4657b1dfb5
- Added Express.js admin panel on port 3001 (ADMIN_PORT env) - Dashboard: stats (users, products, purchases, revenue) - Users: list, details, ban/unban toggle - Products: CRUD by category - Wallets: list with balances - Purchases: history with filters - Audit log: view audit trail - Auth: token-based login with ADMIN_SECRET env var - Migrated sqlite3 → better-sqlite3 - database.js: async adapter (runAsync/allAsync/getAsync) - purchaseService.js: lastID → lastInsertRowid - userService.js: lastID → lastInsertRowid - Removed sqlite3 from package.json - Fixed: dotenv/config import added to index.js - Fixed: ENCRYPTION_KEY validation (32+ char hex) - Fixed: Dockerfile multi-stage build (no python needed) - Fixed: Docker DNS (network: host in build) - Fixed: docker-compose port 3001, healthcheck on 3001 - Added express, cookie-parser, pino-pretty, better-sqlite3 deps
35 lines
997 B
YAML
35 lines
997 B
YAML
version: "3.3"
|
|
services:
|
|
telegram_shop_prod:
|
|
build:
|
|
context: .
|
|
dockerfile: ./Dockerfile
|
|
network: host
|
|
hostname: telegram_shop_prod
|
|
container_name: telegram_shop_prod
|
|
ports:
|
|
- "3001:3001"
|
|
restart: always
|
|
env_file:
|
|
- .env
|
|
volumes:
|
|
- ./db:/app/db/ # Синхронизация базы данных (persistence)
|
|
- ./wg/start.sh:/app/start.sh # Монтируем start.sh (генерирует wg0.conf из env)
|
|
cap_add: # Минимальные привилегии, необходимые только для WireGuard
|
|
- NET_ADMIN
|
|
sysctls:
|
|
- net.ipv4.conf.all.src_valid_mark=1 # Необходимо для маршрутизации
|
|
dns:
|
|
- 8.8.8.8
|
|
- 1.1.1.1
|
|
mem_limit: 512m
|
|
cpus: "1.0"
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-sf", "http://localhost:3001/health"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 60s
|
|
networks:
|
|
default:
|