cacd2b04a7
Some checks failed
CI / Rust Format (push) Has been cancelled
CI / Clippy (push) Has been cancelled
CI / Test Server (push) Has been cancelled
CI / Frontend Check (push) Has been cancelled
CI / Tauri Client Check (push) Has been cancelled
CI / Docker Build (push) Has been cancelled
CI / Build Tauri (Linux) (push) Has been cancelled
- Fix 14 Clippy warnings across server and bot-sdk - Add 67 unit tests (32 bot-sdk, 34 server, 1 doctest) - Add Prometheus metrics endpoint (/api/metrics) - Add structured JSON logging (EIFELDC_LOG_FORMAT=json) - Add release workflow (Docker push + GitHub Release + Tauri builds) - Add rate limiting middleware (EIFELDC_RATE_LIMIT) - Add CORS restriction (EIFELDC_CORS_ORIGINS) - Add session token expiry (EIFELDC_SESSION_TTL) - Add input validation (username/password/homeserver length limits) - Add upload size limit (EIFELDC_MAX_UPLOAD_MB) - Upgrade Tauri client from v1 to v2 - Add session store with SQLite persistence - Add proper error types and cleanup across all crates - Format all code with cargo fmt - Update CI pipeline with fmt, clippy, test, frontend, and Tauri checks - Add README with full API reference and setup guide
179 lines
4.2 KiB
YAML
179 lines
4.2 KiB
YAML
services:
|
|
eifeldc:
|
|
build:
|
|
context: ..
|
|
dockerfile: Dockerfile
|
|
container_name: eifeldc-server
|
|
restart: unless-stopped
|
|
ports:
|
|
- "3000:3000"
|
|
environment:
|
|
- EIFELDC_STATIC_DIR=/usr/share/eifeldc/client
|
|
- RUST_LOG=eifeldc_server=info,tower_http=info
|
|
- LIVEKIT_API_KEY=${LIVEKIT_API_KEY:-devkey}
|
|
- LIVEKIT_API_SECRET=${LIVEKIT_API_SECRET:-devsecret}
|
|
- LIVEKIT_URL=ws://livekit:7880
|
|
- SYNAPSE_URL=http://synapse:8008
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:3000/api/current-user"]
|
|
interval: 15s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 10s
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
cpus: "1.0"
|
|
logging:
|
|
driver: json-file
|
|
options:
|
|
max-size: "10m"
|
|
max-file: "3"
|
|
networks:
|
|
- eifeldc
|
|
|
|
synapse:
|
|
image: matrixdotorg/synapse:latest
|
|
container_name: eifeldc-synapse
|
|
restart: unless-stopped
|
|
volumes:
|
|
- synapse-data:/data
|
|
- ./synapse/log.config:/data/log.config:ro
|
|
environment:
|
|
- SYNAPSE_SERVER_NAME=${DOMAIN:-eifeldc.local}
|
|
- SYNAPSE_REPORT_STATS=no
|
|
ports:
|
|
- "8008:8008"
|
|
- "8448:8448"
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:8008/_matrix/client/versions"]
|
|
interval: 15s
|
|
timeout: 5s
|
|
retries: 5
|
|
start_period: 30s
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 1G
|
|
cpus: "2.0"
|
|
logging:
|
|
driver: json-file
|
|
options:
|
|
max-size: "10m"
|
|
max-file: "3"
|
|
networks:
|
|
- eifeldc
|
|
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
container_name: eifeldc-postgres
|
|
restart: unless-stopped
|
|
volumes:
|
|
- postgres-data:/var/lib/postgresql/data
|
|
environment:
|
|
POSTGRES_USER: synapse
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-changeme_postgres_password}
|
|
POSTGRES_DB: synapse
|
|
POSTGRES_INITDB_ARGS: "--encoding=UTF8 --lc-collate=C --lc-ctype=C"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U synapse"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
cpus: "1.0"
|
|
logging:
|
|
driver: json-file
|
|
options:
|
|
max-size: "10m"
|
|
max-file: "3"
|
|
networks:
|
|
- eifeldc
|
|
|
|
coturn:
|
|
image: coturn/coturn:latest
|
|
container_name: eifeldc-coturn
|
|
restart: unless-stopped
|
|
network_mode: host
|
|
volumes:
|
|
- ./coturn/turnserver.conf:/etc/turnserver.conf:ro
|
|
- turn-certs:/etc/letsencrypt
|
|
command: ["-c", "/etc/turnserver.conf"]
|
|
logging:
|
|
driver: json-file
|
|
options:
|
|
max-size: "10m"
|
|
max-file: "3"
|
|
|
|
livekit:
|
|
image: livekit/livekit-server:latest
|
|
container_name: eifeldc-livekit
|
|
restart: unless-stopped
|
|
ports:
|
|
- "7880:7880"
|
|
- "7881:7881"
|
|
- "7882:7882/udp"
|
|
- "50000-50200:50000-50200/udp"
|
|
environment:
|
|
- LIVEKIT_KEYS=${LIVEKIT_API_KEY:-devkey}: ${LIVEKIT_API_SECRET:-devsecret}
|
|
command: --dev --node-ip ${LIVEKIT_NODE_IP:-127.0.0.1}
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--spider", "-q", "http://localhost:7880"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 5s
|
|
logging:
|
|
driver: json-file
|
|
options:
|
|
max-size: "10m"
|
|
max-file: "3"
|
|
networks:
|
|
- eifeldc
|
|
|
|
nginx:
|
|
image: nginx:alpine
|
|
container_name: eifeldc-nginx
|
|
restart: unless-stopped
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- ./nginx/eifeldc.conf:/etc/nginx/conf.d/eifeldc.conf:ro
|
|
- nginx-certs:/etc/letsencrypt:ro
|
|
depends_on:
|
|
eifeldc:
|
|
condition: service_healthy
|
|
synapse:
|
|
condition: service_healthy
|
|
livekit:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:80/"]
|
|
interval: 15s
|
|
timeout: 5s
|
|
retries: 3
|
|
logging:
|
|
driver: json-file
|
|
options:
|
|
max-size: "10m"
|
|
max-file: "3"
|
|
networks:
|
|
- eifeldc
|
|
|
|
volumes:
|
|
postgres-data:
|
|
turn-certs:
|
|
nginx-certs:
|
|
synapse-data:
|
|
|
|
networks:
|
|
eifeldc:
|
|
driver: bridge |