matthias/Florian-netz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2578cedab4e9b16cd5fb14029ecfbad88713431
Florian-netz/.dockerignore
Matthias Hochmeister d50ec765ab Workstream 10: Deployment (Docker + externes Traefik) (Phase 7) 
Liefert das reproduzierbare Compose-Setup hinter EXTERNEM Traefik:

- Dockerfile (multi-stage deps/builder/runner, Next.js standalone, non-root
  UID/GID 1001, HEALTHCHECK gegen /api/health).
- docker/entrypoint.sh: wartet via pg_isready auf Postgres, wendet Migrationen
  idempotent an (docker/migrate.mjs, plain ESM ohne tsx/drizzle-kit), optionaler
  Seed (RUN_SEED), dann exec node server.js.
- docker-compose.yml: genau vier Services (app, postgres, osrm, nominatim),
  KEIN Proxy-Service; externes traefik-Netz + internes Netz; Traefik-Labels
  (Host, websecure, tls.certresolver, Security-Header-Middleware);
  Postgres-/App-Healthchecks; AUTH_URL/AUTH_TRUST_HOST/Forwarded-Header.
- docker-compose.override.yml.example: lokal :3000 ohne TLS (http AUTH_URL).
- .dockerignore, Makefile (build/up/down/logs/deploy/data/config).
- .env.example: voller Vertrag inkl. APP_HOST, TRAEFIK_*, POSTGRES_*, RUN_SEED.
- docs/reference/deployment-traefik.md: externes Netz, Authentik-Redirect-URI
  https://${APP_HOST}/api/auth/callback/authentik, Forwarded-Header/Cookies,
  /api/health-Allowlist.
- tests/unit/deployment.test.ts (TDD): statische Offline-Verifikation der
  Artefakte; vitest.config.ts nimmt tests/unit/** auf.

Offline verifiziert: tsc --noEmit sauber; vitest run grün (200 passed,
7 db-roundtrip skipped); next build erzeugt .next/standalone/server.js;
sh -n docker/entrypoint.sh ok; make -n deploy zeigt build->up.
Deferred (kein Docker/Postgres in der Sandbox): docker build/run id -u=1001,
docker compose config --services, /api/health anonym 200, End-to-End Traefik.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-09 12:35:45 +02:00

36 lines
566 B
Plaintext
Raw Blame History

# Build-Kontext minimieren und Secrets/Artefakte aus dem Image fernhalten.
node_modules
.next
.git
.gitignore
# Umgebung / Secrets (niemals ins Image)
.env
.env.*
!.env.example
# Tests / E2E-Artefakte
tests
playwright-report
test-results
tests/e2e/.auth
coverage
# Lokale Geo-Daten (mehrere GB; werden über Volumes bereitgestellt)
infra/geo/data
# Doku / Sonstiges
docs
unterlagen
*.md
!README.md
.DS_Store
*.tsbuildinfo
.superpowers
.vscode
.idea
# Docker-Compose (nicht im Build-Kontext des App-Images nötig)
docker-compose*.yml
docker-compose*.yml.example
Reference in New Issue View Git Blame Copy Permalink