From b34bef63cae420b43b4b0b707bb95279b240984c Mon Sep 17 00:00:00 2001 From: ddadmin Date: Tue, 14 May 2024 22:36:56 +0300 Subject: [PATCH] init commit --- .env | 22 ++- .gitignore | 2 + .my.cnf | 5 + app.sh | 177 ++++++++++++++++++++++ configs/nginx/conf.d/default.conf | 81 +++++++++- configs/nginx/conf.d/wiki.dot-dot.ru.conf | 25 +++ configs/nginx/nginx.conf | 19 +-- configs/nginx/ssl/dot2023.crt | 89 +++++++++++ configs/nginx/ssl/dot2023.key | 51 +++++++ configs/nginx/templates/default | 2 +- configs/nuxt/.env | 16 +- configs/php/.env | 16 +- configs/php/.env.local | 111 ++++++++++---- configs/php/.env__ | 127 ---------------- configs/php/zz-docker.conf | 5 + docker-compose.yml | 96 +++++++++++- scripts/chowner.sh | 7 + scripts/make_backup_mysql.sh | 16 ++ 18 files changed, 672 insertions(+), 195 deletions(-) create mode 100644 .gitignore create mode 100644 .my.cnf create mode 100755 app.sh create mode 100644 configs/nginx/conf.d/wiki.dot-dot.ru.conf create mode 100644 configs/nginx/ssl/dot2023.crt create mode 100644 configs/nginx/ssl/dot2023.key delete mode 100644 configs/php/.env__ create mode 100644 configs/php/zz-docker.conf create mode 100755 scripts/chowner.sh create mode 100755 scripts/make_backup_mysql.sh diff --git a/.env b/.env index e44d3cc..d4e391b 100644 --- a/.env +++ b/.env @@ -1,11 +1,23 @@ -COMPOSE_PROJECT_NAME=testa -NETWORK=testa +COMPOSE_PROJECT_NAME=prod +NETWORK=prod -FRONT_TAG=test-nuxt -DOTDOT_TAG=test-nuxt +FRONT_TAG=master +DOTDOT_TAG=master +HELP_TAG=master + +PHP_SOCKET_PORT=8080 MYSQL_PORT=0.0.0.0:3306 -MYSQL_ROOT_PASSWORD=root +MYSQL_ROOT_PASSWORD=ahwaireiNeebeeW9keiZ MYSQL_DATABASE=dot MYSQL_USER=dot MYSQL_PASSWORD=dot + +MAIL_DRIVER=smtp +MAIL_HOST=smtp.mail.ru +MAIL_PORT=465 +MAIL_USERNAME=no_reply@dot-dot.ru +MAIL_PASSWORD=NRTk7rXhesHQpi3YWB92 +MAIL_ENCRYPTION=ssl +MAIL_FROM=no_reply@dot-dot.ru +MAIL_FROM_NAME="No Reply" diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..faf6dfd --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +bookstack/ +backups/ diff --git a/.my.cnf b/.my.cnf new file mode 100644 index 0000000..cb50e6b --- /dev/null +++ b/.my.cnf @@ -0,0 +1,5 @@ +[client] +user = root +password = ahwaireiNeebeeW9keiZ +host = db +port = 3306 diff --git a/app.sh b/app.sh new file mode 100755 index 0000000..86c2dea --- /dev/null +++ b/app.sh @@ -0,0 +1,177 @@ +DIRECTORY=`dirname $0` + +MYSQL_ROOT_PASSWORD=$(grep MYSQL_ROOT_PASSWORD $DIRECTORY"/.env" | xargs) +MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD#*=} + +help() { + echo "run $0 [COMMAND] " + echo ' + "init" - run init flow + "up" - up -d all services + "down" - down all services without volumes + "composer" - run composer ${@:2} + "psalm" - run composer analyse + "php-fixer" - run composer cs + "deptrac" - run composer deptrac + "tests" - run composer tests + "console" - run docker compose exec php ./bin/console ${@:2} + "db" - run mysql shell + "db-create" - crate database + "backup-dev" - + "backup-create" - + "backup-exec" - + "restore-dev" - + "purge-db" - purge database + "restore-db" - restore database from s3 backup + "front" - exec front container + +' +} + +log() { + RED='\e[31m' + GREEN='\e[32m' + + case $2 in + info) + printf "${GREEN}${1}\e[0m\n" + ;; + error) + printf "${RED}${1}\e[0m\n" + ;; + *) + printf "${1}" + ;; + esac +} + +## restore last backup from s3 storage +restoredb() { + log "run restore database" + sudo rclone copy --verbose selectel:backup_db/dot/dot.$(date +%a).sql.gz backups/ + zcat backups/dot.$(date +%a).sql.gz | docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} dot +} + +checkDockerCompose() { + if ! [ -f "docker-compose.yml" ]; then + log "docker-compose.yml not exist. Run init command" "error" + exit + fi +} + +init() { + dumpfile=$(ls backups/ | sort | tail -1) + if ! [ -f backups/${dumpfile} ]; then + log "put dot.sql to backups directory" "error" + exit + fi + + if ! [ -f ".env" ]; then + log ".env not exist. Run init command" "error" + exit + fi + + up + + docker compose exec php composer install +# docker compose exec front npm i + +# docker compose exec front npm run build + + if ! docker compose exec db mysql -uroot -proot -e "show databases" | grep "dot "; then + createDatabase "dot" + execBackup "dot" ${dumpfile} + fi +} + +up() { + checkDockerCompose + docker compose up -d +} + +down() { + checkDockerCompose + docker compose down +} + +createDatabase() { + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "create