diff --git a/docker-compose.production.yml b/docker-compose.production.yml index 41f0d50e1..9b5e5cb7d 100644 --- a/docker-compose.production.yml +++ b/docker-compose.production.yml @@ -1,26 +1,79 @@ -version: '3.9' +# ManaCore Production Configuration +# Domain: mana.how +# Server: 46.224.108.214 +# +# This replaces the staging environment as production. +# Apps: mana-core-auth, manacore-web, chat, todo, calendar, clock services: # ============================================ - # Backend Services (Production) + # Infrastructure Services + # ============================================ + + postgres: + image: postgres:16-alpine + container_name: manacore-postgres-prod + restart: always + environment: + POSTGRES_DB: ${POSTGRES_DB:-manacore} + POSTGRES_USER: ${POSTGRES_USER:-postgres} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + volumes: + - postgres_data:/var/lib/postgresql/data + ports: + - "127.0.0.1:5432:5432" + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-postgres}"] + interval: 10s + timeout: 5s + retries: 5 + networks: + - manacore-network + + redis: + image: redis:7-alpine + container_name: manacore-redis-prod + restart: always + command: redis-server --requirepass ${REDIS_PASSWORD} + volumes: + - redis_data:/data + ports: + - "127.0.0.1:6379:6379" + healthcheck: + test: ["CMD", "redis-cli", "--raw", "incr", "ping"] + interval: 10s + timeout: 5s + retries: 5 + networks: + - manacore-network + + # ============================================ + # Auth Service # ============================================ mana-core-auth: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/mana-core-auth:${AUTH_VERSION:-latest} container_name: mana-core-auth-prod restart: always + depends_on: + postgres: + condition: service_healthy + redis: + condition: service_healthy environment: NODE_ENV: production PORT: 3001 - DATABASE_URL: ${AUTH_DATABASE_URL} - REDIS_HOST: ${REDIS_HOST} - REDIS_PORT: ${REDIS_PORT} + DATABASE_URL: postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD}@postgres:5432/manacore_auth + REDIS_HOST: redis + REDIS_PORT: 6379 REDIS_PASSWORD: ${REDIS_PASSWORD} JWT_SECRET: ${JWT_SECRET} JWT_PUBLIC_KEY: ${JWT_PUBLIC_KEY} JWT_PRIVATE_KEY: ${JWT_PRIVATE_KEY} + # CORS - Production domains only + CORS_ORIGINS: https://mana.how,https://chat.mana.how,https://todo.mana.how,https://calendar.mana.how,https://clock.mana.how ports: - - "127.0.0.1:3001:3001" + - "3001:3001" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3001/api/v1/health"] interval: 30s @@ -28,7 +81,7 @@ services: retries: 3 start_period: 40s networks: - - manacore-prod + - manacore-network logging: driver: "json-file" options: @@ -39,49 +92,50 @@ services: limits: cpus: '1' memory: 512M - reservations: - cpus: '0.5' - memory: 256M - maerchenzauber-backend: - image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/maerchenzauber-backend:${MAERCHENZAUBER_VERSION:-latest} - container_name: maerchenzauber-backend-prod + # ============================================ + # ManaCore Dashboard + # ============================================ + + manacore-web: + image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/manacore-web:${MANACORE_WEB_VERSION:-latest} + container_name: manacore-web-prod restart: always depends_on: mana-core-auth: condition: service_healthy environment: NODE_ENV: production - PORT: 3002 - MANA_SERVICE_URL: http://mana-core-auth:3001 - SUPABASE_URL: ${MAERCHENZAUBER_SUPABASE_URL} - SUPABASE_ANON_KEY: ${MAERCHENZAUBER_SUPABASE_ANON_KEY} - SUPABASE_SERVICE_ROLE_KEY: ${MAERCHENZAUBER_SUPABASE_SERVICE_ROLE_KEY} - AZURE_OPENAI_ENDPOINT: ${AZURE_OPENAI_ENDPOINT} - AZURE_OPENAI_API_KEY: ${AZURE_OPENAI_API_KEY} - AZURE_OPENAI_API_VERSION: ${AZURE_OPENAI_API_VERSION:-2024-12-01-preview} + PORT: 5173 + # Auth URLs + PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how + # Backend URLs for dashboard widgets + PUBLIC_TODO_API_URL: http://todo-backend:3018 + PUBLIC_TODO_API_URL_CLIENT: https://todo-api.mana.how + PUBLIC_CALENDAR_API_URL: http://calendar-backend:3016 + PUBLIC_CALENDAR_API_URL_CLIENT: https://calendar-api.mana.how + PUBLIC_CLOCK_API_URL: http://clock-backend:3017 + PUBLIC_CLOCK_API_URL_CLIENT: https://clock-api.mana.how ports: - - "127.0.0.1:3002:3002" + - "5173:5173" healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3002/health"] + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:5173/health"] interval: 30s timeout: 10s retries: 3 + start_period: 40s networks: - - manacore-prod + - manacore-network logging: driver: "json-file" options: max-size: "50m" max-file: "5" - deploy: - resources: - limits: - cpus: '2' - memory: 1G - reservations: - cpus: '1' - memory: 512M + + # ============================================ + # Chat App + # ============================================ chat-backend: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/chat-backend:${CHAT_VERSION:-latest} @@ -90,24 +144,29 @@ services: depends_on: mana-core-auth: condition: service_healthy + postgres: + condition: service_healthy environment: NODE_ENV: production PORT: 3002 - MANA_SERVICE_URL: http://mana-core-auth:3001 - SUPABASE_URL: ${CHAT_SUPABASE_URL} - SUPABASE_SERVICE_KEY: ${CHAT_SUPABASE_SERVICE_KEY} + DATABASE_URL: postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD}@postgres:5432/chat + MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + SUPABASE_URL: ${SUPABASE_URL} + SUPABASE_SERVICE_KEY: ${SUPABASE_SERVICE_ROLE_KEY} AZURE_OPENAI_ENDPOINT: ${AZURE_OPENAI_ENDPOINT} AZURE_OPENAI_API_KEY: ${AZURE_OPENAI_API_KEY} AZURE_OPENAI_API_VERSION: ${AZURE_OPENAI_API_VERSION:-2024-12-01-preview} + CORS_ORIGINS: https://chat.mana.how,https://mana.how ports: - - "127.0.0.1:3003:3002" + - "3002:3002" healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3002/api/health"] + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3002/api/v1/health"] interval: 30s timeout: 10s retries: 3 + start_period: 40s networks: - - manacore-prod + - manacore-network logging: driver: "json-file" options: @@ -118,136 +177,253 @@ services: limits: cpus: '2' memory: 1G - reservations: - cpus: '1' - memory: 512M - manadeck-backend: - image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/manadeck-backend:${MANADECK_VERSION:-latest} - container_name: manadeck-backend-prod + chat-web: + image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/chat-web:${CHAT_WEB_VERSION:-latest} + container_name: chat-web-prod restart: always depends_on: - mana-core-auth: + chat-backend: condition: service_healthy environment: NODE_ENV: production - PORT: 3003 - MANA_SERVICE_URL: http://mana-core-auth:3001 - SUPABASE_URL: ${MANADECK_SUPABASE_URL} - SUPABASE_SERVICE_KEY: ${MANADECK_SUPABASE_SERVICE_KEY} + PORT: 3000 + PUBLIC_BACKEND_URL: http://chat-backend:3002 + PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + PUBLIC_BACKEND_URL_CLIENT: https://chat-api.mana.how + PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how ports: - - "127.0.0.1:3004:3003" + - "3000:3000" healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3003/health"] + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/health"] interval: 30s timeout: 10s retries: 3 + start_period: 40s networks: - - manacore-prod + - manacore-network logging: driver: "json-file" options: max-size: "50m" max-file: "5" - deploy: - resources: - limits: - cpus: '1' - memory: 512M - reservations: - cpus: '0.5' - memory: 256M - - nutriphi-backend: - image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/nutriphi-backend:${NUTRIPHI_VERSION:-latest} - container_name: nutriphi-backend-prod - restart: always - depends_on: - mana-core-auth: - condition: service_healthy - environment: - NODE_ENV: production - PORT: 3004 - MANA_SERVICE_URL: http://mana-core-auth:3001 - SUPABASE_URL: ${NUTRIPHI_SUPABASE_URL} - SUPABASE_SERVICE_KEY: ${NUTRIPHI_SUPABASE_SERVICE_KEY} - ports: - - "127.0.0.1:3005:3004" - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3004/health"] - interval: 30s - timeout: 10s - retries: 3 - networks: - - manacore-prod - logging: - driver: "json-file" - options: - max-size: "50m" - max-file: "5" - deploy: - resources: - limits: - cpus: '1' - memory: 512M - reservations: - cpus: '0.5' - memory: 256M - - news-api: - image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/news-api:${NEWS_VERSION:-latest} - container_name: news-api-prod - restart: always - depends_on: - mana-core-auth: - condition: service_healthy - environment: - NODE_ENV: production - PORT: 3005 - MANA_SERVICE_URL: http://mana-core-auth:3001 - ports: - - "127.0.0.1:3006:3005" - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3005/health"] - interval: 30s - timeout: 10s - retries: 3 - networks: - - manacore-prod - logging: - driver: "json-file" - options: - max-size: "50m" - max-file: "5" - deploy: - resources: - limits: - cpus: '1' - memory: 512M - reservations: - cpus: '0.5' - memory: 256M # ============================================ - # Monitoring (Optional but recommended) + # Todo App # ============================================ - # Uncomment if you want container monitoring - # watchtower: - # image: containrrr/watchtower - # container_name: watchtower-prod - # restart: always - # volumes: - # - /var/run/docker.sock:/var/run/docker.sock - # command: --interval 300 --cleanup - # networks: - # - manacore-prod + todo-backend: + image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/todo-backend:${TODO_BACKEND_VERSION:-latest} + container_name: todo-backend-prod + restart: always + depends_on: + mana-core-auth: + condition: service_healthy + postgres: + condition: service_healthy + environment: + NODE_ENV: production + PORT: 3018 + DATABASE_URL: postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD}@postgres:5432/todo + MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + CORS_ORIGINS: https://todo.mana.how,https://mana.how + ports: + - "3018:3018" + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3018/api/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + networks: + - manacore-network + logging: + driver: "json-file" + options: + max-size: "50m" + max-file: "5" + + todo-web: + image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/todo-web:${TODO_WEB_VERSION:-latest} + container_name: todo-web-prod + restart: always + depends_on: + todo-backend: + condition: service_healthy + environment: + NODE_ENV: production + PORT: 5188 + PUBLIC_BACKEND_URL: http://todo-backend:3018 + PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + PUBLIC_BACKEND_URL_CLIENT: https://todo-api.mana.how + PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how + ports: + - "5188:5188" + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:5188/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + networks: + - manacore-network + logging: + driver: "json-file" + options: + max-size: "50m" + max-file: "5" + + # ============================================ + # Calendar App + # ============================================ + + calendar-backend: + image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/calendar-backend:${CALENDAR_VERSION:-latest} + container_name: calendar-backend-prod + restart: always + depends_on: + mana-core-auth: + condition: service_healthy + postgres: + condition: service_healthy + environment: + NODE_ENV: production + PORT: 3016 + DATABASE_URL: postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD}@postgres:5432/calendar + DB_HOST: postgres + DB_PORT: 5432 + DB_USER: ${POSTGRES_USER:-postgres} + MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + CORS_ORIGINS: https://calendar.mana.how,https://mana.how + ports: + - "3016:3016" + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3016/api/v1/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + networks: + - manacore-network + logging: + driver: "json-file" + options: + max-size: "50m" + max-file: "5" + + calendar-web: + image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/calendar-web:${CALENDAR_WEB_VERSION:-latest} + container_name: calendar-web-prod + restart: always + depends_on: + calendar-backend: + condition: service_healthy + environment: + NODE_ENV: production + PORT: 5186 + PUBLIC_BACKEND_URL: http://calendar-backend:3016 + PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + PUBLIC_BACKEND_URL_CLIENT: https://calendar-api.mana.how + PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how + ports: + - "5186:5186" + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:5186/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + networks: + - manacore-network + logging: + driver: "json-file" + options: + max-size: "50m" + max-file: "5" + + # ============================================ + # Clock App + # ============================================ + + clock-backend: + image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/clock-backend:${CLOCK_VERSION:-latest} + container_name: clock-backend-prod + restart: always + depends_on: + mana-core-auth: + condition: service_healthy + postgres: + condition: service_healthy + environment: + NODE_ENV: production + PORT: 3017 + DATABASE_URL: postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD}@postgres:5432/clock + DB_HOST: postgres + DB_PORT: 5432 + DB_USER: ${POSTGRES_USER:-postgres} + MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + CORS_ORIGINS: https://clock.mana.how,https://mana.how + ports: + - "3017:3017" + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3017/api/v1/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + networks: + - manacore-network + logging: + driver: "json-file" + options: + max-size: "50m" + max-file: "5" + + clock-web: + image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/clock-web:${CLOCK_WEB_VERSION:-latest} + container_name: clock-web-prod + restart: always + depends_on: + clock-backend: + condition: service_healthy + environment: + NODE_ENV: production + PORT: 5187 + PUBLIC_BACKEND_URL: http://clock-backend:3017 + PUBLIC_MANA_CORE_AUTH_URL: http://mana-core-auth:3001 + PUBLIC_BACKEND_URL_CLIENT: https://clock-api.mana.how + PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how + ports: + - "5187:5187" + healthcheck: + test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:5187/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + networks: + - manacore-network + logging: + driver: "json-file" + options: + max-size: "50m" + max-file: "5" # ============================================ # Networks # ============================================ networks: - manacore-prod: + manacore-network: driver: bridge name: manacore-production + +# ============================================ +# Volumes +# ============================================ + +volumes: + postgres_data: + name: manacore-postgres-prod + redis_data: + name: manacore-redis-prod diff --git a/mac-mini-setup.sh b/mac-mini-setup.sh new file mode 100644 index 000000000..5cee2edac --- /dev/null +++ b/mac-mini-setup.sh @@ -0,0 +1,39 @@ +#!/bin/bash +# Mac Mini Server Setup Script +# Kopiere diese Datei auf den Mac Mini und führe aus: +# chmod +x mac-mini-setup.sh && ./mac-mini-setup.sh + +echo "=== Mac Mini Server Setup ===" +echo "" + +# 1. Cloudflare Tunnel installieren +echo "📦 Installiere cloudflared..." +brew install cloudflared + +# 2. Git installieren (falls nicht vorhanden) +echo "📦 Installiere git..." +brew install git + +# 3. Verzeichnis erstellen +echo "📁 Erstelle Projekt-Verzeichnis..." +mkdir -p ~/projects +cd ~/projects + +# 4. Repository klonen +echo "📥 Klone Repository..." +git clone https://github.com/Memo-2023/manacore-monorepo.git +cd manacore-monorepo + +echo "" +echo "✅ Basis-Setup abgeschlossen!" +echo "" +echo "=== NÄCHSTE SCHRITTE (manuell) ===" +echo "" +echo "1. Cloudflare Tunnel authentifizieren:" +echo " cloudflared tunnel login" +echo "" +echo "2. Tunnel erstellen:" +echo " cloudflared tunnel create mana-server" +echo "" +echo "3. Dann melde dich bei Till/Claude für die nächsten Schritte!" +echo ""