start_period: 25s
ports: ["8002:8000"]
volumes: [".:/app"] volumes: [".:/app"]
chat-service: chat-service:
@ -109,7 +107,6 @@ services:
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
POSTGRES_USER: ${POSTGRES_USER:-postgres} POSTGRES_USER: ${POSTGRES_USER:-postgres}
POSTGRES_DB: ${POSTGRES_DB:-legal} POSTGRES_DB: ${POSTGRES_DB:-legal}
ports: ["5432:5432"]
volumes: ["pgdata:/var/lib/postgresql/data"] volumes: ["pgdata:/var/lib/postgresql/data"]
healthcheck: healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres -d legal"] test: ["CMD-SHELL", "pg_isready -U postgres -d legal"]
@ -122,7 +119,6 @@ services:
image: redis:7 image: redis:7
container_name: law-redis container_name: law-redis
restart: unless-stopped restart: unless-stopped
ports: ["6379:6379"]
healthcheck: healthcheck:
test: ["CMD", "redis-cli", "ping"] test: ["CMD", "redis-cli", "ping"]
interval: 10s interval: 10s
@ -138,7 +134,6 @@ services:
environment: environment:
MINIO_ROOT_USER: minioadmin MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: minioadmin MINIO_ROOT_PASSWORD: minioadmin
ports: ["9000:9000", "9001:9001"]
volumes: ["miniodata:/data"] volumes: ["miniodata:/data"]
volumes: volumes: