developer/scrabble-game
1
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
3590df28db25a358e82470950dd71a43df24b673
scrabble-game/platform/telegram/deploy/docker-compose.yml
T
Ilia Denisov 3590df28db
Tests · Go / test (push) Successful in 7s
Details
Tests · Go / test (pull_request) Successful in 6s
Details
Tests · Integration / integration (pull_request) Successful in 12s
Details
Tests · UI / test (pull_request) Failing after 5m9s
Details
Stage 9: Telegram integration (connector side-service, Mini App, out-of-app push) 
New platform/telegram connector (own container, bot token only there):
- go-telegram/bot long-poll loop: /start deep-links + Mini App launch button.
- gRPC API pkg/proto/telegram/v1 (Telegram service): ValidateInitData, Notify
  (renders a localized message + deep-link button), SendToUser/SendToGameChannel
  (admin, wired in Stage 10). Generic methods are platform-agnostic (external_id).
- Bot API base override for Telegram's test environment; Dockerfile + compose
  (VPN sidecar, no public ingress); README.

Gateway:
- initData validation relocated from the gateway into the connector; the gateway
  calls ValidateInitData over gRPC (GATEWAY_CONNECTOR_ADDR), drops the bot token,
  and deletes internal/auth.
- Out-of-app push: runPushPump routes events whose recipient has no live in-app
  stream to connector.Notify, gated by /internal/push-target + the in-app-only
  flag (race-free de-dup); HasSubscribers added to the push hub.

Backend:
- Migration 00007 accounts.notifications_in_app_only (default true) + jetgen.
- ProvisionTelegram seeds a new account's language/display name from the launch
  fields; IdentityExternalID reverse lookup; /internal/push-target handler.

UI:
- Telegram Mini App launch: detect initData, apply themeParams, authTelegram,
  route the deep-link start_param (g/i/f); /telegram/ guard redirects outside
  Telegram. Vite relative base + telegram-web-app.js. In-app-only profile toggle;
  share-to-Telegram link for a friend code. Vitest + Playwright coverage.

Wire/docs/CI: fbs Profile/UpdateProfileRequest gain notifications_in_app_only
(Go + TS); go.work uses ./platform/telegram; go-unit.yaml covers it; PLAN,
ARCHITECTURE, FUNCTIONAL (+ru), UI_DESIGN, READMEs updated.
2026-06-04 01:48:03 +02:00

59 lines
2.5 KiB
YAML
Raw Blame History

# Deploy descriptor for the Telegram connector (the platform side-service).
#
# Networking mirrors the sibling ../15-puzzle/deploy/docker-compose.yml:
# - The `vpn` sidecar (developer/amneziawg-sidecar) holds the tunnel and provides
# the netns shared by `app` (network_mode: "service:vpn"). All of the
# connector's egress to api.telegram.org therefore leaves through the tunnel.
# - `vpn` is the one attached to the external `edge` network, with the alias
# `telegram`, so the other services reach the connector's gRPC port at
# `telegram:9091` inside the shared netns. The connector needs NO public
# ingress — it long-polls Telegram and only answers internal gRPC.
#
# The connector joins the same `edge` network as `backend` and `gateway` (the full
# service set rolled out together on a dev-environment deploy). The gateway calls it
# with GATEWAY_CONNECTOR_ADDR=telegram:9091; the backend admin surface (Stage 10)
# will use the same address. The single public ingress for the host reverse proxy
# (caddy) is the gateway's HTTP port, which also serves the Mini App under /telegram/
# (ARCHITECTURE.md §13). The full multi-service compose lands with Stage 12; this is
# the connector-scoped descriptor.
name: scrabble-telegram
services:
vpn:
container_name: scrabble-telegram-vpn
image: docker.iliadenisov.ru/developer/amneziawg-sidecar:latest
restart: unless-stopped
privileged: true
environment:
AWG_CONF: ${AWG_CONF:?set AWG_CONF}
networks:
edge:
aliases:
- telegram
app:
container_name: scrabble-telegram
image: scrabble-telegram:latest
build:
# Build from the repository root so go.work, pkg/ and platform/telegram/ are
# all in the Docker context (see platform/telegram/Dockerfile).
context: ../../..
dockerfile: platform/telegram/Dockerfile
restart: unless-stopped
depends_on:
- vpn
network_mode: "service:vpn"
environment:
# The bot token lives ONLY in this container (ARCHITECTURE.md §12).
TELEGRAM_BOT_TOKEN: ${TELEGRAM_BOT_TOKEN:?set TELEGRAM_BOT_TOKEN}
TELEGRAM_MINIAPP_URL: ${TELEGRAM_MINIAPP_URL:?set TELEGRAM_MINIAPP_URL}
TELEGRAM_GRPC_ADDR: ${TELEGRAM_GRPC_ADDR:-:9091}
# Set to true when deploying into Telegram's test environment.
TELEGRAM_TEST_ENV: ${TELEGRAM_TEST_ENV:-false}
TELEGRAM_API_BASE_URL: ${TELEGRAM_API_BASE_URL:-}
TELEGRAM_GAME_CHANNEL_ID: ${TELEGRAM_GAME_CHANNEL_ID:-}
networks:
edge:
external: true
Reference in New Issue View Git Blame Copy Permalink