refactoring: Env-Dateien und Docker-Dateien
This commit is contained in:
@@ -1,20 +0,0 @@
|
||||
# ===================================================================
|
||||
# Clients Docker Build Arguments - dockerfiles/clients/*
|
||||
# Source: docker/versions.toml [categories.clients]
|
||||
# Last updated: 2025-11-18 14:30:11 UTC
|
||||
# ===================================================================
|
||||
|
||||
# --- Include Global Arguments ---
|
||||
# Source global.env for GRADLE_VERSION, JAVA_VERSION, VERSION
|
||||
|
||||
# --- Client-Specific Build Tools ---
|
||||
NODE_VERSION=22.21.0
|
||||
NGINX_VERSION=1.28.0-alpine
|
||||
|
||||
# --- Client Build Configuration ---
|
||||
CLIENT_PATH=client
|
||||
CLIENT_MODULE=client
|
||||
CLIENT_NAME=meldestelle-client
|
||||
|
||||
# Note: Runtime/Dev values moved to config/env/.env
|
||||
# Keep this file strictly for build-time values only.
|
||||
@@ -1,26 +0,0 @@
|
||||
# ===================================================================
|
||||
# Global Docker Build Arguments - Used by all categories
|
||||
# Source: docker/versions.toml
|
||||
# Last updated: 2025-11-18 15:44:00 UTC
|
||||
# ===================================================================
|
||||
|
||||
# --- Build Tools ---
|
||||
GRADLE_VERSION=9.1.0
|
||||
JAVA_VERSION=21
|
||||
|
||||
# --- Build Metadata ---
|
||||
VERSION=1.0.0
|
||||
|
||||
# --- Monitoring & Infrastructure Services (image tags) ---
|
||||
PROMETHEUS_IMAGE_TAG=v2.54.1
|
||||
GRAFANA_IMAGE_TAG=11.3.0
|
||||
KEYCLOAK_IMAGE_TAG=26.4.2
|
||||
|
||||
# --- Datastore Images (image tags) ---
|
||||
POSTGRES_IMAGE_TAG=16-alpine
|
||||
REDIS_IMAGE_TAG=7-alpine
|
||||
|
||||
# --- Additional Infrastructure Images (image tags) ---
|
||||
CONSUL_IMAGE_TAG=1.15
|
||||
ZOOKEEPER_IMAGE_TAG=7.4.0
|
||||
KAFKA_IMAGE_TAG=7.4.0
|
||||
@@ -1,22 +0,0 @@
|
||||
# ===================================================================
|
||||
# Infrastructure Docker Build Arguments - dockerfiles/infrastructure/*
|
||||
# Source: docker/versions.toml [categories.infrastructure]
|
||||
# Last updated: 2025-11-18 14:30:11 UTC
|
||||
# ===================================================================
|
||||
|
||||
# --- Include Global Arguments ---
|
||||
# Source global.env for GRADLE_VERSION, JAVA_VERSION, VERSION
|
||||
|
||||
# --- API Gateway Specific ---
|
||||
GATEWAY_SERVICE_PATH=infrastructure/gateway
|
||||
GATEWAY_SERVICE_NAME=api-gateway
|
||||
|
||||
# --- Auth Server Specific ---
|
||||
AUTH_SERVER_PATH=infrastructure/auth/auth-server
|
||||
AUTH_SERVER_SERVICE_NAME=auth-server
|
||||
|
||||
# --- Monitoring Server Specific ---
|
||||
MONITORING_SERVER_PATH=infrastructure/monitoring/monitoring-server
|
||||
MONITORING_SERVER_SERVICE_NAME=monitoring-server
|
||||
|
||||
# Note: Runtime profiles/ports/dependencies moved to config/env/.env
|
||||
@@ -1,14 +0,0 @@
|
||||
# ===================================================================
|
||||
# Services Docker Build Arguments - dockerfiles/services/*
|
||||
# Source: docker/versions.toml [categories.services]
|
||||
# Last updated: 2025-11-18 14:30:11 UTC
|
||||
# ===================================================================
|
||||
|
||||
# --- Include Global Arguments ---
|
||||
# Source global.env for GRADLE_VERSION, JAVA_VERSION, VERSION
|
||||
|
||||
# --- Service-Specific Arguments ---
|
||||
SERVICE_PATH=.
