diff --git a/.env b/.env new file mode 100644 index 0000000..7e8f6e4 --- /dev/null +++ b/.env @@ -0,0 +1,19 @@ +COMPOSE_PROJECT_NAME=staging +NETWORK=staging + +FRONT_TAG=develop +DOTDOT_TAG=develop +LMS_TAG=develop +DASHBORD_TAG=v0.0.1 + +MYSQL_PORT=0.0.0.0:33067 +MYSQL_ROOT_PASSWORD=root +MYSQL_DATABASE=dot +MYSQL_USER=dot +MYSQL_PASSWORD=dot + +RABBITMQ_USERNAME=ddadmin +RABBITMQ_PASSWORD=Utahth9aeshahgh3saik + +REDIS_USERNAME=ddadmin +REDIS_PASSWORD=Utahth9aeshahgh3saik diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5f2fcc7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +backups/* diff --git a/.my.cnf b/.my.cnf new file mode 100644 index 0000000..cb50e6b --- /dev/null +++ b/.my.cnf @@ -0,0 +1,5 @@ +[client] +user = root +password = ahwaireiNeebeeW9keiZ +host = db +port = 3306 diff --git a/app.sh b/app.sh new file mode 100755 index 0000000..86c2dea --- /dev/null +++ b/app.sh @@ -0,0 +1,177 @@ +DIRECTORY=`dirname $0` + +MYSQL_ROOT_PASSWORD=$(grep MYSQL_ROOT_PASSWORD $DIRECTORY"/.env" | xargs) +MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD#*=} + +help() { + echo "run $0 [COMMAND] " + echo ' + "init" - run init flow + "up" - up -d all services + "down" - down all services without volumes + "composer" - run composer ${@:2} + "psalm" - run composer analyse + "php-fixer" - run composer cs + "deptrac" - run composer deptrac + "tests" - run composer tests + "console" - run docker compose exec php ./bin/console ${@:2} + "db" - run mysql shell + "db-create" - crate database + "backup-dev" - + "backup-create" - + "backup-exec" - + "restore-dev" - + "purge-db" - purge database + "restore-db" - restore database from s3 backup + "front" - exec front container + +' +} + +log() { + RED='\e[31m' + GREEN='\e[32m' + + case $2 in + info) + printf "${GREEN}${1}\e[0m\n" + ;; + error) + printf "${RED}${1}\e[0m\n" + ;; + *) + printf "${1}" + ;; + esac +} + +## restore last backup from s3 storage +restoredb() { + log "run restore database" + sudo rclone copy --verbose selectel:backup_db/dot/dot.$(date +%a).sql.gz backups/ + zcat backups/dot.$(date +%a).sql.gz | docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} dot +} + +checkDockerCompose() { + if ! [ -f "docker-compose.yml" ]; then + log "docker-compose.yml not exist. Run init command" "error" + exit + fi +} + +init() { + dumpfile=$(ls backups/ | sort | tail -1) + if ! [ -f backups/${dumpfile} ]; then + log "put dot.sql to backups directory" "error" + exit + fi + + if ! [ -f ".env" ]; then + log ".env not exist. Run init command" "error" + exit + fi + + up + + docker compose exec php composer install +# docker compose exec front npm i + +# docker compose exec front npm run build + + if ! docker compose exec db mysql -uroot -proot -e "show databases" | grep "dot "; then + createDatabase "dot" + execBackup "dot" ${dumpfile} + fi +} + +up() { + checkDockerCompose + docker compose up -d +} + +down() { + checkDockerCompose + docker compose down +} + +createDatabase() { + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "create database $1" + log "create database $1" "info" +} + +createBackup() { + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} $1 > backups/$2.sql +} + +createBackupWithExceptions() { + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} --ignore-table=dot.ml_calculator_log dot > backups/dot_develop.sql + docker compose exec db mysqldump -uroot -p${MYSQL_ROOT_PASSWORD} --no-data dot ml_calculator_log >> backups/dot_develop.sql +} + +execBackup() { + zcat backups/$2 | docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} $1 + log "exec $2.sql backup" "info" +} + +execDevBackup() { + docker compose exec -T db mysql -uroot -p${MYSQL_ROOT_PASSWORD} dot < backups/dot_develop.sql + log "exec dot_develop.sql backup" "info" +} + +purgeDb() { + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "drop database dot" + log "dropped database dot" "info" + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD} -e "create database dot" + log "created database dot" "info" +} + +composer() { + docker compose exec php php -d memory_limit=-1 /usr/local/bin/composer ${@:1} +} + +case "$1" in + "help") + help;; + "init") + init;; + "up") + up;; + "down") + down;; + "composer"*) + composer ${@:2};; + "psalm"*) + composer analyse;; + "php-fixer") + composer cs;; + "deptrac") + composer deptrac;; + "tests") + composer tests;; + "console"*) + docker compose exec php ./bin/console ${@:2};; + "db") + docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD};; + "db-create") + createDatabase $2;; + "backup-dev"*) + createBackupWithExceptions $2;; + "backup-create"*) + createBackup $2 $3;; + "backup-exec"*) + execBackup $2 $3;; + "restore-dev"*) + execDevBackup;; + "purge-db"*) + purgeDb;; + "restore-db") + restoredb;; + "front"*) + case $2 in + *) + docker compose exec nuxt ${@:2};; + esac;; + *) + help + #docker compose exec php ./bin/console ${@:1};; +esac diff --git a/configs/dashboard/.env b/configs/dashboard/.env new file mode 100644 index 0000000..f7d24e6 --- /dev/null +++ b/configs/dashboard/.env @@ -0,0 +1,78 @@ +APP_NAME="DOT-DOT DASHBOARD" +APP_ENV=local +APP_KEY=base64:UdElHcbd1MSsWoLOn8LietbdAhHiyT/C6+dpy+kYfkQ= +APP_DEBUG=true +APP_TIMEZONE=UTC +APP_URL=https://stagingdashboard.dot-dot.ru +FRONTEND_URL=https://stagingdashboard.dot-dot.ru +ASSET_URL=https://stagingdashboard.dot-dot.ru +APP_EMAIL_DOMAIN="dot-dot.ru" + +APP_LOCALE=ru +APP_FALLBACK_LOCALE=ru +APP_FAKER_LOCALE=ru_RU + +APP_MAINTENANCE_DRIVER=file +# APP_MAINTENANCE_STORE=database + +BCRYPT_ROUNDS=12 + +LOG_CHANNEL=stack +LOG_STACK=single +LOG_DEPRECATIONS_CHANNEL=null +LOG_LEVEL=debug + +DEFAULT_DB_CONNECTION=dashboard + +#Параметры подключения к базе панели управления +DASHBOARD_DB_HOST=db +DASHBOARD_DB_PORT=3306 +DASHBOARD_DB_DATABASE=dashboard +DASHBOARD_DB_USERNAME=root +DASHBOARD_DB_PASSWORD=root + +#Параметры подключения к базе dot-dot +DOT_DOT_DB_HOST=db +DOT_DOT_DB_PORT=3306 +DOT_DOT_DB_DATABASE=dot +DOT_DOT_DB_USERNAME=root +DOT_DOT_DB_PASSWORD=root + +SESSION_DRIVER=database +SESSION_LIFETIME=120 +SESSION_ENCRYPT=false +SESSION_PATH=/ +SESSION_DOMAIN=null + +BROADCAST_CONNECTION=log +FILESYSTEM_DISK=local +QUEUE_CONNECTION=database + +CACHE_STORE=database +CACHE_PREFIX= + +MEMCACHED_HOST=127.0.0.1 + +REDIS_CLIENT=phpredis +REDIS_HOST=127.0.0.1 +REDIS_PASSWORD=null +REDIS_PORT=6379 + +MAIL_MAILER=log +MAIL_HOST=127.0.0.1 +MAIL_PORT=2525 +MAIL_USERNAME=null +MAIL_PASSWORD=null +MAIL_ENCRYPTION=null +MAIL_FROM_ADDRESS="hello@example.com" +MAIL_FROM_NAME="${APP_NAME}" + +AWS_ACCESS_KEY_ID= +AWS_SECRET_ACCESS_KEY= +AWS_DEFAULT_REGION=us-east-1 +AWS_BUCKET= +AWS_USE_PATH_STYLE_ENDPOINT=false + +VITE_APP_NAME="${APP_NAME}" + +OCTANE_SERVER=frankenphp diff --git a/configs/lms/.env b/configs/lms/.env new file mode 100644 index 0000000..a6084d1 --- /dev/null +++ b/configs/lms/.env @@ -0,0 +1,13 @@ +NUXT_HOST=0.0.0.0 +NUXT_PORT=3000 +NUXT_ENV_DEVALUE_LOG_LEVEL=silent +WS_PROTOCOL=wss +BASE_URL=https://staginglms.dot-dot.ru/ +API_URL=https://staginglms.dot-dot.ru/ +DOMAIN=staginglms.dot-dot.ru + +APP_HOST=staginglms.dot-dot.ru +APP_SCHEME=https +APP_ENVIRONMENT=production +DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 +YANDEX_METRIKA_ID=5015695 diff --git a/configs/nginx/conf.d/default.conf b/configs/nginx/conf.d/default.conf new file mode 100644 index 0000000..2f1a907 --- /dev/null +++ b/configs/nginx/conf.d/default.conf @@ -0,0 +1,138 @@ +server { + server_name staging.dot-dot.ru; + + root /application/public; + + client_max_body_size 10m; + + + location / { + proxy_pass http://nuxt:3000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } + + location /socket.io/auctionreload { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_pass http://php:8080; + } + + location @rewriteapp { + rewrite ^(.*)$ /index.php/$1 last; + } + + # location /storybook { + # alias /application/nuxt/storybook-static; + # } + + location /logout { + try_files $uri @rewriteapp; + } + + location /api { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /__clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /pdf { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /1c { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /socket { + try_files $uri @rewriteapp; + } + + location /admin { + try_files $uri @rewriteapp; + } + + location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { + proxy_pass http://static; + } + + location /media { + try_files $uri @rewriteapp; + } + + location /img { + proxy_pass http://static; + # alias /application/public/img; + # try_files $uri /index.php$request_uri; + # expires 6M; + } + + location ~ ^/index\.php(/|$) { + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } + + #add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Origin' *; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + + fastcgi_pass php:9001; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + + location /mysql_exporter { + access_log /var/log/nginx/mysql_exporter_access.log json; + error_log /var/log/nginx/mysql_exporter_error.log; + + #if ($allow = 0) { + # return 403; + #} + + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_http_version 1.1; + proxy_pass http://mysqld-exporter:9104/metrics; + } + + location /redis_exporter { + access_log /var/log/nginx/mysql_exporter_access.log json; + error_log /var/log/nginx/mysql_exporter_error.log; + + #if ($allow = 0) { + # return 