Ilia Denisov
8700fbfae1
- backend + gateway multi-stage distroless Dockerfiles; the gateway embeds and
serves the SPA at / and /telegram/ via go:embed (committed dist placeholder,
real build baked in by the image's node stage)
- deploy/docker-compose.yml: backend + gateway + Postgres + Telegram connector
(VPN sidecar) + OTel Collector + Prometheus (15d) + Tempo (72h) + Grafana,
fronted by a caddy owning a single /_gm Basic-Auth (admin console + Grafana
subpath); inter-service on a private network, only caddy on the edge network
- new metrics: backend accounts_created_total{kind} (robots excluded) and an
in-memory gateway active_users{window=24h,7d} gauge
- CI: single .gitea/workflows/ci.yaml (unit/integration/ui + a gated test-contour
deploy) on the new feature/* -> development -> master branch model; the old
go-unit/integration/ui-test workflows are folded in; the connector-scoped
compose is retired (superseded by deploy/)
- docs: ARCHITECTURE §11/§12/§13, root + gateway READMEs, CLAUDE.md branching,
PLAN.md (stage 16 done + refinements + Stage 17 forward-notes)
44 lines
1.9 KiB
Bash
44 lines
1.9 KiB
Bash
# Environment for deploy/docker-compose.yml. The CI deploy job (ci.yaml) maps the
|
|
# Gitea TEST_-prefixed secrets/variables onto these unprefixed names; Stage 17
|
|
# maps the PROD_-prefixed set the same way. Copy to deploy/.env for a local run.
|
|
|
|
# --- Postgres ---------------------------------------------------------------
|
|
POSTGRES_DB=scrabble
|
|
POSTGRES_USER=scrabble
|
|
POSTGRES_PASSWORD=change-me # required
|
|
|
|
# --- Dictionary -------------------------------------------------------------
|
|
DICT_VERSION=v1.0.0 # scrabble-dictionary release tag (image build-arg)
|
|
|
|
# --- Logging ----------------------------------------------------------------
|
|
LOG_LEVEL=info
|
|
|
|
# --- Edge / caddy -----------------------------------------------------------
|
|
# Test: ":80" (the host caddy terminates TLS and forwards to scrabble:80 on the
|
|
# external `edge` network). Prod (Stage 17): a domain so caddy does its own ACME.
|
|
CADDY_SITE_ADDRESS=:80
|
|
GM_BASICAUTH_USER=gm
|
|
GM_BASICAUTH_HASH= # required; `caddy hash-password` bcrypt hash
|
|
|
|
# --- UI build args (baked into the gateway image) ---------------------------
|
|
VITE_TELEGRAM_BOT_ID=
|
|
VITE_TELEGRAM_LINK=
|
|
VITE_GATEWAY_URL=
|
|
|
|
# --- Gateway ----------------------------------------------------------------
|
|
GATEWAY_DEFAULT_SUPPORTED_LANGUAGES=en,ru
|
|
|
|
# --- Grafana ----------------------------------------------------------------
|
|
GRAFANA_ROOT_URL=/_gm/grafana/ # set the full https URL behind a real domain
|
|
GRAFANA_ADMIN_PASSWORD=admin
|
|
|
|
# --- Telegram connector -----------------------------------------------------
|
|
AWG_CONF= # required; AmneziaWG sidecar config
|
|
TELEGRAM_BOT_TOKEN_EN= # at least one of EN/RU required
|
|
TELEGRAM_BOT_TOKEN_RU=
|
|
TELEGRAM_GAME_CHANNEL_ID_EN=
|
|
TELEGRAM_GAME_CHANNEL_ID_RU=
|
|
TELEGRAM_MINIAPP_URL= # required
|
|
TELEGRAM_TEST_ENV=false
|
|
TELEGRAM_API_BASE_URL=
|