feat(devops): removed stuff and added jwt

2026-01-13 17:38:14 +01:00 · 2026-01-13 17:38:14 +01:00 · d0e787e2c7
commit d0e787e2c7
parent d9a68771a6
5 changed files with 43 additions and 38 deletions
--- a/.gitignore
+++ b/.gitignore
@ -10,6 +10,7 @@ openapi.jar
 .vscode
 nginx-dev/nginx
 nginx-dev/nginx.deb
 .env
 # sqlite stuff
 *.db
--- a/Docker.mk
+++ b/Docker.mk
@ -2,13 +2,13 @@
 # TODO: REMOVE THIS BEFORE LAUNCH
 # this allows the us to only start the non-monitoring sercices
-DOCKER_SERVICE=        \
+#DOCKER_SERVICE=        \
-			  auth     \
+#			  auth     \
-			  chat     \
+#			  chat     \
-			  tic-tac-toe \
+#			  tic-tac-toe \
-			  nginx    \
+#			  nginx    \
-			  user     \
+#			  user     \
-			  pong     \
+#			  pong     \
 all: build
 	docker compose up -d $(DOCKER_SERVICE)
@ -19,7 +19,7 @@ logs:
 down:
 	docker compose down
-build:
+build: .env
 	docker compose build $(DOCKER_SERVICE)
 re:
@ -38,3 +38,8 @@ prune: clean
 	-docker volume  prune
 	-docker network prune
 	-docker system  prune -a
 .env:
 	@echo "edit the env.example file and use the \`make jwt_secret\` to create a valid jwt secret"
 	@echo "write the stuff to .env"
 	exit 1
--- a/5
+++ b/5
@ -148,5 +148,8 @@ fnginx: nginx-dev/nginx nginx-dev/nginx-selfsigned.crt nginx-dev/nginx-selfsigne
 	-(cd ./frontend && npx pnpm exec vite --clearScreen false)
 	wait
 jwt_secret:
 	sh -c "dd if=/dev/urandom bs=32 count=1 2>/dev/null | base64 | tr -d -- '\n' | tr -- '+/' '-_'; echo"
 #	phony
-.PHONY: all clean fclean re header footer npm@install npm@clean npm@fclean npm@build sql tmux logs
+.PHONY: all clean fclean re header footer npm@install npm@clean npm@fclean npm@build sql tmux logs jwt_secret
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -51,9 +51,7 @@ services:
    volumes:
      # if you need to share files with nginx, you do it here.
      - static-volume:/volumes/static
-    environment:
+    env_file: .env
      # this can stay the same for developpement. This is an alias to `localhost`
      - NGINX_DOMAIN=local.maix.me
    logging:
      driver: gelf
      options:
@ -76,8 +74,7 @@ services:
      - sqlite-volume:/volumes/database
      - static-volume:/volumes/static
      - ./src/auth/config:/config
-    environment:
+    env_file: .env
      - JWT_SECRET=KRUGKIDROVUWG2ZAMJZG653OEBTG66BANJ2W24DTEBXXMZLSEB2GQZJANRQXU6JA
    logging:
      driver: gelf
      options:
@ -102,8 +99,7 @@ services:
     volumes:
       - sqlite-volume:/volumes/database
       - static-volume:/volumes/static
-     environment:
+     env_file: .env
       - JWT_SECRET=KRUGKIDROVUWG2ZAMJZG653OEBTG66BANJ2W24DTEBXXMZLSEB2GQZJANRQXU6JA
     logging:
       driver: gelf
       options:
@ -125,18 +121,15 @@ services:
    restart: always
    networks:
      - app
    env_file: .env
    volumes:
      - sqlite-volume:/volumes/database
      - static-volume:/volumes/static
-    environment:
+    logging:
-      - JWT_SECRET=KRUGKIDROVUWG2ZAMJZG653OEBTG66BANJ2W24DTEBXXMZLSEB2GQZJANRQXU6JA
+      driver: gelf
-      - PROVIDER_FILE=/extra/providers.toml
+      options:
-      - SESSION_MANAGER=${SESSION_MANAGER}
+        gelf-address: "udp://127.0.0.1:12201"
-    # logging:
+        tag: "{{.Name}}"
    #   driver: gelf
    #   options:
    #     gelf-address: "udp://127.0.0.1:12201"