403; + #} + + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_http_version 1.1; + proxy_pass http://redis-exporter:9121/metrics; + } +} diff --git a/configs/nginx/conf.d/lms.conf b/configs/nginx/conf.d/lms.conf new file mode 100644 index 0000000..8cee9e1 --- /dev/null +++ b/configs/nginx/conf.d/lms.conf @@ -0,0 +1,120 @@ +# server { +# listen 80; +# server_name staginglms.dot-dot.ru; +# return 301 https://$server_name$request_uri; +# } + +server { + server_name staginglms.dot-dot.ru; + + root /application/public; + + client_max_body_size 10m; + + + location / { + proxy_pass http://lms:3000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } + + location /socket.io/auctionreload { + access_log /var/log/nginx/ws_access.log json; + error_log /var/log/nginx/ws_error.log; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_pass http://php:8080/; + } + + location @rewriteapp { + rewrite ^(.*)$ /index.php/$1 last; + } + + # location /storybook { + # alias /application/nuxt/storybook-static; + # } + + location /logout { + try_files $uri @rewriteapp; + } + + location /api { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /__clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /pdf { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /1c { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /socket { + try_files $uri @rewriteapp; + } + + location /admin { + try_files $uri @rewriteapp; + } + + location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { + proxy_pass http://static; + } + + location /media { + try_files $uri @rewriteapp; + } + + location /img { + proxy_pass http://static; + # alias /application/public/img; + # try_files $uri /index.php$request_uri; + # expires 6M; + } + + location /robots.txt { + proxy_pass http://static; + } + + location ~ ^/index\.php(/|$) { + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } + + #add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Origin' *; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + + fastcgi_pass php:9001; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } +} diff --git a/configs/nginx/nginx.conf b/configs/nginx/nginx.conf new file mode 100644 index 0000000..9f79d49 --- /dev/null +++ b/configs/nginx/nginx.conf @@ -0,0 +1,64 @@ +user nginx; +worker_processes 16; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 10240; + use epoll; + multi_accept on; +} +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + log_format upstream_time '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" rt=$request_time uct=$upstream_connect_time uht=$upstream_header_time urt=$upstream_response_time "$http_user_agent"'; + + log_format json escape=json '{' + '"time":"$time_iso8601",' + '"proxy_protocol_addr":"$proxy_protocol_addr",' + '"remote_addr":"$remote_addr",' + '"x-forward-for":"$proxy_add_x_forwarded_for",' + '"request_id":"$request_id",' + '"request":"$request",' + '"remote_user":"$remote_user",' + '"bytes_sent":"$bytes_sent",' + '"body_bytes_sent":"$body_bytes_sent",' + '"request_time":"$request_time",' + '"status":"$status",' + '"vhost":"$host",' + '"request_proto":"$server_protocol",' + '"path":"$uri",' + '"request_query":"$args",' + '"request_length":"$request_length",' + '"method":"$request_method",' + '"http_referrer":"$http_referer",' + '"http_user_agent":"$http_user_agent",' + '"upstream_addr":"$upstream_addr",' + '"upstream_latency":"$upstream_response_time",' + '"upstream_status":"$upstream_status",' + '"upstream_response_time":"$upstream_response_time",' + '"upstream_connect_time":"$upstream_connect_time",' + '"upstream_header_time":"$upstream_header_time",' + '"upstream_bytes_received":"$upstream_bytes_received",' + '"upstream_bytes_sent":"$upstream_bytes_sent",' + '"tls":"$ssl_protocol/$ssl_cipher"' + '}'; + + access_log /var/log/nginx/access.log json; + + server_tokens off; + charset UTF-8; + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_requests 1000; + keepalive_timeout 65; + #gzip on; + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + resolver 127.0.0.11 ipv6=off valid=1s; + include /etc/nginx/conf.d/*.conf; +} \ No newline at end of file diff --git a/configs/nginx/templates/default b/configs/nginx/templates/default new file mode 100644 index 0000000..3c15b2f --- /dev/null +++ b/configs/nginx/templates/default @@ -0,0 +1,105 @@ +server { + server_name staging.dot-dot.ru; + + root /application/public; + +client_max_body_size 10m; + + + location / { + proxy_pass http://nuxt:3000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } + + location /socket.io/auctionreload { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_pass http://php:${PHP_SOCKET_PORT}/; + } + + location @rewriteapp { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /storybook { + alias /application/nuxt/storybook-static; + } + + location /logout { + try_files $uri @rewriteapp; + } + + location /help { + alias /application/help-platform/src/.vuepress/dist; + } + + location /api { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /__clockwork { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /pdf { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /1c { + rewrite ^(.