|
||||
SERVICE_NAME=spring-boot-service
|
||||
|
||||
# Note: Runtime profiles/ports moved to config/env/.env
|
||||
@@ -1,15 +0,0 @@
|
||||
# Docker Secrets (Development vs. Production)
|
||||
|
||||
In der lokalen Entwicklung werden keine Docker-Secrets erzwungen.
|
||||
|
||||
- Verwende für sensible Werte stattdessen die Datei `config/env/.env.local` (ist gitignored).
|
||||
- Die Dateien in diesem Ordner sind lediglich Platzhalter und enthalten KEINE echten Geheimnisse.
|
||||
- Für ein Deployment in Produktion kannst du diese Dateien mit echten Werten befüllen oder einen sicheren Secret-Store (Docker/K8s) verwenden.
|
||||
|
||||
Hinweise:
|
||||
- Postgres-User/Passwort haben in der lokalen Entwicklung Standard/Fallback-Werte via `docker-compose.yml` (Environment mit Defaults).
|
||||
- Die optimierten Compose-Dateien (`*.optimized`) können weiterhin Docker-Secrets verwenden – diese sind für Prod gedacht.
|
||||
|
||||
Schnellstart lokal (ohne Secrets):
|
||||
- Passe `config/env/.env` und optional `config/env/.env.local` an
|
||||
- Starte mit: `docker compose -f docker-compose.yml -f docker-compose.services.yml up`
|
||||
@@ -1 +0,0 @@
|
||||
TiB6FRRYW4gjM7xie17mKtTYFOp
|
||||
@@ -1 +0,0 @@
|
||||
admin
|
||||
@@ -1 +0,0 @@
|
||||
ba960b899f72d5ed192b5597d7f4b5b8853d9d641a2dc23c6b1a4b692b20211c
|
||||
@@ -1 +0,0 @@
|
||||
XASb7AzVy7G5fEKulE1mNPTy2Sw6pHi
|
||||
@@ -1 +0,0 @@
|
||||
s8N3r59JwS0lFsJobKWFJXh9qvdbHgcC6S3fYXYdXFM6eMKkRMtQbxHo0NJKFJC
|
||||
@@ -1 +0,0 @@
|
||||
lRo7W15UNy60EFRlvk1XP99MmgrgK2Z97QK9btl9ZPVIVzWcY81Bebp9hpB
|
||||
@@ -1 +0,0 @@
|
||||
pON4NxxsKPWseVg1gw5PyLNN4YYrj8h
|
||||
@@ -1 +0,0 @@
|
||||
metrics
|
||||
@@ -1 +0,0 @@
|
||||
CHANGE_ME_LOCAL_DEV
|
||||
@@ -1 +0,0 @@
|
||||
meldestelle
|
||||
@@ -1 +0,0 @@
|
||||
p701HhKOnZJ4zbY9dGRvyH9kQTKcsUm
|
||||
@@ -1,345 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# ===================================================================
|
||||
# Docker Secrets Setup Script - Meldestelle Project
|
||||
# ===================================================================
|
||||
# This script generates secure secrets for all Docker services
|
||||
# Security Features:
|
||||
# - Generates cryptographically secure random passwords
|
||||
# - Creates JWT secrets with proper length for HMAC512
|
||||
# - Sets appropriate file permissions (600) for security
|
||||
# - Provides backup functionality
|
||||
# - Validates secret file creation
|
||||
# ===================================================================
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
BLUE='\033[0;34m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
# Script directory
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
SECRETS_DIR="${SCRIPT_DIR}"
|
||||
|
||||
# Logging function
|
||||
log() {
|
||||
echo -e "${GREEN}[$(date +'%Y-%m-%d %H:%M:%S')] $1${NC}"
|
||||
}
|
||||
|
||||
warn() {
|
||||
echo -e "${YELLOW}[WARNING] $1${NC}"
|
||||
}
|
||||
|
||||
error() {
|
||||
echo -e "${RED}[ERROR] $1${NC}"
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Function to generate secure random password
|
||||
generate_password() {
|
||||
local length=${1:-32}
|
||||
openssl rand -base64 $((length * 3 / 4)) | tr -d "=+/" | cut -c1-${length}
|
||||
}
|
||||
|
||||
# Function to generate JWT secret (64 characters for HMAC512)
|
||||
generate_jwt_secret() {
|
||||
openssl rand -hex 32
|
||||
}
|
||||
|
||||
# Function to create secret file with proper permissions
|
||||
create_secret_file() {
|
||||
local filename="$1"
|
||||
local content="$2"
|
||||
local filepath="${SECRETS_DIR}/${filename}"
|
||||
|
||||
# Check if file already exists
|
||||
if [[ -f "$filepath" ]]; then
|
||||
warn "Secret file $filename already exists. Use --force to overwrite."
