From 3e62ae214e38f5cef2c102ee83804916f9ecba0e Mon Sep 17 00:00:00 2001 From: ddadmin Date: Fri, 24 Jan 2025 16:07:37 +0300 Subject: [PATCH] fix config --- .env | 12 +- app.sh | 2 +- configs/admin/.env | 3 + configs/admin/entrypoint.sh | 10 + configs/dashboard/.env | 78 +++ configs/lms/.env | 13 + configs/lms/entrypoint.sh | 10 + configs/mlatrucks/.env | 71 +++ configs/mltorgtrans/.env | 68 +++ configs/nginx/conf.d/admin.conf | 16 + configs/nginx/conf.d/default.conf | 27 +- .../{templates/default => conf.d/lms.conf} | 78 +-- configs/nginx/conf.d/rabbitmq.conf | 48 ++ configs/nginx/ssl/dot2023.crt | 89 ++++ configs/nginx/ssl/dot2023.key | 51 ++ configs/nginx/ssl/dot2024.crt | 107 ++++ configs/nginx/ssl/dot2024.key | 51 ++ configs/nuxt/entrypoint.sh | 10 + configs/php/.env | 14 +- configs/php/.env.local | 60 ++- configs/php/firebase-fcm-dotdot-key.json | 13 + configs/php/www.conf | 455 ++++++++++++++++++ configs/php/zz-docker.conf | 5 + configs/rabbitmq/enabled_plugins | 1 + docker-compose.yml | 161 ++++++- 25 files changed, 1383 insertions(+), 70 deletions(-) mode change 100644 => 100755 .env create mode 100644 configs/admin/.env create mode 100755 configs/admin/entrypoint.sh create mode 100644 configs/dashboard/.env create mode 100644 configs/lms/.env create mode 100755 configs/lms/entrypoint.sh create mode 100755 configs/mlatrucks/.env create mode 100755 configs/mltorgtrans/.env create mode 100644 configs/nginx/conf.d/admin.conf rename configs/nginx/{templates/default => conf.d/lms.conf} (50%) create mode 100644 configs/nginx/conf.d/rabbitmq.conf create mode 100644 configs/nginx/ssl/dot2023.crt create mode 100644 configs/nginx/ssl/dot2023.key create mode 100644 configs/nginx/ssl/dot2024.crt create mode 100644 configs/nginx/ssl/dot2024.key create mode 100755 configs/nuxt/entrypoint.sh create mode 100755 configs/php/firebase-fcm-dotdot-key.json create mode 100644 configs/php/www.conf create mode 100644 configs/php/zz-docker.conf create mode 100644 configs/rabbitmq/enabled_plugins diff --git a/.env b/.env old mode 100644 new mode 100755 index 935f359..09e9232 --- a/.env +++ b/.env @@ -1,8 +1,13 @@ COMPOSE_PROJECT_NAME=teste NETWORK=teste -FRONT_TAG=DDB-1101 -DOTDOT_TAG=DDB-1101 +FRONT_TAG=master +DOTDOT_TAG=master +LMS_TAG=master +DASHBORD_TAG=master +MLTORGTRANS_TAG=master +MLATRUCKS_TAG=master +ADMIN_TAG=DD-3739-STORY MYSQL_PORT=0.0.0.0:33065 MYSQL_ROOT_PASSWORD=root @@ -10,4 +15,5 @@ MYSQL_DATABASE=dot MYSQL_USER=dot MYSQL_PASSWORD=dot - +RABBITMQ_USERNAME=ddadmin +RABBITMQ_PASSWORD=Utahth9aeshahgh3saik diff --git a/app.sh b/app.sh index 86c2dea..a54bb0e 100755 --- a/app.sh +++ b/app.sh @@ -149,7 +149,7 @@ case "$1" in "tests") composer tests;; "console"*) - docker compose exec php ./bin/console ${@:2};; + docker compose exec --user www-data php ./bin/console ${@:2};; "db") docker compose exec db mysql -uroot -p${MYSQL_ROOT_PASSWORD};; "db-create") diff --git a/configs/admin/.env b/configs/admin/.env new file mode 100644 index 0000000..016da3c --- /dev/null +++ b/configs/admin/.env @@ -0,0 +1,3 @@ +NUXT_HOST=0.0.0.0 +NUXT_PORT=3000 +DOMAIN=stagingadmin.dot-dot.ru \ No newline at end of file diff --git a/configs/admin/entrypoint.sh b/configs/admin/entrypoint.sh new file mode 100755 index 0000000..ddc99b3 --- /dev/null +++ b/configs/admin/entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +DOMAIN="${DOMAIN:-lmsadmin.dot-dot.ru}" + +for x in $(grep -lrw "lmsadmin.dot-dot.ru" .nuxt/);do + echo "replace lmsadmin.dot-dot.ru to https://${DOMAIN} in $x" + sed -i -e "s/lmsadmin.dot-dot.ru/${DOMAIN}/g" $x; +done + +"$@" diff --git a/configs/dashboard/.env b/configs/dashboard/.env new file mode 100644 index 0000000..7915ed5 --- /dev/null +++ b/configs/dashboard/.env @@ -0,0 +1,78 @@ +APP_NAME="DOT-DOT DASHBOARD" +APP_ENV=local +APP_KEY=base64:w6r+g9RVRNNbF0w/CQ10nmBYQdqy906af4UOKqhFEYQ= +APP_DEBUG=true +APP_TIMEZONE=UTC +APP_URL=https://testeadmin.dot-dot.ru +FRONTEND_URL=https://testeadmin.dot-dot.ru +ASSET_URL=https://testeadmin.dot-dot.ru +APP_EMAIL_DOMAIN="dot-dot.ru" + +APP_LOCALE=ru +APP_FALLBACK_LOCALE=ru +APP_FAKER_LOCALE=ru_RU + +APP_MAINTENANCE_DRIVER=file +# APP_MAINTENANCE_STORE=database + +BCRYPT_ROUNDS=12 + +LOG_CHANNEL=stack +LOG_STACK=single +LOG_DEPRECATIONS_CHANNEL=null +LOG_LEVEL=debug + +DEFAULT_DB_CONNECTION=dashboard + +#Параметры подключения к базе панели управления +DASHBOARD_DB_HOST=db +DASHBOARD_DB_PORT=3306 +DASHBOARD_DB_DATABASE=dashboard +DASHBOARD_DB_USERNAME=root +DASHBOARD_DB_PASSWORD=root + +#Параметры подключения к базе dot-dot +DOT_DOT_DB_HOST=db +DOT_DOT_DB_PORT=3306 +DOT_DOT_DB_DATABASE=dot +DOT_DOT_DB_USERNAME=root +DOT_DOT_DB_PASSWORD=root + +SESSION_DRIVER=database +SESSION_LIFETIME=120 +SESSION_ENCRYPT=false +SESSION_PATH=/ +SESSION_DOMAIN=null + +BROADCAST_CONNECTION=log +FILESYSTEM_DISK=local +QUEUE_CONNECTION=database + +CACHE_STORE=database +CACHE_PREFIX= + +MEMCACHED_HOST=127.0.0.1 + +REDIS_CLIENT=phpredis +REDIS_HOST=127.0.0.1 +REDIS_PASSWORD=null +REDIS_PORT=6379 + +MAIL_MAILER=log +MAIL_HOST=127.0.0.1 +MAIL_PORT=2525 +MAIL_USERNAME=null +MAIL_PASSWORD=null +MAIL_ENCRYPTION=null +MAIL_FROM_ADDRESS="hello@example.com" +MAIL_FROM_NAME="${APP_NAME}" + +AWS_ACCESS_KEY_ID= +AWS_SECRET_ACCESS_KEY= +AWS_DEFAULT_REGION=us-east-1 +AWS_BUCKET= +AWS_USE_PATH_STYLE_ENDPOINT=false + +VITE_APP_NAME="${APP_NAME}" + +OCTANE_SERVER=frankenphp diff --git a/configs/lms/.env b/configs/lms/.env new file mode 100644 index 0000000..1cae321 --- /dev/null +++ b/configs/lms/.env @@ -0,0 +1,13 @@ +NUXT_HOST=0.0.0.0 +NUXT_PORT=3000 +NUXT_ENV_DEVALUE_LOG_LEVEL=silent +WS_PROTOCOL=wss +BASE_URL=https://testelms.dot-dot.ru/ +API_URL=https://testelms.dot-dot.ru/ +DOMAIN=testelms.dot-dot.ru + +APP_HOST=testelms.dot-dot.ru +APP_SCHEME=https +APP_ENVIRONMENT=production +DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 +YANDEX_METRIKA_ID=5015695 diff --git a/configs/lms/entrypoint.sh b/configs/lms/entrypoint.sh new file mode 100755 index 0000000..9555071 --- /dev/null +++ b/configs/lms/entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh -x + +DOMAIN="${DOMAIN:-lms.dot-dot.ru}" + +for x in $(grep -lrw "lms.dot-dot.ru" .nuxt/);do + echo "replace lms.dot-dot.ru to https://${DOMAIN} in $x" + sed -i -e "s/lms.dot-dot.ru/${DOMAIN}/g" $x; +done + +"$@" diff --git a/configs/mlatrucks/.env b/configs/mlatrucks/.env new file mode 100755 index 0000000..c5ce0e7 --- /dev/null +++ b/configs/mlatrucks/.env @@ -0,0 +1,71 @@ +APP_NAME="DOT-DOT MLATRUCKS" +APP_ENV=production +APP_KEY=base64:rjt6Sy7r9csxhvPHTIzs7/rIlJpuC1Rc6hAulPvcrKk= +APP_DEBUG=false +APP_TIMEZONE=UTC +APP_URL=http://localhost +APP_EMAIL_DOMAIN="dot-dot.ru" + +APP_LOCALE=ru +APP_FALLBACK_LOCALE=ru +APP_FAKER_LOCALE=ru_RU + +APP_MAINTENANCE_DRIVER=file +# APP_MAINTENANCE_STORE=database + +BCRYPT_ROUNDS=12 + +LOG_CHANNEL=stack +LOG_STACK=single +LOG_DEPRECATIONS_CHANNEL=null +LOG_LEVEL=debug + +DEFAULT_DB_CONNECTION=default + +#Параметры подключения к базе +DB_HOST=db +DB_PORT=3306 +DB_DATABASE=ml_atrucks +DB_USERNAME=root +DB_PASSWORD=root +DB_CONNECTION=pgsql + + + +SESSION_DRIVER=database +SESSION_LIFETIME=120 +SESSION_ENCRYPT=false +SESSION_PATH=/ +SESSION_DOMAIN=null + +BROADCAST_CONNECTION=log +FILESYSTEM_DISK=local +QUEUE_CONNECTION=database + +CACHE_STORE=database +CACHE_PREFIX= + +MEMCACHED_HOST=127.0.0.1 + +REDIS_CLIENT=phpredis +REDIS_HOST=127.0.0.1 +REDIS_PASSWORD=null +REDIS_PORT=6379 + +MAIL_MAILER=log +MAIL_HOST=127.0.0.1 +MAIL_PORT=2525 +MAIL_USERNAME=null +MAIL_PASSWORD=null +MAIL_ENCRYPTION=null +MAIL_FROM_ADDRESS="hello@example.com" +MAIL_FROM_NAME="${APP_NAME}" + +AWS_ACCESS_KEY_ID= +AWS_SECRET_ACCESS_KEY= +AWS_DEFAULT_REGION=us-east-1 +AWS_BUCKET= +AWS_USE_PATH_STYLE_ENDPOINT=false + +VITE_APP_NAME="${APP_NAME}" +DOT_DOT_HOST=http://dot-dot.local diff --git a/configs/mltorgtrans/.env b/configs/mltorgtrans/.env new file mode 100755 index 0000000..eae13a8 --- /dev/null +++ b/configs/mltorgtrans/.env @@ -0,0 +1,68 @@ +APP_NAME="DOT-DOT DASHBOARD" +APP_ENV=production +APP_KEY=base64:YSdqiavko2+RJzLXL/0NIJdhnL/Lpow9IhzGE2OqCFw= +APP_DEBUG=false +APP_TIMEZONE=UTC +APP_URL=http://localhost +APP_EMAIL_DOMAIN="dot-dot.ru" + +APP_LOCALE=ru +APP_FALLBACK_LOCALE=ru +APP_FAKER_LOCALE=ru_RU + +APP_MAINTENANCE_DRIVER=file +# APP_MAINTENANCE_STORE=database + +BCRYPT_ROUNDS=12 + +LOG_CHANNEL=stack +LOG_STACK=single +LOG_DEPRECATIONS_CHANNEL=null +LOG_LEVEL=debug + +DEFAULT_DB_CONNECTION=default + +#Параметры подключения к базе +DB_HOST=db +DB_PORT=3306 +DB_DATABASE=ml_torgtrans +DB_USERNAME=root +DB_PASSWORD=root + +SESSION_DRIVER=database +SESSION_LIFETIME=120 +SESSION_ENCRYPT=false +SESSION_PATH=/ +SESSION_DOMAIN=null + +BROADCAST_CONNECTION=log +FILESYSTEM_DISK=local +QUEUE_CONNECTION=database + +CACHE_STORE=database +CACHE_PREFIX= + +# MEMCACHED_HOST=127.0.0.1 + +REDIS_CLIENT=phpredis +REDIS_HOST=redis +REDIS_PASSWORD=null +REDIS_PORT=6379 + +MAIL_MAILER=log +MAIL_HOST=127.0.0.1 +MAIL_PORT=2525 +MAIL_USERNAME=null +MAIL_PASSWORD=null +MAIL_ENCRYPTION=null +MAIL_FROM_ADDRESS="hello@example.com" +MAIL_FROM_NAME="${APP_NAME}" + +AWS_ACCESS_KEY_ID= +AWS_SECRET_ACCESS_KEY= +AWS_DEFAULT_REGION=us-east-1 +AWS_BUCKET= +AWS_USE_PATH_STYLE_ENDPOINT=false + +VITE_APP_NAME="${APP_NAME}" +DOT_DOT_HOST=http://dot-dot.local diff --git a/configs/nginx/conf.d/admin.conf b/configs/nginx/conf.d/admin.conf new file mode 100644 index 0000000..3ab1023 --- /dev/null +++ b/configs/nginx/conf.d/admin.conf @@ -0,0 +1,16 @@ +server { + server_name testeadmin.dot-dot.ru; + client_max_body_size 10m; + + location / { + proxy_pass http://dashboard:80; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + } +} diff --git a/configs/nginx/conf.d/default.conf b/configs/nginx/conf.d/default.conf index c5b15ea..31fc78f 100644 --- a/configs/nginx/conf.d/default.conf +++ b/configs/nginx/conf.d/default.conf @@ -1,8 +1,22 @@ server { + listen 80; + server_name teste.dot-dot.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl ; server_name teste.dot-dot.ru; + ssl_certificate /etc/nginx/ssl/dot2024.crt; + ssl_certificate_key /etc/nginx/ssl/dot2024.key; + + root /application/public; + client_max_body_size 30m; + client_body_buffer_size 30M; + location / { proxy_pass http://nuxt:3000; proxy_http_version 1.1; @@ -18,8 +32,9 @@ server { location /socket.io/auctionreload { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_pass http://php:9000; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_pass http://php:8080/; } location @rewriteapp { @@ -34,10 +49,6 @@ server { try_files $uri @rewriteapp; } - # location /help { - # alias /application/help-platform/src/.vuepress/dist; - #} - location /api { rewrite ^(.