add nginx

2025-12-30 18:39:12 +03:00 · 2025-12-30 18:39:12 +03:00 · 7145fee5e8
parent c014f90773
commit 7145fee5e8
2 changed files with 113 additions and 30 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,10 +1,31 @@
-version: '3.8'
+version: "3.8"
+
+networks:
+  itcloud-net:
+    driver: bridge
+    internal: true  # ВАЖНО: сеть без выхода "в интернет" (межконтейнерная)
+  itcloud-edge:
+    driver: bridge   # сеть для входящего трафика (только nginx)

 services:
+  nginx:
+    image: nginx:alpine
+    ports:
+      - "${NGINX_PORT:-8095}:80"          # единственный внешний порт
+    volumes:
+      - ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf:ro
+    depends_on:
+      - frontend
+      - backend
+    restart: unless-stopped
+    networks:
+      - itcloud-edge
+      - itcloud-net
+
  backend:
    build: ./backend
-    ports:
-      - "${BACKEND_PORT:-8094}:8000"
+    expose:
+      - "8000"
    environment:
      - APP_ENV=dev
      - DATABASE_URL=sqlite+aiosqlite:////app/data/app.db
@ -20,9 +41,26 @@ services:
      - ./backend/src:/app/src
      - backend-data:/app/data
    depends_on:
-      - minio
-      - redis
+      minio:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
    command: uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload
+    networks:
+      - itcloud-net
+
+  frontend:
+    build: ./frontend
+    expose:
+      - "5173"
+    environment:
+      - VITE_API_URL=${VITE_API_URL}
+    volumes:
+      - ./frontend/src:/app/src
+      - ./frontend/public:/app/public
+    command: npm run dev -- --host 0.0.0.0
+    networks:
+      - itcloud-net

  minio:
    image: minio/minio:latest
@ -37,48 +75,48 @@ services:
    command: server /data --console-address ":9001"
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
-      interval: 30s
-      timeout: 20s
-      retries: 3
+      interval: 10s
+      timeout: 5s
+      retries: 20
+    networks:
+      - itcloud-net
+

  minio-setup:
    image: minio/mc:latest
    depends_on:
-      - minio
+      minio:
+        condition: service_healthy
    environment:
      - MINIO_ROOT_USER=${MINIO_ROOT_USER:-minioadmin}
      - MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD:-minioadmin}
+      - MEDIA_BUCKET=itcloud-media
    entrypoint: >
      /bin/sh -c "
-      sleep 5;
-      /usr/bin/mc alias set myminio http://minio:9000 $$MINIO_ROOT_USER $$MINIO_ROOT_PASSWORD;
-      /usr/bin/mc mb myminio/itcloud-media --ignore-existing;
-      /usr/bin/mc anonymous set none myminio/itcloud-media;
-      exit 0;
+      set -e;
+      mc alias set myminio http://minio:9000 $$MINIO_ROOT_USER $$MINIO_ROOT_PASSWORD;
+      mc mb myminio/$$MEDIA_BUCKET --ignore-existing;
+      mc anonymous set none myminio/$$MEDIA_BUCKET;
+      echo 'MinIO bucket ensured:' $$MEDIA_BUCKET;
      "
+    restart: "no"
+    networks:
+      - itcloud-net

  redis:
    image: redis:7-alpine
-    ports:
-      - "${REDIS_PORT:-6388}:6379"
+    # ports: <-- УБРАЛИ! наружу не светим
+    expose:
+      - "6379"
    volumes:
      - redis-data:/data
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-
-  frontend:
-    build: ./frontend
-    ports:
-      - "${FRONTEND_PORT:-8095}:5173"
-    environment:
-      - VITE_API_URL=${VITE_API_URL}
-    volumes:
-      - ./frontend/src:/app/src
-      - ./frontend/public:/app/public
-    command: npm run dev -- --host 0.0.0.0
+      interval: 10s
+      timeout: 3s
+      retries: 20
+    networks:
+      - itcloud-net

 volumes:
  backend-data:
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@ -0,0 +1,45 @@
+server {
+    listen 80;
+    server_name _;
+
+    client_max_body_size 500M;
+
+    # Frontend (Vite dev server)
+    location / {
+        proxy_pass http://frontend:5173;
+        proxy_http_version 1.1;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # WebSocket / HMR
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_cache_bypass $http_upgrade;
+    }
+
+    # Backend API
+    location /api/ {
+        proxy_pass http://backend:8000/;
+        proxy_http_version 1.1;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        proxy_connect_timeout 300;
+        proxy_send_timeout 300;
+        proxy_read_timeout 300;
+        send_timeout 300;
+    }
+
+    location /health {
+        proxy_pass http://backend:8000/health;
+    }
+
+    # (Опционально) MinIO Console только внутри (если захочешь)
+    # location /minio/ {
+    #     proxy_pass http://minio:9001/;
+    # }
+}