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Create the secret file
|
||||
echo -n "$content" > "$filepath"
|
||||
chmod 600 "$filepath"
|
||||
|
||||
log "Created secret file: $filename"
|
||||
return 0
|
||||
}
|
||||
|
||||
# Function to backup existing secrets
|
||||
backup_secrets() {
|
||||
local backup_dir="${SECRETS_DIR}/backup_$(date +%Y%m%d_%H%M%S)"
|
||||
|
||||
if find "$SECRETS_DIR" -name "*.txt" -type f | grep -q .; then
|
||||
log "Creating backup of existing secrets..."
|
||||
mkdir -p "$backup_dir"
|
||||
find "$SECRETS_DIR" -name "*.txt" -type f -exec cp {} "$backup_dir/" \;
|
||||
log "Backup created in: $backup_dir"
|
||||
fi
|
||||
}
|
||||
|
||||
# Function to validate secret file
|
||||
validate_secret_file() {
|
||||
local filepath="$1"
|
||||
local min_length="$2"
|
||||
|
||||
if [[ ! -f "$filepath" ]]; then
|
||||
error "Secret file does not exist: $filepath"
|
||||
fi
|
||||
|
||||
local content_length=$(wc -c < "$filepath")
|
||||
if [[ $content_length -lt $min_length ]]; then
|
||||
error "Secret file $filepath is too short (${content_length} < ${min_length})"
|
||||
fi
|
||||
|
||||
local permissions=$(stat -c %a "$filepath")
|
||||
if [[ "$permissions" != "600" ]]; then
|
||||
warn "Secret file $filepath has incorrect permissions: $permissions (should be 600)"
|
||||
chmod 600 "$filepath"
|
||||
fi
|
||||
}
|
||||
|
||||
# Function to generate all secrets
|
||||
generate_all_secrets() {
|
||||
local force_overwrite=${1:-false}
|
||||
|
||||
log "Starting secret generation for Meldestelle Docker infrastructure..."
|
||||
|
||||
# Create backup if not forcing overwrite
|
||||
if [[ "$force_overwrite" != "true" ]]; then
|
||||
backup_secrets
|
||||
fi
|
||||
|
||||
# Database secrets
|
||||
log "Generating database secrets..."
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/postgres_user.txt" ]]; then
|
||||
create_secret_file "postgres_user.txt" "meldestelle"
|
||||
fi
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/postgres_password.txt" ]]; then
|
||||
create_secret_file "postgres_password.txt" "$(generate_password 32)"
|
||||
fi
|
||||
|
||||
# Redis secrets
|
||||
log "Generating Redis secrets..."
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/redis_password.txt" ]]; then
|
||||
create_secret_file "redis_password.txt" "$(generate_password 32)"
|
||||
fi
|
||||
|
||||
# Keycloak secrets
|
||||
log "Generating Keycloak secrets..."