database $1" + log "create database $1" "info" +} + +createBackup() { + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} $1 > backups/$2.sql +} + +createBackupWithExceptions() { + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} --ignore-table=dot.ml_calculator_log dot > backups/dot_develop.sql + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} --no-data dot ml_calculator_log >> backups/dot_develop.sql +} + +execBackup() { + zcat backups/$2 | docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} $1 + log "exec $2.sql backup" "info" +} + +execDevBackup() { + docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} dot < backups/dot_develop.sql + log "exec dot_develop.sql backup" "info" +} + +purgeDb() { + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "drop database dot" + log "dropped database dot" "info" + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "create database dot" + log "created database dot" "info" +} + +composer() { + docker compose exec php php -d memory_limit=-1 /usr/local/bin/composer ${@:1} +} + +case "$1" in + "help") + help;; + "init") + init;; + "up") + up;; + "down") + down;; + "composer"*) + composer ${@:2};; + "psalm"*) + composer analyse;; + "php-fixer") + composer cs;; + "deptrac") + composer deptrac;; + "tests") + composer tests;; + "console"*) + docker compose exec php ./bin/console ${@:2};; + "db") + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD};; + "db-create") + createDatabase $2;; + "backup-dev"*) + createBackupWithExceptions $2;; + "backup-create"*) + createBackup $2 $3;; + "backup-exec"*) + execBackup $2 $3;; + "restore-dev"*) + execDevBackup;; + "purge-db"*) + purgeDb;; + "restore-db") + restoredb;; + "front"*) + case $2 in + *) + docker compose exec nuxt ${@:2};; + esac;; + *) + help + #docker compose exec php ./bin/console ${@:1};; +esac diff --git a/configs/nginx/conf.d/default.conf b/configs/nginx/conf.d/default.conf index 88ea0fc..3513a41 100644 --- a/configs/nginx/conf.d/default.conf +++ b/configs/nginx/conf.d/default.conf @@ -1,5 +1,15 @@ server { - server_name testa.dot-dot.ru; + listen 80; + server_name dot-dot.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name dot-dot.ru; + + ssl_certificate /etc/nginx/ssl/dot2023.crt; + ssl_certificate_key /etc/nginx/ssl/dot2023.key; root /application/public; @@ -16,10 +26,14 @@ server { } location /socket.io/auctionreload { + access_log /var/log/nginx/ws_access.log json; + error_log /var/log/nginx/ws_error.log; + proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_pass http://php:9000; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_pass http://php:8080/; } location @rewriteapp { @@ -35,7 +49,7 @@ server { } location /help { - alias /application/help-platform/src/.vuepress/dist; + proxy_pass http://help-platform; } location /api { @@ -66,6 +80,10 @@ server { try_files $uri @rewriteapp; } + location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { + proxy_pass http://static; + } + location /media { try_files $uri @rewriteapp; } @@ -77,6 +95,10 @@ server { # expires 6M; } + location /robots.txt { + proxy_pass http://static; + } + location ~ ^/index\.php(/|$) { if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' $http_origin; @@ -89,7 +111,8 @@ server { return 204; } - add_header 'Access-Control-Allow-Origin' $http_origin; + #add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Origin' *; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; @@ -99,4 +122,52 @@ server { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } + + location /metrics { + access_log /var/log/nginx/node_exporter_access.log json; + error_log /var/log/nginx/node_exporter_error.log; + + #if ($allow = 0) { + # return 403; + #} + + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_http_version 1.1; + proxy_pass http://node-exporter:9100/metrics; + } + + location /cadvisor { + access_log /var/log/nginx/cadvisor_access.log json; + error_log /var/log/nginx/cadvisor_error.log; + + #if ($allow = 0) { + # return 403; + #} + + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_http_version 1.1; + proxy_pass http://cadvisor:8080/metrics; + } + + location /mysql_exporter { + access_log /var/log/nginx/mysql_exporter_access.log json; + error_log /var/log/nginx/mysql_exporter_error.log; + + #if ($allow = 0) { + # return 403; + #} + + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_http_version 1.1; + proxy_pass http://mysqld-exporter:9104/metrics; + } } diff --git a/configs/nginx/conf.d/wiki.dot-dot.ru.conf b/configs/nginx/conf.d/wiki.dot-dot.ru.conf new file mode 100644 index 0000000..13695db --- /dev/null +++ b/configs/nginx/conf.d/wiki.dot-dot.ru.conf @@ -0,0 +1,25 @@ +server { + listen 80; + server_name wiki.dot-dot.