backup

Docker/compose.prod.yml

@@ -1,115 +0,0 @@
-# ──────────────────────────────────────────────────────────────
-#  BanGUI — Production Compose
-#
-#  Compatible with:
-#    docker compose -f Docker/compose.prod.yml up -d
-#    podman compose  -f Docker/compose.prod.yml up -d
-#    podman-compose  -f Docker/compose.prod.yml up -d
-#
-#  Prerequisites:
-#    Create a .env file at the project root (or pass --env-file):
-#      BANGUI_SESSION_SECRET=<random-secret>
-# ──────────────────────────────────────────────────────────────
-
-name: bangui
-
-services:
-  # ── fail2ban ─────────────────────────────────────────────────
-  fail2ban:
-    image: lscr.io/linuxserver/fail2ban:latest
-    container_name: bangui-fail2ban
-    restart: unless-stopped
-    cap_add:
-      - NET_ADMIN
-      - NET_RAW
-    network_mode: host
-    environment:
-      TZ: "${BANGUI_TIMEZONE:-UTC}"
-      PUID: 0
-      PGID: 0
-    volumes:
-      - fail2ban-config:/config
-      - fail2ban-run:/var/run/fail2ban
-      - /var/log:/var/log:ro
-    healthcheck:
-      test: ["CMD", "fail2ban-client", "ping"]
-      interval: 30s
-      timeout: 5s
-      start_period: 15s
-      retries: 3
-    # NOTE: The fail2ban-config volume must be pre-populated with the following files:
-    #   • fail2ban/jail.conf (or jail.d/*.conf) with the DEFAULT section containing:
-    #     banaction = iptables-allports[lockingopt="-w 5"]
-    #   This prevents xtables lock contention errors when multiple jails start in parallel.
-    #   See https://fail2ban.readthedocs.io/en/latest/development/environment.html
-
-  # ── Backend (FastAPI + uvicorn) ─────────────────────────────
-  backend:
-    build:
-      context: ..
-      dockerfile: Docker/Dockerfile.backend
-    container_name: bangui-backend
-    restart: unless-stopped
-    stop_grace_period: 30s
-    depends_on:
-      fail2ban:
-        condition: service_healthy
-    environment:
-      BANGUI_DATABASE_PATH: "/data/bangui.db"
-      BANGUI_FAIL2BAN_SOCKET: "/var/run/fail2ban/fail2ban.sock"
-      BANGUI_FAIL2BAN_CONFIG_DIR: "/config/fail2ban"
-      BANGUI_LOG_LEVEL: "info"
-      # ⚠️  BANGUI_WORKERS MUST be 1 — see session_cache.py docstring for details
-      # BanGUI uses a process-local session cache. Multiple workers in a single process
-      # would cause users to be randomly logged out as sessions wouldn't be shared.
-      # For HA, run multiple BanGUI instances (each with --workers 1) via orchestration.
-      BANGUI_WORKERS: "1"
-      BANGUI_SESSION_SECRET: "${BANGUI_SESSION_SECRET:?Set BANGUI_SESSION_SECRET}"
-      BANGUI_TIMEZONE: "${BANGUI_TIMEZONE:-UTC}"
-    volumes:
-      - bangui-data:/data
-      - fail2ban-run:/var/run/fail2ban:ro
-      - fail2ban-config:/config:rw
-    expose:
-      - "8000"
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:8000/api/v1/health"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-      start_period: 40s
-    networks:
-      - bangui-net
-
-  # ── Frontend (nginx serving built SPA + API proxy) ──────────
-  frontend:
-    build:
-      context: ..
-      dockerfile: Docker/Dockerfile.frontend
-    container_name: bangui-frontend
-    restart: unless-stopped
-    ports:
-      - "${BANGUI_PORT:-8080}:80"
-    depends_on:
-      backend:
-        condition: service_healthy
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:80/"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-      start_period: 5s
-    networks:
-      - bangui-net
-
-volumes:
-  bangui-data:
-    driver: local
-  fail2ban-config:
-    driver: local
-  fail2ban-run:
-    driver: local
-
-networks:
-  bangui-net:
-    driver: bridge