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/keycloak_admin_password.txt" ]]; then
|
||||
create_secret_file "keycloak_admin_password.txt" "$(generate_password 32)"
|
||||
fi
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/keycloak_client_secret.txt" ]]; then
|
||||
create_secret_file "keycloak_client_secret.txt" "$(generate_password 64)"
|
||||
fi
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/keycloak_auth_client_secret.txt" ]]; then
|
||||
create_secret_file "keycloak_auth_client_secret.txt" "$(generate_password 64)"
|
||||
fi
|
||||
|
||||
# Grafana secrets
|
||||
log "Generating Grafana secrets..."
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/grafana_admin_user.txt" ]]; then
|
||||
create_secret_file "grafana_admin_user.txt" "admin"
|
||||
fi
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/grafana_admin_password.txt" ]]; then
|
||||
create_secret_file "grafana_admin_password.txt" "$(generate_password 32)"
|
||||
fi
|
||||
|
||||
# JWT secrets
|
||||
log "Generating JWT secrets..."
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/jwt_secret.txt" ]]; then
|
||||
create_secret_file "jwt_secret.txt" "$(generate_jwt_secret)"
|
||||
fi
|
||||
|
||||
# VNC secrets (for desktop app)
|
||||
log "Generating VNC secrets..."
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/vnc_password.txt" ]]; then
|
||||
create_secret_file "vnc_password.txt" "$(generate_password 16)"
|
||||
fi
|
||||
|
||||
# Monitoring secrets
|
||||
log "Generating monitoring secrets..."
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/metrics_auth_username.txt" ]]; then
|
||||
create_secret_file "metrics_auth_username.txt" "metrics"
|
||||
fi
|
||||
if [[ "$force_overwrite" == "true" ]] || ! [[ -f "${SECRETS_DIR}/metrics_auth_password.txt" ]]; then
|
||||
create_secret_file "metrics_auth_password.txt" "$(generate_password 32)"
|
||||
fi
|
||||
|
||||
log "Secret generation completed successfully!"
|
||||
}
|
||||
|
||||
# Function to validate all secrets
|
||||
validate_all_secrets() {
|
||||
log "Validating all secret files..."
|
||||
|
||||
# Define expected secrets with minimum lengths
|
||||
declare -A secrets=(
|
||||
["postgres_user.txt"]=8
|
||||
["postgres_password.txt"]=16
|
||||
["redis_password.txt"]=16
|
||||
["keycloak_admin_password.txt"]=16
|
||||
["keycloak_client_secret.txt"]=32
|
||||
["keycloak_auth_client_secret.txt"]=32
|
||||
["grafana_admin_user.txt"]=4
|
||||
["grafana_admin_password.txt"]=16
|
||||
["jwt_secret.txt"]=64
|
||||
["vnc_password.txt"]=8
|
||||
["metrics_auth_username.txt"]=4
|
||||
["metrics_auth_password.txt"]=16
|
||||
)
|
||||
|
||||
local all_valid=true
|
||||
for secret_file in "${!secrets[@]}"; do
|
||||
local filepath="${SECRETS_DIR}/${secret_file}"
|
||||
local min_length=${secrets[$secret_file]}
|
||||
|
||||
if validate_secret_file "$filepath" "$min_length" 2>/dev/null; then
|
||||
log "✓ $secret_file is valid"
|
||||
else
|
||||
error "✗ $secret_file is invalid or missing"
|
||||
all_valid=false
|
||||
fi
|
||||
done
|
||||
|
||||
if [[ "$all_valid" == "true" ]]; then
|
||||
log "All secret files are valid and properly secured!"
|
||||
else
|
||||
error "Some secret files are invalid. Please regenerate secrets."
|
||||
fi
|
||||
}
|
||||
|
||||
# Function to create Docker secrets
|
||||
create_docker_secrets() {
|
||||
log "Creating Docker secrets..."
