d50ec765ab
Liefert das reproduzierbare Compose-Setup hinter EXTERNEM Traefik: - Dockerfile (multi-stage deps/builder/runner, Next.js standalone, non-root UID/GID 1001, HEALTHCHECK gegen /api/health). - docker/entrypoint.sh: wartet via pg_isready auf Postgres, wendet Migrationen idempotent an (docker/migrate.mjs, plain ESM ohne tsx/drizzle-kit), optionaler Seed (RUN_SEED), dann exec node server.js. - docker-compose.yml: genau vier Services (app, postgres, osrm, nominatim), KEIN Proxy-Service; externes traefik-Netz + internes Netz; Traefik-Labels (Host, websecure, tls.certresolver, Security-Header-Middleware); Postgres-/App-Healthchecks; AUTH_URL/AUTH_TRUST_HOST/Forwarded-Header. - docker-compose.override.yml.example: lokal :3000 ohne TLS (http AUTH_URL). - .dockerignore, Makefile (build/up/down/logs/deploy/data/config). - .env.example: voller Vertrag inkl. APP_HOST, TRAEFIK_*, POSTGRES_*, RUN_SEED. - docs/reference/deployment-traefik.md: externes Netz, Authentik-Redirect-URI https://${APP_HOST}/api/auth/callback/authentik, Forwarded-Header/Cookies, /api/health-Allowlist. - tests/unit/deployment.test.ts (TDD): statische Offline-Verifikation der Artefakte; vitest.config.ts nimmt tests/unit/** auf. Offline verifiziert: tsc --noEmit sauber; vitest run grün (200 passed, 7 db-roundtrip skipped); next build erzeugt .next/standalone/server.js; sh -n docker/entrypoint.sh ok; make -n deploy zeigt build->up. Deferred (kein Docker/Postgres in der Sandbox): docker build/run id -u=1001, docker compose config --services, /api/health anonym 200, End-to-End Traefik. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
39 lines
957 B
Makefile
39 lines
957 B
Makefile
# FlorianNetz — Deployment-Makefile (externes Traefik).
|
|
#
|
|
# Ziele:
|
|
# make build - baut das App-Image (Next.js standalone, non-root)
|
|
# make up - startet den Stack (App + Postgres + Geo) hinter Traefik
|
|
# make down - stoppt den Stack
|
|
# make logs - folgt den App-Logs
|
|
# make deploy - build + up (Standard-Deploy)
|
|
# make data - bereitet die OSRM-Geodaten vor (Download + Preprocessing)
|
|
# make config - validiert die Compose-Konfiguration
|
|
#
|
|
# Hinweis: up/data/deploy benötigen Docker (+ Netzzugriff/RAM/Disk) und werden
|
|
# NICHT in CI/Sandbox ausgeführt. Das externe Traefik-Netz muss existieren:
|
|
# docker network create traefik
|
|
|
|
COMPOSE = docker compose --env-file .env
|
|
|
|
.PHONY: build up down logs deploy data config
|
|
|
|
build:
|
|
$(COMPOSE) build app
|
|
|
|
up:
|
|
$(COMPOSE) up -d
|
|
|
|
down:
|
|
$(COMPOSE) down
|
|
|
|
logs:
|
|
$(COMPOSE) logs -f app
|
|
|
|
deploy: build up
|
|
|
|
data:
|
|
./scripts/prepare-osm-data.sh
|
|
|
|
config:
|
|
$(COMPOSE) config --services
|