    #     tag: "{{.Name}}"
  ###############
  #    PONG     #
@ -156,8 +149,7 @@ services:
    volumes:
      - sqlite-volume:/volumes/database
      - static-volume:/volumes/static
-    environment:
+    env_file: .env
      - JWT_SECRET=KRUGKIDROVUWG2ZAMJZG653OEBTG66BANJ2W24DTEBXXMZLSEB2GQZJANRQXU6JA
  ###############
  #    USER     #
@ -177,8 +169,7 @@ services:
    volumes:
      - sqlite-volume:/volumes/database
      - static-volume:/volumes/static
-    environment:
+    env_file: .env
      - JWT_SECRET=KRUGKIDROVUWG2ZAMJZG653OEBTG66BANJ2W24DTEBXXMZLSEB2GQZJANRQXU6JA
    logging:
      driver: gelf
      options:
@ -205,11 +196,10 @@ services:
      - ./monitoring/grafana/dashboards-config:/etc/grafana/provisioning/dashboards
      - ./monitoring/grafana/dashboards:/var/lib/grafana/dashboards
      - grafana-data:/var/lib/grafana
    env_file: .env
    environment:
      # this can stay the same for developpement. This is an alias to `localhost`
      - NGINX_DOMAIN=local.maix.me
      - GF_LOG_LEVEL=warn
-      - GF_SERVER_ROOT_URL=https://local.maix.me:9090/grafana/
+      - GF_SERVER_ROOT_URL=https:/${NGINX_DOMAIN}/:9090/grafana/
      - GF_SECURITY_ADMIN_USER=${GRAFANA_ADMIN_USER}
      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASS}
    logging:
@ -238,6 +228,7 @@ services:
      options:
        gelf-address: "udp://127.0.0.1:12201"
        tag: "{{.Name}}"
    env_file: .env
    healthcheck:
      test: ["CMD", "wget", "--quiet", "--spider", "http://localhost:9090/-/healthy"]
      interval: 30s
@ -252,6 +243,7 @@ services:
    container_name: mon-cadvisor
    command:
      - '-url_base_prefix=/cadvisor'
    env_file: .env
    environment:
      - CADVISOR_HEALTHCHECK_URL=http://localhost:8080/cadvisor/healthz
    volumes:
@ -277,6 +269,7 @@ services:
      options:
        gelf-address: "udp://127.0.0.1:12201"
        tag: "{{.Name}}"
    env_file: .env
    healthcheck:
      test: ["CMD", "wget", "--quiet", "--spider", "http://localhost:9115/-/healthy"]
      interval: 30s
@ -295,10 +288,10 @@ services:
    container_name: log-elasticsearch
    networks:
      - monitoring
    env_file: .env
    environment:
      - discovery.type=single-node
      - ES_JAVA_OPTS=-Xms512m -Xmx512m
      - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
    volumes:
      - elastic-data:/usr/share/elasticsearch/data
      - ./logs/elasticsearch:/setup
@ -323,6 +316,7 @@ services:
    ports:
      - "12201:12201/udp"
    restart: unless-stopped
    env_file: .env
    healthcheck:
      test: ["CMD", "curl", "-f", "-s", "localhost:9600"]
      interval: 30s
@ -338,9 +332,10 @@ services:
    networks:
      - monitoring
      - app
    env_file: .env
    environment:
      - ELASTICSEARCH_HOSTS=http://elasticsearch:9200
-      - SERVER_PUBLICBASEURL=https://local.maix.me:9090/kibana
+      - SERVER_PUBLICBASEURL=https://${NGINX_DOMAIN}:9090/kibana
      - SERVER_BASEPATH=/kibana
      - SERVER_REWRITEBASEPATH=true
      - ELASTICSEARCH_USERNAME=elastic
--- a/env.example
+++ b/env.example
@ -1,5 +1,6 @@
-GRAFANA_ADMIN_USER=
+GRAFANA_ADMIN_USER=admintochange
-GRAFANA_ADMIN_PASS=
+GRAFANA_ADMIN_PASS=passwordtochange
 GRAFANA_WEBHOOK_URL=
-
+ELASTIC_PASSWORD=passwordtochange
-ELASTIC_PASSWORD=
+JWT_SECRET=
 NGINX_DOMAIN=local.maix.me