|
||||
|
||||
# Get the project name (directory name)
|
||||
local project_name=$(basename "$(dirname "$(dirname "$SCRIPT_DIR")")")
|
||||
|
||||
# Define secrets to create
|
||||
declare -A docker_secrets=(
|
||||
["postgres_user"]="postgres_user.txt"
|
||||
["postgres_password"]="postgres_password.txt"
|
||||
["redis_password"]="redis_password.txt"
|
||||
["keycloak_admin_password"]="keycloak_admin_password.txt"
|
||||
["keycloak_client_secret"]="keycloak_client_secret.txt"
|
||||
["grafana_admin_user"]="grafana_admin_user.txt"
|
||||
["grafana_admin_password"]="grafana_admin_password.txt"
|
||||
["jwt_secret"]="jwt_secret.txt"
|
||||
)
|
||||
|
||||
for secret_name in "${!docker_secrets[@]}"; do
|
||||
local secret_file="${docker_secrets[$secret_name]}"
|
||||
local filepath="${SECRETS_DIR}/${secret_file}"
|
||||
local docker_secret_name="${project_name}_${secret_name}"
|
||||
|
||||
# Check if Docker secret already exists
|
||||
if docker secret ls --format "{{.Name}}" | grep -q "^${docker_secret_name}$"; then
|
||||
warn "Docker secret $docker_secret_name already exists"
|
||||
else
|
||||
# Create Docker secret
|
||||
if docker secret create "$docker_secret_name" "$filepath"; then
|
||||
log "Created Docker secret: $docker_secret_name"
|
||||
else
|
||||
error "Failed to create Docker secret: $docker_secret_name"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
# Function to show usage
|
||||
show_usage() {
|
||||
echo "Usage: $0 [OPTIONS]"
|
||||
echo ""
|
||||
echo "Options:"
|
||||
echo " --help Show this help message"
|
||||
echo " --generate Generate all secret files (default)"
|
||||
echo " --force Force overwrite existing secret files"
|
||||
echo " --validate Validate existing secret files"
|
||||
echo " --docker-secrets Create Docker secrets from files"
|
||||
echo " --all Generate files, validate, and create Docker secrets"
|
||||
echo ""
|
||||
echo "Examples:"
|
||||
echo " $0 # Generate secrets (skip existing files)"
|
||||
echo " $0 --force # Generate secrets (overwrite existing files)"
|
||||
echo " $0 --validate # Validate existing secret files"
|
||||
echo " $0 --all # Complete setup (generate, validate, docker secrets)"
|
||||
}
|
||||
|
||||
# Main execution
|
||||
main() {
|
||||
local action="generate"
|
||||
local force_overwrite=false
|
||||
|
||||
# Check dependencies
|
||||
if ! command -v openssl &> /dev/null; then
|
||||
error "openssl is required but not installed"
|
||||
fi
|
||||
|
||||
# Parse command line arguments
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
--help)
|
||||
show_usage
|
||||
exit 0
|
||||
;;
|
||||
--generate)
|
||||
action="generate"
|
||||
shift
|
||||
;;
|
||||
--force)
|
||||
force_overwrite=true
|
||||
shift
|
||||
;;
|
||||
--validate)
|
||||
action="validate"
|
||||
shift
|
||||
;;
|
||||
--docker-secrets)
|
||||
action="docker-secrets"
|
||||
shift
|
||||
;;
|
||||
--all)
|
||||
action="all"
|
||||
shift
|
||||
;;
|
||||
*)
|
||||
error "Unknown option: $1"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Ensure secrets directory exists
|
||||
mkdir -p "$SECRETS_DIR"
|
||||
|
||||
# Execute requested action
|
||||
case $action in
|
||||
"generate")
|
||||
generate_all_secrets "$force_overwrite"
|
||||
;;
|
||||
"validate")
|
||||
validate_all_secrets
|
||||
;;
|
||||
"docker-secrets")
|
||||
create_docker_secrets
|
||||
;;
|
||||
"all")
|
||||
generate_all_secrets "$force_overwrite"
|
||||
validate_all_secrets
|
||||
create_docker_secrets
|
||||
;;
|
||||
*)
|
||||
error "Invalid action: $action"
|
||||
;;
|
||||
esac
|
||||
|
||||
log "Operation completed successfully!"