*)$ /index.php/$1 last; + } + + location /socket { + try_files $uri @rewriteapp; + } + + location /admin { + try_files $uri @rewriteapp; + } + + location /media { + try_files $uri @rewriteapp; + } + + location /img { + alias /application/public/img; + } + + location ~ ^/index\.php(/|$) { + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } + + add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + + fastcgi_pass php:9001; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + + error_log /var/log/nginx/dot_dot_error.log; + access_log /var/log/nginx/dot_dot_access.log; +} diff --git a/configs/nuxt/.env b/configs/nuxt/.env new file mode 100644 index 0000000..80d7236 --- /dev/null +++ b/configs/nuxt/.env @@ -0,0 +1,15 @@ +NUXT_HOST=0.0.0.0 +NUXT_PORT=3000 +NUXT_ENV_DEVALUE_LOG_LEVEL=silent +WS_PROTOCOL=wss +BASE_URL=staging.dot-dot.ru +API_URL=https://staging.dot-dot.ru/ +DOMAIN=staging.dot-dot.ru + +APP_HOST=staging.dot-dot.ru +APP_SCHEME=https +APP_ENVIRONMENT=production +DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 +YANDEX_METRIKA_ID=50156956 +PHONE_KEY=qwefghzcx +SMARTCAPTCHA_CLIENT_KEY=ysc1_GLQZ8QPaFh0eXqZ5KaRM0WJYqoP9vL0uqhujfcw75c1487df diff --git a/configs/nuxt/entrypoint.sh b/configs/nuxt/entrypoint.sh new file mode 100755 index 0000000..ede5ebd --- /dev/null +++ b/configs/nuxt/entrypoint.sh @@ -0,0 +1,55 @@ +#!/bin/sh + +DOMAIN="${DOMAIN:-dot-dot.local}" +APP_HOST="${APP_HOST:-dot-dot.local}" +API_URL="{API_URL:-${DOMAIN}}" +APP_SCHEME="${APP_SCHEME:-http}" +API_URL="${APP_SCHEME}://${DOMAIN}/" +BASE_URL="${APP_SCHEME}://${DOMAIN}" +APP_ENVIRONMENT="${APP_ENVIRONMENT:-development}" +WS_PROTOCOL=${WS_PROTOCOL:-ws} + +for x in $(grep -lr baseURL .nuxt/);do + sed -i -e "s#\"baseURL\":\"http://dot-dot.local\"#\"baseURL\":\"${BASE_URL}\"#g" $x +done + +for x in $(grep -lr APP_SCHEME .nuxt/);do + sed -i -e "s#\"APP_SCHEME\":\"http\"#\"APP_SCHEME\":\"${APP_SCHEME}\"#g" $x + sed -i -e "s#APP_SCHEME:\"http\"#\"APP_SCHEME\":\"${APP_SCHEME}\"#g" $x +done + +for x in $(grep -lr APP_HOST .nuxt/);do + sed -i -e "s#\"APP_HOST\":\"dot-dot.local\"#\"APP_HOST\":\"${APP_HOST}\"#g" $x +done + +for x in $(grep -lr BASE_URL .nuxt/);do + sed -i -e "s#\"BASE_URL\":\"http://dot-dot.local\"#\"BASE_URL\":\"${BASE_URL}\"#g" $x +done + +for x in $(grep -lr API_URL .nuxt/);do + sed -i -e "s#\"API_URL\":\"http://dot-dot.local/\"#\"API_URL\":\"${API_URL}\"#g" $x +done + +for x in $(grep -lr APP_ENVIRONMENT .nuxt/);do + sed -i -e "s#\"APP_ENVIRONMENT\":\"development\"#\"APP_ENVIRONMENT\":\"${APP_ENVIRONMENT}\"#g" $x + sed -i -e "s#\"APP_ENVIRONMENT\": \"development\"#\"APP_ENVIRONMENT\":\"${APP_ENVIRONMENT}\"#g" $x + sed -i -e "s#APP_ENVIRONMENT:\"development\"#\"APP_ENVIRONMENT\":\"${APP_ENVIRONMENT}\"#g" $x +done + +for x in $(grep -lr WS_PROTOCOL .nuxt/);do + sed -i -e "s#\"WS_PROTOCOL\":\"ws\"#\"WS_PROTOCOL\":\"${WS_PROTOCOL}\"#g" $x + sed -i -e "s#WS_PROTOCOL:\"ws\"#\"WS_PROTOCOL\":\"${WS_PROTOCOL}\"#g" $x + sed -i -e "s#\"WS_PROTOCOL\": \"ws\"#\"WS_PROTOCOL\": \"${WS_PROTOCOL}\"#g" $x +done + +for x in $(grep -lr dot-dot.local .nuxt/);do + echo "replace dot-dot.local to ${DOMAIN} in $x" + sed -i -e "s#dot-dot.local#${DOMAIN}#g" $x; +done + +for x in $(grep -lr http://${DOMAIN} .nuxt/);do + echo "replace http://${DOMAIN} to ${APP_SCHEME}://${DOMAIN} in $x" + sed -i -e "s#http://${DOMAIN}#${APP_SCHEME}://${DOMAIN}#g" $x; +done + +"$@" diff --git a/configs/php/.env b/configs/php/.env new file mode 100644 index 0000000..0c5f2ee --- /dev/null +++ b/configs/php/.env @@ -0,0 +1,149 @@ +APP_ENV=prod +APP_SECRET=c35a0abba25a5396d74ec17fca238d9a + +LOCK_DSN=flock +PHP_SOCKET_PORT=8080 + +DATABASE_URL_DOT=mysql://root:root@db:3306/dot?serverVersion=mariadb-10.3.25 +DATABASE_URL_DOT_STATISTIC=mysql://root:root@db:3306/dot_statistic?serverVersion=mariadb-10.3.25 + +DOCUMENT_ROOT=/application +<<<<<<< HEAD +APP_HOST=staging.dot-dot.ru +APP_SCHEME=https +======= +APP_HOST=teste.dot-dot.ru +APP_SCHEME=http +>>>>>>> bf9c2589f2048793e390ff4d31f979bf6e8ab2c4 + +MAILER_DSN=null://null + +WKHTMLTOPDF_PATH="xvfb-run /usr/bin/wkhtmltopdf --enable-local-file-access" + +SP_WSDL=http://91.208.205.54:84/orawsv/XMLWEB/ +SP_LOGIN=xmlweb +SP_PASSWORD=xmlweb +SP_KEY=secret +SP_TEST=true + +SP_V3_URL=https://spasskievorota.ru/services/test/cargo_3.php +SP_V3_KEY=16e93b225c730920ac5741a8d8df788f + +DEFAULT_EMAIL=no_reply@dot-dot.ru +ADMIN_EMAIL=change.this@dot-dot.ru +ACCOUNTANT_EMAIL=noreplay@dot-dot.ru +SALES_EMAIL=sale.ftl@dot-dot.ru +LOGIST_EMAIL=nd@dot-dot.ru +LEAD_EMAIL=change.this@dot-dot.ru +VOSTOK_EMAIL=vostok@dot-dot.ru + +SMSC_LOGIN=secret +SMSC_PASS=secret + +DADATA_API_TOKEN=secret +DADATA_API_SECRET=secret + +UNISENDER_API_KEY=secret + +VOICIA_API_KEY=7589ed2721e50e299eb3baf2e3100a6b +VOICIA_API_URL=https://app.voicia.ru + +UAT_1C_API_URL=http://1c.nwtlk.ru/UATtest/hs +UAT_1C_USER=secret +UAT_1C_PASSWORD=secret + +FNS_ACCESS_TOKEN=secret + +GOOGLE_MAPS_ACCESS_KEY=secret +GOOGLE_MAPS_BASE_URL=https://maps.google.com + +ML_CALCULATOR_URL=https://ml.dot-dot.ru/v2/classification/order/relevance + +<<<<<<< HEAD +ML_REGULAR_DIRECTION_URL=https://ml.dot-dot.ru/v2/schedule/transport +ML_REGULAR_DIRECTION_CHAIN_URL=https://ml.dot-dot.ru/v1/schedule/chains +ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v1/schedule/carrier/scoring +ML_REGULAR_DIRECTION_CHAIN_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v1/schedule/chains/carrier/scoring +ML_UNCERTAIN_DIRECTIONS_URL=https://ml.dot-dot.ru/v1/classification/direction/uncertain +======= +ML_REGULAR_DIRECTION_URL=https://calc.dev.dot-dot.ru/v2/schedule/transport +ML_REGULAR_DIRECTION_CHAIN_URL=https://calc.dev.dot-dot.ru/v1/schedule/chains +ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://calc.dev.dot-dot.ru/v1/schedule/carrier/scoring +ML_REGULAR_DIRECTION_CHAIN_RELEVANCE_CARRIERS_URL=https://calc.dev.dot-dot.ru/v1/schedule/chains/carrier/scoring +ML_UNCERTAIN_DIRECTIONS_URL=https://calc.dev.dot-dot.ru/v1/classification/direction/uncertain +>>>>>>> bf9c2589f2048793e390ff4d31f979bf6e8ab2c4 + +YANDEX_MAPS_ACCESS_KEY=secret +YANDEX_MAPS_BASE_URL=https://api.routing.yandex.net + +GRAFANA_ADMIN_PASSWORD=admin +GRAFANA_API_URL=http://grafana:3000 +GRAFANA_PUBLIC_URL=http://grafana.dot-dot.local + +THREESELLER_USERNAME=savrickijj@rambler.ru +THREESELLER_PASSWORD=123123 + +ATISU_CLIENT_ID=f26841019e0243418395d44ed7430f2a +ATISU_APIKEY=46b599c3ab7f4574b560f48ea005d9f3 + +###> google/apiclient ### +ANALITIC_GOOGLE_CLIENT_ID=secret +ANALITIC_GOOGLE_CLIENT_SECRET=secret +ANALITIC_GOOGLE_CLIENT_REDIRECT_URI=http://localhost/admin/analitic/google-callback +###< google/apiclient ### + +###> telegramm ### +TELEGRAM_URL=https://api.telegram.org/ +TELEGRAM_BOT_TOKEN=secret +TELEGRAM_CHAT_ID=secret +###< telegramm ### + +DEFAULT_SLUG=dotdot + +###> voicia ### +VOICIA_CALL_ID=secret +###< voicia ### + +###> openssl_encrypt parameters ### +OPENSSL_CIPHER=aes-128-gcm +OPENSSL_PASS_PHRASE=secret +OPENSSL_IV=secret +###> openssl_encrypt parameters ### + +TKKIT_API_TOKEN=secret +TKKIT_API_URL=https://capi.tk-kit.com + +###> BAIKAL### +BAIKAL_API_KEY=secret +###< BAIKAL### + +TELEGRAM_CHAT_BOT_ACCESS_TOKEN=secret + +###> NORDWHEEL### +NORDWHEEL_API_URL=https://nordw.ru +###< NORDWHEEL### + +JDE_API_URL=https://api.jde.ru + +###> SKIF### +SKIF_API_URL=sekret +SKIF_API_LOGIN=sekret +SKIF_API_PASSWORD=sekret +###< SKIF### + +###> DPD ### +DPD_PATH=https://ws.dpd.ru/services/ +DPD_CLIENT_NUMBER=secret +DPD_CLIENT_KEY=secret +###< DPD### + +###> SOVKOM### +SOVKOM_API_KEY=secret +SOVKOM_API_URL=secret +###< SOVKOM### + +MAGIC_API_URL=https://magic-trans.ru/ + +MAGIC_API_URL=https://magic-trans.ru/ + +ML_REGULAR_DIRECTION_HISTORY_ORDER_URL=https://ml.dot-dot.ru/v1/schedule/transport/orders diff --git a/configs/php/.env.local b/configs/php/.env.local new file mode 100644 index 0000000..f442a9e --- /dev/null +++ b/configs/php/.env.local @@ -0,0 +1,176 @@ +CONTAINER_NAME=php +APP_ENV=prod +NotificationBuildServicejSP_KEY=16e93b225c730920ac5741a8d8df788f + +DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 +DADATA_API_SECRET=1ea37a4d310e7a6ac64211ffe5686363f04d4e68 + +ROISTAT_API_KEY=c63a71dd721df7f1b1d7b5803a84ccc7 +ROISTAT_PROJECT_ID=166751 + +UNISENDER_API_KEY=6ugo1c6yqfux9wrs8pbaom3izz9pc9huetqbdo9y + +GTD_ACCESS_TOKEN=cznMwszlx-5X_F7uQbg-uaPFhqmBP28z + +FNS_ACCESS_TOKEN=a5639b93fe4e7c9a3f1dd85537e066d36439c352 + +GOOGLE_MAPS_ACCESS_KEY=AIzaSyBCPl2LcpRvplzLUNVMVLhA3b7k46lTCTg + +<<<<<<< HEAD +NUXT_BASE_URL=staging.dot-dot.ru +======= +NUXT_BASE_URL=teste.dot-dot.ru +>>>>>>> bf9c2589f2048793e390ff4d31f979bf6e8ab2c4 + +ATISU_API_TOKEN=46b599c3ab7f4574b560f48ea005d9f3 + +###> google/apiclient ### +ANALITIC_GOOGLE_CLIENT_ID=672035500859-n6cq8lb393rs5f7q46pnjrc6u9hjiomg.apps.googleusercontent.com +ANALITIC_GOOGLE_CLIENT_SECRET=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 +ANALITIC_GOOGLE_CLIENT_REDIRECT_URI=http://dot-dot.local/admin/analitic/google-callback +###< google/apiclient ### + +###> telegramm ### +TELEGRAM_BOT_TOKEN=5807192360:AAHSUZcWeY1bC7aqdmcYXOfb1CYyK0xx0Cc +TELEGRAM_CHAT_ID=-875661421 +###< telegramm ### + +###> voicia ### +VOICIA_API_KEY=7589ed2721e50e299eb3baf2e3100a6b +VOICIA_CALL_ID=8788 +###< voicia ### + +###> ml_calculator ### +ML_CALCULATOR_URL=https://ml.dot-dot.ru/v2/classification/order/relevance +###< ml_calculator ### + +###> comagic ### +COMAGIC_URL=https://dataapi.comagic.ru/v2.0 +COMAGIC_KEY=j769gveux0brdq7wb6insegwtczvz7nsqmuntkqv +###< comagic ### + +###> carrier_scoring ### +ML_CARRIER_SCORING=https://ml.dot-dot.ru/v2/classification/carrier/scoring +###< carrier_scoring ### + +###> direction_scoring ### +<<<<<<< HEAD +ML_DIRECTION_SCORING_URL=https://ml.dot-dot.ru/v3/classification/direction/confidence +======= +ML_DIRECTION_SCORING_URL=https://ml.dot-dot.ru/v2/classification/direction/confidence +>>>>>>> bf9c2589f2048793e390ff4d31f979bf6e8ab2c4 +###< direction_scoring ### + +###> direction_recalculate ### +ML_DIRECTION_RECALCULATE_URL=https://ml.dot-dot.ru/v2/schedule/calculate +###< direction_recalculate ### + +###< Vozovoz ### +VOZOVOZ_API_KEY=5Thue256i0n5jXpB8vQfzng0VNJKGDar7ol5x0iD +VOZOVOZ_API_URL=https://vozovoz.ru/ +###> Vozovoz ### + +###< Pek ### +PECOM_API_LOGIN=TochkaTochka +PECOM_API_PASSWORD=EB77132653DD37BCD4EF591968F504CFB04BDFC4 +PECOM_API_URL=https://kabinet.pecom.ru/ +###> Pek ### + +###< TkKit ### +TKKIT_API_TOKEN=FKIICpqz25v10RuFcNorHACFdhEtkQK8 +TKKIT_API_URL=https://capi.tk-kit.com/ +###> TkKit ### + +###> Baikal ### +BAIKAL_API_KEY=NjJiZjdiMjU0N2Y4ZTk5OTY3OTY3OGUxM2VjZjA3N2M6 +BAIKAL_API_URL=https://api.baikalsr.ru/v2 +BAIKAL_API_PARTNER_GUID=PROVERKA +###< Baikal ### + +###> DelovieLinii ### +DELLIN_API_KEY=BE38996C-F722-4691-BCF3-640B76DAB18B +DELLIN_API_URL=https://api.dellin.ru/ +DELLIN_PASSWORD=Logistika01 +DELLIN_LOGIN=km@dot-dot.ru +###< DelovieLinii ### + +###> JelDorEksp ### +JDE_API_USER=2252131242955194 +JDE_API_TOKEN=159687460352596660 +###< JelDorEksp ### + +###> Nordweel ### +NORDWHEEL_API_URL=https://nordw.ru/ +###< Nordweel ### + +###> SKIF ### +SKIF_API_URL=http://api.skif-cargo.ru/integrations/ws/orders.1cws +SKIF_API_LOGIN=DotDotAPI +SKIF_API_PASSWORD=H*GYU#7g8YG*#! +###< SKIF ### + +###> DPD ### +DPD_CLIENT_NUMBER=1001066989 +DPD_CLIENT_KEY=8D52BF0F4D272FA91AF7B8EFC64C74EA31B89C4D +###< DPD ### + +PAPA_FINANCE_LOGIN=DotDotAPI +PAPA_FINANCE_PASSWORD=DotDotAPI +PAPA_FINANCE_API_URL=DotDotAPI +###> SOVKOMTEST### +SOVKOM_API_KEY=AAk6UcV88xCCC26654rM +SOVKOM_API_URL=https://testout.sovcomins.ru +###< SOVKOMTEST### + +<<<<<<< HEAD +ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v2/schedule/carrier/scoring + +ML_REGULAR_DIRECTION_URL=https://ml.dot-dot.ru/v2/schedule/transport + +ACCOUNTING_AUDIT_URL="https://crm.dot-dot.ru/TTLBuhreport/hs/TT/reconciliationreport" + +======= +ML_REGULAR_DIRECTION_URL=https://ml.dot-dot.ru/v2/schedule/transport + +>>>>>>> bf9c2589f2048793e390ff4d31f979bf6e8ab2c4 +###> YandexTracker ### +YTRACKER_API_TOKEN="y0_AgAEA7qkKFmeAAjF8AAAAADXovQd6htdkt7LTDW_sNHCz7qV9zdVHaQ" +YTRACKER_ORGANISATION_ID=355207 +###< YandexTracker ### + +<<<<<<< HEAD +SMARTCAPTCHA_SERVER_KEY=ysc2_GLQZ8QPaFh0eXqZ5KaRMuRRZOX7qNNMy7P9Mq82V6c4e7b81 + +###> sentry/sentry-symfony ### +SENTRY_DSN="https://69bb249adbab80b23cf043b276a27fde@sentry.dot-dot.ru/4" +SENTRY_SERVER_NAME=pre-prod +SENTRY_SERVER_USER_NAME=admin +###< sentry/sentry-symfony ### + +ML_CALCULATOR_TRADE_ONLY_URL=https://ml.dot-dot.ru/v1/tender/price + +ML_REGULAR_DIRECTION_HISTORY_ORDER_URL=https://ml.dot-dot.ru/v1/schedule/transport/orders + +#QUEUE_DSN_OC_CARRIER_OFFERS=amqp://guest:guest@rabbitmq:5672/%2f/OC_CARRIER_OFFERS +#QUEUE_DSN_STATISTIC_EXPORT=amqp://guest:guest@rabbitmq:5672/%2f/STATISTIC_EXPORT +QUEUE_DSN_OC_CARRIER_OFFERS=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/OC_CARRIER_OFFERS +QUEUE_DSN_STATISTIC_EXPORT=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/STATISTIC_EXPORT + +CRYPTOPRO_PATH='/opt/cprocsp/bin/amd64/cryptcp -sign -dn '"ООО ""ТОЧКА-ТОЧКА ЛОГИСТИКА"""' -der' +SIGNED_DOC_PATH="/application/var/documents/signeddocs" +ABSOLUTE_SIGNED_DOC_PATH="/home/ddadmin/demolms/signeddocs" +CHROMIUM_BROWSER_SYS_PATH="/usr/bin/chromium-browser" + +###> API_KONTUR_FOCUS### +USER_TRUST_API_KONTUR_FOCUS_END_POINT_URL=https://focus-api.kontur.ru/ +USER_TRUST_API_KONTUR_FOCUS_API_TOKEN=3208d29d15c507395db770d0e65f3711e40374df +USER_TRUST_CHECK_BACKEND=true +###< API_KONTUR_FOCUS### +QUEUE_DSN_USER_TRUST=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/USER_TRUST + +CHROMIUM_BROWSER_SYS_PATH="/usr/bin/chromium-browser" +======= +ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v1/schedule/carrier/scoring +ML_REGULAR_DIRECTION_CHAIN_URL=https://ml.dot-dot.ru/v1/schedule/chains +ML_REGULAR_DIRECTION_CHAIN_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v1/schedule/chains/carrier/scoring +>>>>>>> bf9c2589f2048793e390ff4d31f979bf6e8ab2c4 diff --git a/configs/php/firebase-fcm-dotdot-key.json b/configs/php/firebase-fcm-dotdot-key.json new file mode 100755 index 0000000..d5d7878 --- /dev/null +++ b/configs/php/firebase-fcm-dotdot-key.json @@ -0,0 +1,13 @@ +{ + "type": "service_account", + "project_id": "t-t-logistics", + "private_key_id": "d43ca447a200d75f02886d06689212e27f0fd823", + "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCeqg8yH6kQp+eL\nJqjrwkgDHyw6xnKUqjidAV7C259tZD6BXzxcqzaqKc3DdCWyB8Eu0EpTfBsp6M+6\n3KACXXZ++Pd3bgzp3KOFRV16eDLr/xkvGUlMIKwb3saDjnPSdvrU0TqwCURQ+PEi\nPm6s4UTZ/bPp/h62q/oTxB3bQVwoOUcCljPynjAYUG49OXVbUW1yCMbgo1QUIXbU\n/b7mcNwjNyUnUX3mTjarjEVislqkO0j5XB06Hdnnb0z7OED0nJSV6ZRA0933Y4hL\nS+JFer1IuQGP3B8NpMdmOdCDpZPb4odcgt2Zw4gwqEV3iCE7OmXJtAQq/Nmd3luh\n6Sls4FVPAgMBAAECggEAPimZl4VA+0YVWPbWErxE83gon4R1itpgIN9TDZv3S+gM\n9ynlX9cyrRuAwtWEGUqhfOJdZHUIvXQ5wtfClvqgPOH1LqT+yTdJF6NUGvHx3XVO\nHB5XkcxxMeAnvY43wZsc7flleWfADMtjygtU2EXP8GpOLVyDEwWxDkJ1ghwK67Ta\ndpQWWbSnqo1alEWdELJ8y39xJrB/JSnFGc2sstfD5tx4fJ+1jI0ZvnCz3G1d42Rr\nnLaHfRoGSt5TddyvqejAXOhtL/Rhnki1XKhrl9/v1d25kUFPc+dK8z4yUXpWAHWs\nQfhPkRCaEYdTy9wbQ3T2tRATamuxYdGRGPVh47BSHQKBgQDeVHtk1MZVW0mohTCm\n+dto4QPGe0CVomQ1M6DGLv8fLpCTCpb2vdeftVjWXghZrWWaYBK3nZcyTP5+ii/g\nDW94TFWzB3a0M+tE1BGwc8Y9fifGqgcTeIxDbZzrDjmhOlebSvygX4uclmplPznl\ncaRpva3W6XJYGnCqMJf/XSaRTQKBgQC2sVHSA9X58Wy3ZTrbtTC1xGDx/2yGvoAw\n8w5pSj2w8f6wXvBV32uGWdf74s7XLS3g4I/y9nUGAJRJfzbBMwaAzjGHGX5UC6kp\nNJ5ZCfyRFOJ2hllIcsksj96RyDATry4fTc210XwXHHauz4tsqSfP6JomWggh6fj6\nTf4oq3zzCwKBgD1doiVlmUysArux74jXBBmBqhIZqOzkQrZwhprNE/veVWdQj/SQ\n17gsTNX2ZGWkN5wRknj91WK73667o5U7AB57K1hb4gbBIdoAktVaT0hfzsjF22gj\naMufsKUsavm2acHiQ7JcTOOunLVPa0KKSHArO5VLIBVzTs+a1AlXA7MtAoGAGRaw\nzc6JDBIDhAv60UFIty2IwrL5DGgM4qv+RqdTYYFaII5pIuHTuleMOaMkFJi3vDIa\nkpsV5wUdWBqIQm/nbLjkRFFT7+bKDEaVmFSuwp3Dm9NHX5Oj3OLFBfAf6hQcmV/t\n6BIkoGfgRJFr7Dgup3ah9LJYe4/OCVG8nYkvV5ECgYBFfQlhYv24M4RHQ/EbOIJY\nmZgZzcGz7nA0AWS8zeSoTizAtPwnoPElOs/+drJ+CKaAnfr8+BZ1spP2I8Sj6l9g\nXeDBlZvX7Q1baz6vdQr1KscjmWnHUbaDCrGWK+95umAVpyrabopynQt7T0GrBWKz\n+nixrt/C57fjiE2OHM8big==\n-----END PRIVATE KEY-----\n", + "client_email": "firebase-push-auth-dd@t-t-logistics.iam.gserviceaccount.com", + "client_id": "117030561604837789287", + "auth_uri": "https://accounts.google.com/o/oauth2/auth", + "token_uri": "https://oauth2.googleapis.com/token", + "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", + "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-push-auth-dd%40t-t-logistics.iam.gserviceaccount.com", + "universe_domain": "googleapis.com" +} diff --git a/configs/php/www.conf b/configs/php/www.conf new file mode 100644 index 0000000..302be9c --- /dev/null +++ b/configs/php/www.conf @@ -0,0 +1,455 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. The owner +; and group can be specified either by name or by their numeric IDs. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is different than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 25 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: (min_spare_servers + max_spare_servers) / 2 +pm.start_servers = 10 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 10 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 20 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following information: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The address on which to accept FastCGI status request. This creates a new +; invisible pool that can handle requests independently. This is useful +; if the main pool is busy with long running requests because it is still possible +; to get the status before finishing the long running requests. +; +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Default Value: value of the listen option +;pm.status_listen = 127.0.0.1:9001 + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{milliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some examples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout set by 'request_terminate_timeout' ini option is not engaged after +; application calls 'fastcgi_finish_request' or when application has finished and +; shutdown functions are being called (registered via register_shutdown_function). +; This option will enable timeout limit to be applied unconditionally +; even in such cases. +; Default Value: no +;request_terminate_timeout_track_finished = no + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environment, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +;decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/configs/php/zz-docker.conf