Files
tfm_ainventory/docker-compose.yml
Daniel Bedeleanu fc149184e9 feat(6): phase 6 plan 02 - operational runbook and documentation
- Created OPERATIONAL_RUNBOOK.md: comprehensive step-by-step procedures for both Docker and Standalone deployment modes covering deployment, daily ops, troubleshooting, backup/restore, disaster recovery, scaling, and updates
- Created HEALTH_MONITORING_CHECKLIST.md: daily/weekly/monthly health check procedures with alert thresholds and quick troubleshooting reference
- Created DISASTER_RECOVERY_PLAN.md: detailed procedures for 6 failure scenarios (database corruption, hardware failure, data center failure, app crash, disk full, network isolation) with RTO/RPO targets
- Created CONFIGURATION_REFERENCE.md: complete documentation of all inventory.env parameters for both deployment modes with common scenarios and troubleshooting
- Created EMERGENCY_PROCEDURES.md: quick-reference incident response playbook with 7 critical scenarios, decision tree, escalation path, and printable cheat sheet
- Created scripts/backup.sh: automated backup script supporting both Docker and Standalone with integrity verification and retention management
- Created scripts/restore.sh: restore script with triple confirmation, safety backups, and validation tests for both deployment modes
- Created config/backup-cron.sh: installer for daily/weekly automated backup cron jobs (2 AM daily, 3 AM Sunday)

All documentation covers dual-deployment modes with shared configuration files.
Documentation is operator-ready with copy-paste commands and clear expected outputs.
2026-04-22 18:25:32 +03:00

128 lines
3.0 KiB
YAML

version: '3.8'
services:
backend:
build:
context: .
dockerfile: backend/Dockerfile
container_name: inventory-backend
networks:
- inventory_net
ports:
- ${BACKEND_PORT:-8000}:8000
env_file:
- inventory.env
volumes:
# Named volumes for data persistence
- backend_data:/app/data
- backend_logs:/app/logs
- ./config:/app/config:ro
- ./scripts:/app/scripts:ro
environment:
- DATA_DIR=/app/data
- LOGS_DIR=/app/logs
# [C-01] JWT secret key — GENERATE A SECURE VALUE FOR PRODUCTION!
- JWT_SECRET_KEY=${JWT_SECRET_KEY:-change_me_in_production}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
restart: unless-stopped
deploy:
resources:
limits:
cpus: '1.0'
memory: 1G
reservations:
cpus: '0.5'
memory: 512M
frontend:
build:
context: ./frontend
container_name: inventory-frontend
networks:
- inventory_net
ports:
- ${FRONTEND_PORT:-3000}:3000
env_file:
- inventory.env
volumes:
- frontend_logs:/app/logs
# Write Next.js logs to both stdout (docker logs) and file (mapped volume)
command: sh -c "mkdir -p /app/logs && node server.js 2>&1 | tee -a /app/logs/frontend.log"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3000/"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
restart: unless-stopped
depends_on:
backend:
condition: service_healthy
deploy:
resources:
limits:
cpus: '0.5'
memory: 512M
reservations:
cpus: '0.25'
memory: 256M
proxy:
build:
context: .
dockerfile: config/proxy/Dockerfile
container_name: inventory-proxy
networks:
- inventory_net
ports:
- ${BACKEND_SSL_PORT:-8918}:444
- ${FRONTEND_SSL_PORT:-8919}:443
env_file:
- inventory.env
volumes:
- ./config/Caddyfile:/etc/caddy/Caddyfile:ro
# Persist the internal Caddy certificates so users don't get new certificate warnings constantly
- caddy_data:/data
- caddy_config:/config
healthcheck:
test: ["CMD", "curl", "-f", "https://localhost:443/ -k"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
depends_on:
frontend:
condition: service_healthy
backend:
condition: service_healthy
restart: unless-stopped
deploy:
resources:
limits:
cpus: '0.5'
memory: 256M
reservations:
cpus: '0.25'
memory: 128M
networks:
inventory_net:
driver: bridge
volumes:
backend_data:
driver: local
backend_logs:
driver: local
frontend_logs:
driver: local
caddy_data:
driver: local
caddy_config:
driver: local