|
||||
}
|
||||
|
||||
# Run main function with all arguments
|
||||
main "$@"
|
||||
@@ -1 +0,0 @@
|
||||
nrscAXfIoOKTAEt
|
||||
@@ -1,192 +0,0 @@
|
||||
# ===================================================================
|
||||
# Docker Versions Catalog - Single Source of Truth
|
||||
# Analogous to gradle/libs.versions.toml for centralized version management
|
||||
# ===================================================================
|
||||
# Last updated: 2025-09-13
|
||||
# Eliminates version redundancy across 12+ Dockerfiles
|
||||
|
||||
[versions]
|
||||
# --- Build Tools ---
|
||||
gradle = "9.1.0"
|
||||
java = "21"
|
||||
node = "22.21.0"
|
||||
|
||||
# --- Base Images ---
|
||||
nginx = "1.25-alpine"
|
||||
alpine = "3.19"
|
||||
eclipse-temurin-jdk = "21-jdk-alpine"
|
||||
eclipse-temurin-jre = "21-jre-alpine"
|
||||
|
||||
# --- Monitoring & Infrastructure Services ---
|
||||
prometheus = "v2.54.1"
|
||||
grafana = "11.3.0"
|
||||
keycloak = "26.0.7"
|
||||
|
||||
# --- Spring Configuration ---
|
||||
spring-profiles-default = "default"
|
||||
spring-profiles-docker = "docker"
|
||||
spring-profiles-prod = "prod"
|
||||
|
||||
# --- Application Versions ---
|
||||
app-version = "1.0.0"
|
||||
|
||||
# --- Zentrale Port-Verwaltung ---
|
||||
# Single Source of Truth für alle Service-Ports
|
||||
|
||||
[service-ports]
|
||||
# --- Infrastructure Services ---
|
||||
api-gateway = 8081
|
||||
auth-server = 8087
|
||||
monitoring-server = 8088
|
||||
|
||||
# --- Application Services ---
|
||||
ping-service = 8082
|
||||
members-service = 8083
|
||||
horses-service = 8084
|
||||
events-service = 8085
|
||||
masterdata-service = 8086
|
||||
|
||||
# --- External Services ---
|
||||
postgres = 5432
|
||||
redis = 6379
|
||||
keycloak = 8180
|
||||
consul = 8500
|
||||
zookeeper = 2181
|
||||
kafka = 9092
|
||||
|
||||
# --- Monitoring Stack ---
|
||||
prometheus = 9090
|
||||
grafana = 3000
|
||||
|
||||
# --- Client Applications ---
|
||||
web-app = 4000
|
||||
desktop-app-vnc = 5901
|
||||
desktop-app-novnc = 6080
|
||||
|
||||
[port-ranges]
|
||||
# --- Port-Range-Definitionen für automatische Port-Zuweisung ---
|
||||
infrastructure = "8081-8088"
|
||||
services = "8082-8099"
|
||||
monitoring = "9090-9099"
|
||||
clients = "4000-4099"
|
||||
vnc = "5901-5999"
|
||||
debug = "5005-5009"
|
||||
|
||||
# --- Reserved Port Ranges ---
|
||||
system-reserved = "0-1023"
|
||||
ephemeral = "32768-65535"
|
||||
|
||||
[build-args]
|
||||
# --- Global Build Arguments (used across all categories) ---
|
||||
global = [
|
||||
"GRADLE_VERSION",
|
||||
"JAVA_VERSION",
|
||||
"BUILD_DATE",
|
||||
"VERSION"
|
||||
]
|
||||
|
||||
# --- Spring Boot Services (dockerfiles/services/* and infrastructure/*) ---
|
||||
spring-services = [
|
||||
"SPRING_PROFILES_ACTIVE",
|
||||
"SERVICE_PATH",
|
||||
"SERVICE_NAME",
|
||||
"SERVICE_PORT"
|
||||
]
|
||||
|
||||
# --- Kotlin/JS Web Clients (dockerfiles/clients/*) ---
|
||||