b/configs/php/zz-docker.conf new file mode 100644 index 0000000..363ab1f --- /dev/null +++ b/configs/php/zz-docker.conf @@ -0,0 +1,5 @@ +[global] +daemonize = no + +[www] +listen = 0.0.0.0:9000 diff --git a/configs/rabbitmq/enabled_plugins b/configs/rabbitmq/enabled_plugins new file mode 100644 index 0000000..e69de29 diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..a4ecf54 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,184 @@ +volumes: + certbot_volume: + nginx_log_volume: + mysql_data_volume: + mysql_backup_volume: + php_var_volume: + bookstack_data_volume: + rabbitmq_volume: + redis_volume: + php_support_volume: + + +x-defaults-php: &defaults-php + image: registry.dot-dot.ru/dot-dot:${DOTDOT_TAG} + restart: unless-stopped + volumes: + - ./configs/php/.env:/application/.env + - ./configs/php/.env.local:/application/.env.local + - ./configs/php/zz-docker.conf:/usr/local/etc/php-fpm.d/zz-docker.conf + - php_var_volume:/application/var + - php_support_volume:/application/var/support-issue + - ./configs/php/www.conf:/usr/local/etc/php-fpm.d/www.conf + - ./configs/php/firebase-fcm-dotdot-key.json:/application/config/firebase-fcm-dotdot-key.json + depends_on: + - db + - rabbitmq + networks: + - dd + +networks: + dd: + name: ${NETWORK} + ingress: + external: true + +services: + db: + image: mariadb:10.3.25 + restart: unless-stopped + environment: + MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} + MYSQL_USER: ${MYSQL_USER} + MYSQL_DATABASE: ${MYSQL_DATABASE} + MYSQL_PASSWORD: ${MYSQL_PASSWORD} + ports: + - ${MYSQL_PORT}:3306 + volumes: + - mysql_data_volume:/var/lib/mysql + - mysql_backup_volume:/backups + networks: + - dd + + mysqld-exporter: + image: prom/mysqld-exporter:v0.15.1 + restart: unless-stopped + command: --config.my-cnf=/.my.cnf + volumes: + - ./.my.cnf:/.my.cnf + depends_on: + - db + networks: + - dd + + backend: + <<: *defaults-php + + php: + # TODO: Денис должен переделать и добавить + command: ./bin/console app:auction:reload + <<: *defaults-php + + statistic-export: + <<: *defaults-php + command: ./bin/console messenger:consume StatisticExport + + carrier-offers: + <<: *defaults-php + command: ./bin/console messenger:consume CarrierOffers + + user-trust: + <<: *defaults-php + command: ./bin/console messenger:consume UserTrust + + auction: + <<: *defaults-php + command: sh -c 'while true; do echo run; ./bin/console app:auction:process; sleep 60;done' + + lms: + image: registry.dot-dot.ru/lms:${LMS_TAG} + restart: unless-stopped + command: npm run start + volumes: + - ./configs/lms/.env:/app/.env + env_file: + - ./configs/lms/.env + networks: + - dd + + static: + image: registry.dot-dot.ru/dot-dot-static:${DOTDOT_TAG} + restart: unless-stopped + networks: + - dd + + nuxt: + image: registry.dot-dot.ru/front:${FRONT_TAG} + restart: unless-stopped + command: npm run start + volumes: + - ./configs/nuxt/.env:/app/.env + - ./configs/nuxt/entrypoint.sh:/entrypoint.sh + env_file: + - ./configs/nuxt/.env + networks: + - dd + + dashboard: + image: registry.dot-dot.ru/dashboard:${DASHBORD_TAG} + command: frankenphp php-server -r /application/public + restart: unless-stopped + environment: + - SERVER_NAME=stagingdashboard.dot-dot.ru + volumes: + - ./configs/dashboard/.env:/application/.env + depends_on: + - db + networks: + - dd + - ingress + + nginx: + image: nginx:1.25.3-alpine3.18 + restart: unless-stopped + volumes: + - ./configs/nginx/conf.d:/etc/nginx/conf.d + - ./configs/nginx/nginx.conf:/etc/nginx/nginx.conf + - ./configs/nginx/www:/var/www + - ./configs/nginx/ssl:/etc/nginx/ssl + - ./configs/nginx/other:/etc/nginx/other + - certbot_volume:/etc/letsencrypt + - nginx_log_volume:/var/log/nginx + depends_on: + - nuxt + - php + - static + networks: + dd: + ingress: + aliases: + - ${NETWORK}-nginx + + rabbitmq: + image: rabbitmq:3.12.1-management-alpine + restart: unless-stopped + hostname: ${COMPOSE_PROJECT_NAME} + volumes: + - rabbitmq_volume:/var/lib/rabbitmq + - ./configs/rabbitmq/enabled_plugins:/etc/rabbitmq/enabled_plugins + environment: + - RABBITMQ_DEFAULT_USER=${RABBITMQ_USERNAME} + - RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD} + - RABBITMQ_CONFIG_FILE=/etc/rabbitmq/rabbitmq.conf + networks: + dd: {} + + redis: + image: redis:7.2.4-alpine3.19 + restart: unless-stopped + volumes: + - redis_volume:/data + - ./configs/redis:/usr/local/etc/redis + environment: + - REDIS_PASSWORD=${REDIS_PASSWORD} + - REDIS_PORT=6379 + networks: + dd: {} + + redis-exporter: + image: oliver006/redis_exporter:v1.59.0 + command: + - "--redis.addr=redis://redis:6379" + - "--redis.password=${REDIS_PASSWORD}" + networks: + dd: {}