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name wiki.dot-dot.ru; + + ssl_certificate /etc/nginx/ssl/dot2023.crt; + ssl_certificate_key /etc/nginx/ssl/dot2023.key; + + location / { + proxy_pass http://bookstack:80; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } +} diff --git a/configs/nginx/nginx.conf b/configs/nginx/nginx.conf index 9f79d49..232db2b 100644 --- a/configs/nginx/nginx.conf +++ b/configs/nginx/nginx.conf @@ -47,18 +47,19 @@ http { access_log /var/log/nginx/access.log json; - server_tokens off; - charset UTF-8; - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_requests 1000; - keepalive_timeout 65; - #gzip on; +# server_tokens off; +# charset UTF-8; +# sendfile on; +# tcp_nopush on; +# tcp_nodelay on; +# keepalive_requests 1000; +# keepalive_timeout 65; +# #gzip on; + client_max_body_size 30M; map $http_upgrade $connection_upgrade { default upgrade; '' close; } resolver 127.0.0.11 ipv6=off valid=1s; include /etc/nginx/conf.d/*.conf; -} \ No newline at end of file +} diff --git a/configs/nginx/ssl/dot2023.crt b/configs/nginx/ssl/dot2023.crt new file mode 100644 index 0000000..6dac8f0 --- /dev/null +++ b/configs/nginx/ssl/dot2023.crt @@ -0,0 +1,89 @@ +-----BEGIN CERTIFICATE----- +MIIHQTCCBimgAwIBAgIMYVwKHoDdXb8WTFQpMA0GCSqGSIb3DQEBCwUAMEwxCzAJ +BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB +bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEc0MB4XDTIzMDgwMjE0MTYxN1oXDTI0MDkw +MjE0MTYxNlowFzEVMBMGA1UEAwwMKi5kb3QtZG90LnJ1MIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCV +dDp4+ffuBFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9Cq +VVT1F3s+YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4Nex +VqHnL4ClHvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZ +yebOxix+4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ON +hUo3nNd8zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR +2CCzy9maj4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7Or +ikVdMcDb68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEe +hdTSpoASD/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt +/GmjwJlFCWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5A +bRb6YRW+wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivz +jxcCAwEAAaOCA1YwggNSMA4GA1UdDwEB/wQEAwIFoDCBkwYIKwYBBQUHAQEEgYYw +gYMwRgYIKwYBBQUHMAKGOmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj +ZXJ0L2FscGhhc3NsY2FzaGEyNTZnNC5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9v +Y3NwLmdsb2JhbHNpZ24uY29tL2FscGhhc3NsY2FzaGEyNTZnNDBXBgNVHSAEUDBO +MAgGBmeBDAECATBCBgorBgEEAaAyCgEDMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v +d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAwQQYDVR0f +BDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9hbHBoYXNzbGNh +c2hhMjU2ZzQuY3JsMCMGA1UdEQQcMBqCDCouZG90LWRvdC5ydYIKZG90LWRvdC5y +dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUT8us +qMLvq92Db2u/zpg9XFgldhUwHQYDVR0OBBYEFIt9yZp7jkyW2E7F5+NDJJmTMtN/ +MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDuzdBk1dsazsVct520zROiModG +fLzs3sNRSFlGcR+1mwAAAYm2m1GuAAAEAwBHMEUCIQDVSAsUx+m51oyOz+83SGL2 +JpUGiUKiXgInZsWbG25VygIgLF23BEmAoRV+PFPclVuHrztd4lQecA+32tvUZ3xf +OWQAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYm2m07AAAAE +AwBGMEQCIE14pWcPqQC25z/q0FR5PaU+xIilbLwXvYm1UvJSajPDAiBEYH/fq9iP +pnK9z+7aLua2mh6uF2RMHRtcE/nbsr2tcQB2ANq2v2s/tbYin5vCu1xr6HCRcWy7 +UYSFNL2kPTBI1/urAAABibabTscAAAQDAEcwRQIgQlo7NdtTa6cyiAKdsfozkLMQ +wt+D4WZCcdzk9GYul74CIQCa7MvbM4pP0jSLN6MYWPEAt0hXiDzHKihtVt0ChW0R +qDANBgkqhkiG9w0BAQsFAAOCAQEAB338wY8/u9tawPiCdr6dD10SO9+mQNCv83xI +Qa7IQ/33VQUMQ6qCMYTLZqu7c/e1x587UG7TLf0I3awEfBbLeMkTJKEooCK9VG3O +nfWD/lTwvr13lEpKuEEx643eqirxJEv3bQTHpQBn1Pkm9Svw/LJWi/bUKg0VNjYs +jQrZYH0q3jzx3dV3S5hUCjGL6d0tflD5w5YHWWMaEuVsn7yYovAROKnYOWuVisPJ +YRA6cADR39usU1CyLTSb50PHUOosnp+YqZCzVkU2Z/gPLyXjiRKU6wou8baSoDHu +KoxoGK4YfjizRTAdEexD+LHh0s1Ev6gr9OetJWPjbhghNGPIbw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG +A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv +b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw +MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i +YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT +aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ +jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp +xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp +1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG +snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ +U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 +9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B +AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz +yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE +38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP +AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad +DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME +HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEijCCA3KgAwIBAgIQfU1CqStDHX5kU+fBmo1YdzANBgkqhkiG9w0BAQsFADBX +MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE +CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIyMTAx +MjAzNDk0M1oXDTI3MTAxMjAwMDAwMFowTDELMAkGA1UEBhMCQkUxGTAXBgNVBAoT +EEdsb2JhbFNpZ24gbnYtc2ExIjAgBgNVBAMTGUFscGhhU1NMIENBIC0gU0hBMjU2 +IC0gRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtJCmVZhWIPzOH +A3jP1QwkuDFT8/+DImyZlSt85UpZwq7G0Sqd+n8gLlHIZypQkad5VkT7OLU+MI78 +lC7LVwxpU19ExlaWL67ANyWG8XHx3AJFQoZhuDbvUeNzRQyQs6XS5wN6uDlF0Bf1 +AtCUQWrGGLGYwyC1xTrzgrFKpESsIXMqklUGTsh8i7DKZhRUVfgrPLJUkbbLUrLY +42+KRCiwfSvBloC5PgDYnj3oMZ1aTe3Wfk3l1I4D3RKaJ4PU1qHXhHJOge2bjGIG +l6MsaBN+BB2sr6EnxX0xnMIbew2oIfOFoLqs47vh/GH4JN0qql2WBHfDPVDm3b+G +QxY6N/LXAgMBAAGjggFbMIIBVzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI +KwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE +FE/LrKjC76vdg29rv86YPVxYJXYVMB8GA1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTN +NKj//P1LMHoGCCsGAQUFBwEBBG4wbDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Au +Z2xvYmFsc2lnbi5jb20vcm9vdHIxMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJl +Lmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIxLmNydDAzBgNVHR8ELDAqMCig +JqAkhiJodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QuY3JsMCEGA1UdIAQa +MBgwCAYGZ4EMAQIBMAwGCisGAQQBoDIKAQMwDQYJKoZIhvcNAQELBQADggEBABol +9nNkiECpWQenQ7oVP1FhvRX/LWTdzXpdMmp/SELnEJhoOe+366E0dt8tWGg+ezAc +DPeGYPmp83nAVLeDpji7Nqu8ldB8+G/B6U9GB8i2DDIAqSsFEvcMbWb5gZ2/DmRN +cifGi9FKAuFu2wyft4s4DHwzL2CJ2zjMlUOM3RaE1cxuOs+Om6MCD9G7vnkAtSiC +/OOfHO902f4yI2a48K+gKaAf3lISFXjd32pwQ21LpM3ueIGydaJ+1/z8nv+C7SUT +5bHoz7cYU27LUvh1n2WSNnC6/QwFSoP6gNKa4POO/oO13xjhrLRHJ/04cKMbRALt +JWQkPacJ8SJVhB2R7BI= +-----END CERTIFICATE----- diff --git a/configs/nginx/ssl/dot2023.key b/configs/nginx/ssl/dot2023.key new file mode 100644 index 0000000..a9c3884 --- /dev/null +++ b/configs/nginx/ssl/dot2023.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCVdDp4+ffu +BFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9CqVVT1F3s+ +YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4NexVqHnL4Cl +HvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZyebOxix+ +4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ONhUo3nNd8 +zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR2CCzy9ma +j4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7OrikVdMcDb +68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEehdTSpoAS +D/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt/GmjwJlF +CWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5AbRb6YRW+ +wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivzjxcCAwEA +AQKCAgEAri0Pi8KOI348uW9ZnPzuwT7hXvy3IZs1Uzo5hqPu1XqtOEm+8RRbhUC0 +azuumYMfAKDhGxzlAy3JqgJQrrnSEfLFFPFifbEjjY1bIckK82K75SPSn+m2lEro +QvGpH1iE4krKt6geX/ZVX29a9vAqLbXrdUQavDFJtXAJq3R8IgLMWUT2OE1utyD5 +FoNmFfz5N7x8daMdtvUBMagwxqYU4iKn2/IRH7tpPm3dACxdW78fMYrkJy32D8Ld +3uBjJXOl7/9iFc+GsSbhD9utyw+YYRTBVTfVf1cpvdeIF1eHPIGQvxTkctV7Hfhu +F4NsL3aH9gh2Rdc9pjtJ2RxfX70DZUJ+mDguAwkVDeLlrxUqanqRAUew9mw4yqFd +Jni5MeSU6+1aSA6rDlCMsXdpaIfozcj9UHfvs8aNTLV0iHs6QG0NVOJhm/DtzPfb +SFQhtJ93CPeuWqdNylFiq0mdhHv09RWiSXOwDZbRmZGdfR8KVEg91LBLw9v+F51L +ewSFZMH6akr+6H6D1kjLumAQsUF6nEsPpVoRZHzvlpUVUKV7q+BI1N/Fqlncw9I+ +9IysFimQbfx9itFlzNfMYOQ1pfP51nuiCflojlOJUP4n3YnzdJA37AwXSZYndyiW +PsX5CWYEOn+IW8TnS9ZoGT1YfsOnNx0oDW6RTu+5m7LjNvnu8jECggEBAO3onsfT +oU/E8AAFf3FVNrGI4GuUWu9Nl1+vClMFRpyOeiSafVvodXg6fgckhOr8KQlfwB1r +QBXz/zkUKV3lWGuONx4z9NAlUB5Nvb3uHof6nWgE4ZZ74CjXR3IZM9WlbcOxB4YV +KjBT+IgvbKv7UdbKGpFq/wZWT1t8MwbjcDcwLSvxXcZOF/VQB7EJftht24Z5Mqfn +B8u2Z6afS2VlX3GbVg8ymsT+ohrKZSsIScrD/c52rDUkiIYldLSljRBaRCxlXwBx +kUMNQvYMtRSv/b22cSAZDXV8vN8gby7XZMM6f3UKYF9BCbxbJvpwbGOsBqrsWySo +JwiayvBMw8kNn9sCggEBAN93KqwxIKplr8yaLc9vFqXR/dLIJkK2YvaYTK9NjGVb +4U5Z18K+Yv57dy7M7sDay61uHG52YEpbiyALD+XaVcWpYBNOvuNiu35Oa4WOdV7N +4yU5+DcjhgJySeiQ64NW8s88yD6pmHzFxXYgKkLkkr2EqaL+yvCYVCs1o5bV0boo +2Y8n8UxjgLSxVWHWALW38IfbI1nkK/IabWO1hl1m8pdXaPZax68NIp3R8YFyWHep +JiJryUAtSbo3QLdXM90OFPLtiSY1faHcvzb7FZ6ux8RKbbXAIkNTcjnf66AQhVNp +jykYRcALX+r+Xj6RLPypwniGDqlhao1dlw2s+VokgHUCggEBALTj2EaLrO1gCjOZ ++oqLhih6sFhb1sB5OI1yI+F383Z6BnjqVkKZfyfJIaYAqGebDwCnowU7VODcQsR9 +he50wUQWP+ZhDtVsaXyBE7Hj6abucNx0SaoHyiqDdTlV3EmnnMvcQKI8WXWhgyjZ +FkG1t0YfKRBEUF/bJD+lMY8dQ2dS5CWzQd/T5PeKwC5lz+JztSSL5m4vhYfoyuqv +173i1C0nNModafw6t7qzBTUw+hqH5uUi6lEF1CBbPl9UOOukFo3DDfbiYtaesLkw +dEakgcPLgjwrkEYyb9Efciolb+HZCqxNFXWXl/V1QS/OZztpwzAWwj4e9H7gY0lO +tNab210CggEAJtLTTRsz66bDBi77KoDIVILJMGepjgmV4/XNzN8SN0HhQPWG8MSW ++lOE/1KHYGYi4Lyyn9ZdIE4LO8PwPSTTpgWpNXGG5IZwwJ7rO0bmyVPH1N3fa+T2 +EVK92HPlFupyQOL0fz6DyZmqlr072mdPvzFfL3xI0cgFR4SIKVp4l3klYyOzXmwj +HkF47gh6Exgj59aAq8tifytsOdh9wZhzKSv8hmB7NMR5cSXaaXzuNcvjXjOPwWCc +4Idc7P1ve0ZJCXOPUl4Ut5xcdDbnKKyA9G9h5CO/UCcdP0TR8PstzrIWNzOKWrUf +MvqCcShTwonTyZCw12ifVHQgHDYjFDAnSQKCAQAqlEkgCuA9ObOsj7W4KM/OjWd/ +wK8EC9oESdBOl9fn/pAktyh73GYYsIqwaHFRDcTLr74ULdqx+4vsOvCXl0wMMFOq +iAZdba8CYtjFVDudJf3oJceSHiITocJqo4H4zOxeL0K1ssoX5caN5kYzYufCfKKH +dGEPWnI+l3akR1kqHL6Xoq0YluPGh6PhkV2X6tuUf4G5K1NEdT4+KE1IeJqFviLd +mOE5sErWyUrQotsI2n14gsdONOwS0FkElGlEZgCPu2uiXhrYeUf+R4r/V3MNtwVl +aFk8InJnkfr7XitOv/Q+eJThwhnnNCrefLj/x9vAHUrNvRf+NpKr1xSDk9fk +-----END RSA PRIVATE KEY----- diff --git a/configs/nginx/templates/default b/configs/nginx/templates/default index b53ea96..2237cc4 100644 --- a/configs/nginx/templates/default +++ b/configs/nginx/templates/default @@ -1,5 +1,5 @@ server { - server_name testa.dot-dot.ru; + server_name teste.dot-dot.ru; root /application/public; diff --git a/configs/nuxt/.env b/configs/nuxt/.env index c3809e2..35ac3c4 100644 --- a/configs/nuxt/.env +++ b/configs/nuxt/.env @@ -1,12 +1,16 @@ NUXT_HOST=0.0.0.0 NUXT_PORT=3000 NUXT_ENV_DEVALUE_LOG_LEVEL=silent -WS_PROTOCOL=ws -BASE_URL=http://testa.dot-dot.ru -API_URL=http://testa.dot-dot.ru +WS_PROTOCOL=wss +BASE_URL=dot-dot.ru +API_URL=https://dot-dot.ru/ +DOMAIN=dot-dot.ru -APP_HOST=dot-dot.local -APP_SCHEME=http -APP_ENVIRONMENT=development +APP_HOST=dot-dot.ru +APP_SCHEME=https +APP_ENVIRONMENT=production DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 YANDEX_METRIKA_ID=50156956 +PHONE_KEY=qwefghzcx + +SMARTCAPTCHA_CLIENT_KEY=ysc1_GLQZ8QPaFh0eXqZ5KaRM0WJYqoP9vL0uqhujfcw75c1487df diff --git a/configs/php/.env b/configs/php/.env index 8d1481e..633850c 100644 --- a/configs/php/.env +++ b/configs/php/.env @@ -4,12 +4,12 @@ APP_SECRET=c35a0abba25a5396d74ec17fca238d9a LOCK_DSN=flock PHP_SOCKET_PORT=8080 -DATABASE_URL_DOT=mysql://root:root@db:3306/dot?serverVersion=mariadb-10.3.25 -DATABASE_URL_DOT_STATISTIC=mysql://root:root@db:3306/dot_statistic?serverVersion=mariadb-10.3.25 +DATABASE_URL_DOT=mysql://root:ahwaireiNeebeeW9keiZ@db:3306/dot?serverVersion=mariadb-10.3.25 +DATABASE_URL_DOT_STATISTIC=mysql://root:ahwaireiNeebeeW9keiZ@db:3306/dot_statistic?serverVersion=mariadb-10.3.25 DOCUMENT_ROOT=/application -APP_HOST=dot-dot.local -APP_SCHEME=http +APP_HOST=dot-dot.ru +APP_SCHEME=https MAILER_DSN=null://null @@ -54,8 +54,10 @@ GOOGLE_MAPS_BASE_URL=https://maps.google.com ML_CALCULATOR_URL=https://calc.dev.dot-dot.ru/v1/calculate -ML_REGULAR_DIRECTION_URL=https://calc.dev.dot-dot.ru/v1/schedule/transport +ML_REGULAR_DIRECTION_URL=https://calc.dev.dot-dot.ru/v2/schedule/transport +ML_REGULAR_DIRECTION_CHAIN_URL=https://calc.dev.dot-dot.ru/v1/schedule/chains ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://calc.dev.dot-dot.ru/v1/schedule/carrier/scoring +ML_REGULAR_DIRECTION_CHAIN_RELEVANCE_CARRIERS_URL=https://calc.dev.dot-dot.ru/v1/schedule/chains/carrier/scoring ML_UNCERTAIN_DIRECTIONS_URL=https://calc.dev.dot-dot.ru/v1/classification/direction/uncertain YANDEX_MAPS_ACCESS_KEY=secret @@ -69,7 +71,7 @@ THREESELLER_USERNAME=savrickijj@rambler.ru THREESELLER_PASSWORD=123123 ATISU_CLIENT_ID=f26841019e0243418395d44ed7430f2a -ATISU_APIKEY=cf6e8c5975f04047a4e39004e2ce07f3 +ATISU_APIKEY=46b599c3ab7f4574b560f48ea005d9f3 ###> google/apiclient ### ANALITIC_GOOGLE_CLIENT_ID=secret @@ -128,5 +130,3 @@ SOVKOM_API_URL=secret ###< SOVKOM### MAGIC_API_URL=https://magic-trans.ru/ - -MAGIC_API_URL=https://magic-trans.ru/ diff --git a/configs/php/.env.local b/configs/php/.env.local index c861d87..04d0efc 100644 --- a/configs/php/.env.local +++ b/configs/php/.env.local @@ -1,60 +1,95 @@ +APP_ENV=prod -NotificationBuildServicejSP_KEY=16e93b225c730920ac5741a8d8df788f +DATABASE_URL=mysql://root:ahwaireiNeebeeW9keiZ@db:3306/dot?serverVersion=mariadb-10.3.25 + +DOCUMENT_ROOT=/application +APP_HOST=dot-dot.ru +APP_SCHEME=https +TEST_HOST=https://dot-dot.ru + +MAILER_DSN_YANDEX=smtp://no_reply@dot-dot.ru:gqwaofmeyvxefrqk@smtp.yandex.ru:587 +MAILER_DSN=smtp://no_reply@dot-dot.ru:NRTk7rXhesHQpi3YWB92@smtp.mail.ru:465 + +SP_KEY=16e93b225c730920ac5741a8d8df788f +SP_TEST=false + +SBERBANK_LOGIN=dot-dot_1-api +SBERBANK_PASSWORD=kepwir-2gocfi-Mudpet +SBERBANK_TESTMODE=false + +DEFAULT_EMAIL=no_reply@dot-dot.ru +ADMIN_EMAIL=orders@dot-dot.ru +ACCOUNTANT_EMAIL=ksg@dot-dot.ru +SALES_EMAIL=sale.ftl@dot-dot.ru +LOGIST_EMAIL=nd@dot-dot.ru +LEAD_EMAIL=lead.hunter@dot-dot.ru + +APP_SEND_REAL_SMS=true +SMSC_LOGIN=Dot-Dot +SMSC_PASS=OY4loBiCYTHjMoadyfru DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 DADATA_API_SECRET=1ea37a4d310e7a6ac64211ffe5686363f04d4e68 ROISTAT_API_KEY=c63a71dd721df7f1b1d7b5803a84ccc7 -ROISTAT_PROJECT_ID=166751 +ROISTAT_PROJECT_ID=154928 UNISENDER_API_KEY=6ugo1c6yqfux9wrs8pbaom3izz9pc9huetqbdo9y -GTD_ACCESS_TOKEN=cznMwszlx-5X_F7uQbg-uaPFhqmBP28z +GTD_ACCESS_TOKEN=5fgNQ_gZ95OmyOLl7nKJhtJ4LcWVQNbl FNS_ACCESS_TOKEN=a5639b93fe4e7c9a3f1dd85537e066d36439c352 -GOOGLE_MAPS_ACCESS_KEY=AIzaSyBCPl2LcpRvplzLUNVMVLhA3b7k46lTCTg +GOOGLE_MAPS_ACCESS_KEY=AIzaSyCLqawvvNm0Oj1Nt8yaQ-CdvQ1190oPaug -NUXT_BASE_URL=testa.dot-dot.ru +GRAFANA_ADMIN_PASSWORD=uyt>bE8AZ2ctthyx +GRAFANA_API_URL=https://grafana.dev.dot-dot.ru +GRAFANA_PUBLIC_URL=https://grafana.dev.dot-dot.ru -ATISU_API_TOKEN=a9698671a68441c7b3959e43995d1506 +YANDEX_MAPS_ACCESS_KEY=f706092a-d705-4665-a16a-0811bd2a2c89 + +THREESELLER_USERNAME=tk@dot-dot.ru +THREESELLER_PASSWORD=Logistika01 + +NUXT_BASE_URL=dot-dot.ru + +ATISU_API_TOKEN_OLD=a9698671a68441c7b3959e43995d1506 +ATISU_API_TOKEN=25d7e2857f7f4b65a408d7664899aed7 ###> google/apiclient ### -ANALITIC_GOOGLE_CLIENT_ID=672035500859-n6cq8lb393rs5f7q46pnjrc6u9hjiomg.apps.googleusercontent.com -ANALITIC_GOOGLE_CLIENT_SECRET=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 -ANALITIC_GOOGLE_CLIENT_REDIRECT_URI=http://dot-dot.local/admin/analitic/google-callback +ANALITIC_GOOGLE_CLIENT_ID=672035500859-32f85hchubthu9givkdtgkqhvjg00c8e.apps.googleusercontent.com +ANALITIC_GOOGLE_CLIENT_SECRET=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 +ANALITIC_GOOGLE_CLIENT_REDIRECT_URI=https://dot-dot.ru/admin/analitic/google-callback ###< google/apiclient ### ###> telegramm ### TELEGRAM_BOT_TOKEN=5807192360:AAHSUZcWeY1bC7aqdmcYXOfb1CYyK0xx0Cc TELEGRAM_CHAT_ID=-875661421 +TELEGRAM_CHAT_BOT_ACCESS_TOKEN=88c53d63aa87b39e1c27c8db2764e5b7 ###< telegramm ### +VOICIA_API_KEY=7589ed2721e50e299eb3baf2e3100a6b + ###> voicia ### -VOICIA_CALL_ID=1949 +VOICIA_CALL_ID=8788 ###< voicia ### ###> ml_calculator ### -ML_CALCULATOR_URL=https://ml.dot-dot.ru/v1/classification/order/relevance +ML_CALCULATOR_URL=https://ml.dot-dot.ru/v2/classification/order/relevance ###< ml_calculator ### -###> comagic ### -COMAGIC_URL=https://dataapi.comagic.ru/v2.0 -COMAGIC_KEY=j769gveux0brdq7wb6insegwtczvz7nsqmuntkqv -###< comagic ### +UAT_1C_API_URL=http://1c.nwtlk.ru/UAT/hs +UAT_1C_USER=ТТ_Запросы +UAT_1C_PASSWORD=9421354 ###> carrier_scoring ### -ML_CARRIER_SCORING=https://ml.dot-dot.ru/v1/classification/carrier/scoring +ML_CARRIER_SCORING=https://ml.dot-dot.ru/v2/classification/carrier/scoring ###< carrier_scoring ### ###> direction_scoring ### -ML_DIRECTION_SCORING_URL=https://ml.dot-dot.ru/v1/classification/direction/confidence +ML_DIRECTION_SCORING_URL=https://ml.dot-dot.ru/v3/classification/direction/confidence ###< direction_scoring ### -###> direction_recalculate ### -ML_DIRECTION_RECALCULATE_URL=https://calc.dev.dot-dot.ru/v1/schedule/calculate -###< direction_recalculate ### - ###< Vozovoz ### VOZOVOZ_API_KEY=5Thue256i0n5jXpB8vQfzng0VNJKGDar7ol5x0iD VOZOVOZ_API_URL=https://vozovoz.ru/ @@ -104,10 +139,30 @@ DPD_CLIENT_NUMBER=1001066989 DPD_CLIENT_KEY=8D52BF0F4D272FA91AF7B8EFC64C74EA31B89C4D ###< DPD ### -PAPA_FINANCE_LOGIN=DotDotAPI -PAPA_FINANCE_PASSWORD=DotDotAPI -PAPA_FINANCE_API_URL=DotDotAPI -###> SOVKOMTEST### -SOVKOM_API_KEY=AAk6UcV88xCCC26654rM -SOVKOM_API_URL=https://testout.sovcomins.ru -###< SOVKOMTEST### + +ACCOUNTING_AUDIT_URL="https://crm.dot-dot.ru/TTLBuhreport/hs/TT/reconciliationreport" + +PAPA_FINANCE_API_URL=https://prod.papafinance.ru/api/ttn +PAPA_FINANCE_PASSWORD='4sw$!cN#2j$tvcm2' +PAPA_FINANCE_LOGIN=tochka-tochka-logistika + +ML_REGULAR_DIRECTION_URL=https://ml.dot-dot.ru/v2/schedule/transport + +###> SP_V3 ### +SP_V3_KEY=16e93b225c730920ac5741a8d8df788f +SP_V3_URL=https://spasskievorota.ru/services/work/cargo_3.php +###< SP_V3 ### + +ML_DIRECTION_RECALCULATE_URL=https://ml.dot-dot.ru/v2/schedule/calculate +ML_REGULAR_DIRECTION_CHAIN_URL=https://ml.dot-dot.ru/v1/schedule/chains + +###> YandexTracker ### +YTRACKER_API_TOKEN="y0_AgAEA7qkKFmeAAjF8AAAAADXovQd6htdkt7LTDW_sNHCz7qV9zdVHaQ" +YTRACKER_ORGANISATION_ID=355207 +###< YandexTracker ### + +SMARTCAPTCHA_SERVER_KEY=ysc2_GLQZ8QPaFh0eXqZ5KaRMuRRZOX7qNNMy7P9Mq82V6c4e7b81 + +ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v1/schedule/carrier/scoring + +ML_UNCERTAIN_DIRECTIONS_URL=https://ml.dot-dot.ru/v1/classification/direction/uncertain diff --git a/configs/php/.env__ b/configs/php/.env__ deleted file mode 100644 index 30ca3ed..0000000 --- a/configs/php/.env__ +++ /dev/null @@ -1,127 +0,0 @@ -APP_ENV=dev -APP_SECRET=c35a0abba25a5396d74ec17fca238d9a - -LOCK_DSN=flock -PHP_SOCKET_PORT=8080 - -DATABASE_URL_DOT=mysql://root:root@db:3306/dot?serverVersion=mariadb-10.3.25 -DATABASE_URL_DOT_STATISTIC=mysql://root:root@db:3306/dot_statistic?serverVersion=mariadb-10.3.25 - -NUXT_BASE_URL=testa.dot-dot.ru -DOCUMENT_ROOT=/application -APP_HOST=dot-dot.local -APP_SCHEME=http - -MAILER_DSN=null://null - -WKHTMLTOPDF_PATH="xvfb-run /usr/bin/wkhtmltopdf --enable-local-file-access" - -SP_WSDL=http://91.208.205.54:84/orawsv/XMLWEB/ -SP_LOGIN=xmlweb -SP_PASSWORD=xmlweb -SP_KEY=secret -SP_TEST=true - -DEFAULT_EMAIL=no_reply@dot-dot.ru -ADMIN_EMAIL=change.this@dot-dot.ru -ACCOUNTANT_EMAIL=noreplay@dot-dot.ru -SALES_EMAIL=sale.ftl@dot-dot.ru -LOGIST_EMAIL=nd@dot-dot.ru -LEAD_EMAIL=change.this@dot-dot.ru -VOSTOK_EMAIL=vostok@dot-dot.ru - -SMSC_LOGIN=secret -SMSC_PASS=secret - -DADATA_API_TOKEN=secret -DADATA_API_SECRET=secret - -UNISENDER_API_KEY=secret - -VOICIA_API_KEY=secret -VOICIA_API_URL=https://app.voicia.ru - -UAT_1C_API_URL=http://1c.nwtlk.ru/UATtest/hs -UAT_1C_USER=secret -UAT_1C_PASSWORD=secret - -FNS_ACCESS_TOKEN=secret - -GOOGLE_MAPS_ACCESS_KEY=secret -GOOGLE_MAPS_BASE_URL=https://maps.google.com - -ML_CALCULATOR_URL=https://calc.dev.dot-dot.ru/v1/calculate - -ML_REGULAR_DIRECTION_URL=https://calc.dev.dot-dot.ru/v1/schedule/transport -ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://calc.dev.dot-dot.ru/v1/schedule/carrier/scoring - -YANDEX_MAPS_ACCESS_KEY=secret -YANDEX_MAPS_BASE_URL=https://api.routing.yandex.net - -GRAFANA_ADMIN_PASSWORD=admin -GRAFANA_API_URL=http://grafana:3000 -GRAFANA_PUBLIC_URL=http://grafana.dot-dot.local - -THREESELLER_USERNAME=savrickijj@rambler.ru -THREESELLER_PASSWORD=123123 - -ATISU_CLIENT_ID=f26841019e0243418395d44ed7430f2a -ATISU_APIKEY=cf6e8c5975f04047a4e39004e2ce07f3 - -###> google/apiclient ### -ANALITIC_GOOGLE_CLIENT_ID=secret -ANALITIC_GOOGLE_CLIENT_SECRET=secret -ANALITIC_GOOGLE_CLIENT_REDIRECT_URI=http://localhost/admin/analitic/google-callback -###< google/apiclient ### - -###> telegramm ### -TELEGRAM_URL=https://api.telegram.org/ -TELEGRAM_BOT_TOKEN=secret -TELEGRAM_CHAT_ID=secret -###< telegramm ### - -DEFAULT_SLUG=dotdot - -###> voicia ### -VOICIA_CALL_ID=secret -###< voicia ### - -###> openssl_encrypt parameters ### -OPENSSL_CIPHER=aes-128-gcm -OPENSSL_PASS_PHRASE=secret -OPENSSL_IV=secret -###> openssl_encrypt parameters ### - -TKKIT_API_TOKEN=secret -TKKIT_API_URL=https://capi.tk-kit.com - -###> BAIKAL### -BAIKAL_API_KEY=secret -###< BAIKAL### - -TELEGRAM_CHAT_BOT_ACCESS_TOKEN=secret - -###> NORDWHEEL### -NORDWHEEL_API_URL=https://nordw.ru -###< NORDWHEEL### - -JDE_API_URL=https://api.jde.ru - -###> SKIF### -SKIF_API_URL=sekret -SKIF_API_LOGIN=sekret -SKIF_API_PASSWORD=sekret -###< SKIF### - -###> DPD ### -DPD_PATH=https://ws.dpd.ru/services/ -DPD_CLIENT_NUMBER=secret -DPD_CLIENT_KEY=secret -###< DPD### - -###> SOVKOM### -SOVKOM_API_KEY=secret -SOVKOM_API_URL=secret -###< SOVKOM### - -MAGIC_API_URL=https://magic-trans.ru/ \ No newline at end of file diff --git a/configs/php/zz-docker.conf b/configs/php/zz-docker.conf new file mode 100644 index 0000000..363ab1f --- /dev/null +++ b/configs/php/zz-docker.conf @@ -0,0 +1,5 @@ +[global] +daemonize = no + +[www] +listen = 0.0.0.0:9000 diff --git a/docker-compose.yml b/docker-compose.yml index f90dcb5..14c71a3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,13 +5,13 @@ volumes: nginx_log_volume: mysql_data_volume: mysql_backup_volume: + php_var_volume: + bookstack_data_volume: networks: dd: name: ${NETWORK} - ingress: - external: true services: db: @@ -20,14 +20,27 @@ services: environment: MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} MYSQL_USER: ${MYSQL_USER} - MYSQL_DAABASE: ${MYSQL_DATABASE} + MYSQL_DATABASE: ${MYSQL_DATABASE} MYSQL_PASSWORD: ${MYSQL_PASSWORD} + ports: + - ${MYSQL_PORT}:3306 volumes: - mysql_data_volume:/var/lib/mysql - mysql_backup_volume:/backups networks: - dd + mysqld-exporter: + image: prom/mysqld-exporter:v0.15.1 + restart: unless-stopped + command: --config.my-cnf=/.my.cnf + volumes: + - ./.my.cnf:/.my.cnf + depends_on: + - db + networks: + - dd + php: image: registry.dot-dot.ru/dot-dot:${DOTDOT_TAG} # command: "php-fpm && nginx -g 'daemon off;'" @@ -35,6 +48,8 @@ services: volumes: - ./configs/php/.env:/application/.env - ./configs/php/.env.local:/application/.env.local + - ./configs/php/zz-docker.conf:/usr/local/etc/php-fpm.d/zz-docker.conf + - php_var_volume:/application/var depends_on: - db networks: @@ -46,12 +61,20 @@ services: networks: - dd + help-platform: + image: registry.dot-dot.ru/help-platform:${HELP_TAG} + restart: unless-stopped + networks: + - dd + nuxt: image: registry.dot-dot.ru/front:${FRONT_TAG} restart: unless-stopped command: npm run start volumes: - ./configs/nuxt/.env:/app/.env + env_file: + - ./configs/nuxt/.env networks: - dd @@ -66,14 +89,75 @@ services: - ./configs/nginx/other:/etc/nginx/other - certbot_volume:/etc/letsencrypt - nginx_log_volume:/var/log/nginx + ports: + - 80:80 + - 443:443 labels: - "traefik.enable=true" - - "traefik.http.routers.nginx.rule=Host(`testa.dot-dot.ru`)" - - "traefik.http.services.nginx.loadbalancer.server.port=80" + - "traefik.http.routers.nginx${NETWORK}.rule=Host(`${NETWORK}.dot-dot.ru`)" + - "traefik.http.services.nginx${NETWORK}.loadbalancer.server.port=80" depends_on: - nuxt - php - static networks: - dd - - ingress + + node-exporter: + image: prom/node-exporter:v1.7.0 + container_name: node-exporter + restart: unless-stopped + volumes: + - /proc:/host/proc:ro + - /sys:/host/sys:ro + - /:/rootfs:ro + command: + - '--path.procfs=/host/proc' + - '--path.rootfs=/rootfs' + - '--path.sysfs=/host/sys' + - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)' + networks: + - dd + + cadvisor: + image: gcr.io/cadvisor/cadvisor:v0.47.2 + restart: unless-stopped + container_name: cadvisor + volumes: + - /:/rootfs:ro + - /var/run:/var/run:ro + - /sys:/sys:ro + - /var/lib/docker/:/var/lib/docker:ro + - /dev/disk:/dev/disk:ro + devices: + - /dev/kmsg:/dev/kmsg + networks: + - dd + + bookstack: + image: ghcr.io/linuxserver/bookstack:24.02.3 + restart: unless-stopped + container_name: bookstack + environment: + - PUID=1000 + - PGID=1000 + - APP_URL="https://wiki.dot-dot.ru" + - DB_HOST=db + - DB_USER=root + - DB_PASS=${MYSQL_ROOT_PASSWORD} + - DB_DATABASE=bookstack + - MAIL_DRIVER=${MAIL_DRIVER} + - MAIL_HOST=${MAIL_HOST} + - MAIL_PORT=${MAIL_PORT} + - MAIL_USERNAME=${MAIL_USERNAME} + - MAIL_PASSWORD=${MAIL_PASSWORD} + - MAIL_ENCRYPTION=${MAIL_ENCRYPTION} + - MAIL_FROM=${MAIL_FROM} + - MAIL_FROM_NAME=${MAIL_FROM_NAME} + volumes: + - ./configs/bookstack:/config + #- bookstack_data_volume: + networks: + - dd + + diff --git a/scripts/chowner.sh b/scripts/chowner.sh new file mode 100755 index 0000000..286b742 --- /dev/null +++ b/scripts/chowner.sh @@ -0,0 +1,7 @@ +#!/bin/bash + + +volume='/var/lib/docker/volumes/prod_php_var_volume/_data/log' +for x in $(sudo ls -l $volume | grep root | awk -F' ' '{print $9}');do + sudo chown 82:82 $volume/$x; +done diff --git a/scripts/make_backup_mysql.sh b/scripts/make_backup_mysql.sh new file mode 100755 index 0000000..1dc21e5 --- /dev/null +++ b/scripts/make_backup_mysql.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +SS_CONTAINER='backup_db' +BACK_DIR='/var/tmp/db/backups' + +# Remote backup +MYSQL_CRED='-uroot -pahwaireiNeebeeW9keiZ' + +HOST=$(hostname -s) +DATABASES=$(docker exec -i -u root prod-db-1 mysql ${MYSQL_CRED} -s -AN -e 'show databases' | grep -vE "information_schema|analytics|performance_schema|trash|sys") +for database in ${DATABASES}; do + DUMPFILE="${database}.$(date +%a).sql.gz" + docker exec -i -u root prod-db-1 mysqldump ${MYSQL_CRED} --max_allowed_packet=1G --add-drop-table --single-transaction --extended-insert ${database} | gzip -c > $BACK_DIR/${DUMPFILE} 2>&1 + rclone move $BACK_DIR/${DUMPFILE} selectel:backup_db/dot/${DUMPFILE} + #rm -vf $BACK_DIR/${DUMPFILE} 2>&1 +done