web-clients = [
|
||||
"NODE_VERSION",
|
||||
"NGINX_VERSION",
|
||||
"CLIENT_PATH",
|
||||
"CLIENT_MODULE",
|
||||
"CLIENT_NAME"
|
||||
]
|
||||
|
||||
[categories]
|
||||
# --- Services Configuration ---
|
||||
[categories.services]
|
||||
default-spring-profile = "docker"
|
||||
default-port-start = 8082
|
||||
services = [
|
||||
"ping-service",
|
||||
"members-service",
|
||||
"horses-service",
|
||||
"events-service",
|
||||
"masterdata-service"
|
||||
]
|
||||
|
||||
# --- Infrastructure Configuration ---
|
||||
[categories.infrastructure]
|
||||
default-spring-profile = "default"
|
||||
services = [
|
||||
"gateway",
|
||||
"auth-server",
|
||||
"monitoring-server"
|
||||
]
|
||||
|
||||
# --- Client Applications Configuration ---
|
||||
[categories.clients]
|
||||
default-node-version = "20.11.0"
|
||||
default-nginx-version = "1.25-alpine"
|
||||
clients = [
|
||||
"web-app",
|
||||
"desktop-app"
|
||||
]
|
||||
|
||||
[environment-mapping]
|
||||
# --- Environment Variable Names for Docker Compose ---
|
||||
# Maps internal version names to environment variable names
|
||||
gradle-version = "DOCKER_GRADLE_VERSION"
|
||||
java-version = "DOCKER_JAVA_VERSION"
|
||||
node-version = "DOCKER_NODE_VERSION"
|
||||
nginx-version = "DOCKER_NGINX_VERSION"
|
||||
prometheus-version = "DOCKER_PROMETHEUS_VERSION"
|
||||
grafana-version = "DOCKER_GRAFANA_VERSION"
|
||||
keycloak-version = "DOCKER_KEYCLOAK_VERSION"
|
||||
spring-profiles-default = "DOCKER_SPRING_PROFILES_DEFAULT"
|
||||
spring-profiles-docker = "DOCKER_SPRING_PROFILES_DOCKER"
|
||||
app-version = "DOCKER_APP_VERSION"
|
||||
|
||||
[environments]
|
||||
# --- Environment-spezifische Konfigurationen ---
|
||||
# Zentrale Verwaltung für dev/test/prod Umgebungen
|
||||
|
||||
[environments.development]
|
||||
spring-profiles = "dev"
|
||||
debug-enabled = true
|
||||
log-level = "DEBUG"
|
||||
health-check-interval = "30s"
|
||||
health-check-timeout = "5s"
|
||||
health-check-retries = 3
|
||||
health-check-start-period = "40s"
|
||||
resource-limits = false
|
||||
jvm-debug-port = 5005
|
||||
hot-reload = true
|
||||
|
||||
[environments.production]
|
||||
spring-profiles = "prod"
|
||||
debug-enabled = false
|
||||
log-level = "INFO"
|
||||
health-check-interval = "15s"
|
||||
health-check-timeout = "3s"
|
||||
health-check-retries = 3
|
||||
health-check-start-period = "30s"
|
||||
resource-limits = true
|
||||
jvm-debug-port = false
|
||||
hot-reload = false
|
||||
security-headers = true
|
||||
tls-enabled = true
|
||||
|
||||
[environments.testing]
|
||||
spring-profiles = "test"
|
||||
debug-enabled = true
|
||||
log-level = "DEBUG"
|
||||
health-check-interval = "10s"
|
||||
health-check-timeout = "5s"
|
||||
health-check-retries = 2
|
||||
health-check-start-period = "20s"
|
||||
resource-limits = false
|
||||
jvm-debug-port = 5005
|
||||
hot-reload = false
|
||||
ephemeral-storage = true
|
||||
test-containers = true
|
||||
Reference in New Issue
Block a user