*)$ /index.php/$1 last; } @@ -66,7 +77,7 @@ server { try_files $uri @rewriteapp; } - location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { + location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { proxy_pass http://static; } @@ -99,7 +110,7 @@ server { add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; - fastcgi_pass php:9001; + fastcgi_pass backend:9001; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; diff --git a/configs/nginx/templates/default b/configs/nginx/conf.d/lms.conf similarity index 50% rename from configs/nginx/templates/default rename to configs/nginx/conf.d/lms.conf index 2237cc4..a9e9a49 100644 --- a/configs/nginx/templates/default +++ b/configs/nginx/conf.d/lms.conf @@ -1,10 +1,23 @@ server { - server_name teste.dot-dot.ru; + listen 80; + server_name testelms.dot-dot.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name testelms.dot-dot.ru; + + ssl_certificate /etc/nginx/ssl/dot2024.crt; + ssl_certificate_key /etc/nginx/ssl/dot2024.key; root /application/public; + client_max_body_size 30m; + + location / { - proxy_pass http://nuxt:3000; + proxy_pass http://lms:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; @@ -16,26 +29,26 @@ server { } location /socket.io/auctionreload { + access_log /var/log/nginx/ws_access.log json; + error_log /var/log/nginx/ws_error.log; + proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_pass http://php:${PHP_SOCKET_PORT}/; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_pass http://php:8080/; } location @rewriteapp { rewrite ^(.*)$ /index.php/$1 last; } - location /storybook { - alias /application/nuxt/storybook-static; - } + # location /storybook { + # alias /application/nuxt/storybook-static; + # } location /logout { - try_files $uri @rewriteapp; - } - - location /help { - alias /application/help-platform/src/.vuepress/dist; + try_files $uri @rewriteapp; } location /api { @@ -66,37 +79,46 @@ server { try_files $uri @rewriteapp; } + location ~* \/admin\/.*(js|jpg|png|css|woff|woff2)$ { + proxy_pass http://static; + } + location /media { try_files $uri @rewriteapp; } location /img { - alias /application/public/img; - } + proxy_pass http://static; + # alias /application/public/img; + # try_files $uri /index.php$request_uri; + # expires 6M; + } + + location /robots.txt { + proxy_pass http://static; + } location ~ ^/index\.php(/|$) { if ($request_method = 'OPTIONS') { - add_header 'Access-Control-Allow-Origin' $http_origin; - add_header 'Access-Control-Allow-Credentials' 'true'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; - add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; - add_header 'Access-Control-Max-Age' 1728000; - add_header 'Content-Type' 'text/plain charset=UTF-8'; - add_header 'Content-Length' 0; - return 204; + add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; } - add_header 'Access-Control-Allow-Origin' $http_origin; + #add_header 'Access-Control-Allow-Origin' $http_origin; + add_header 'Access-Control-Allow-Origin' *; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Expeditor-Domain,Authorization'; - fastcgi_pass php:9001; + fastcgi_pass backend:9001; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } - - error_log /var/log/nginx/dot_dot_error.log; - access_log /var/log/nginx/dot_dot_access.log; -} \ No newline at end of file +} diff --git a/configs/nginx/conf.d/rabbitmq.conf b/configs/nginx/conf.d/rabbitmq.conf new file mode 100644 index 0000000..9a7f27c --- /dev/null +++ b/configs/nginx/conf.d/rabbitmq.conf @@ -0,0 +1,48 @@ +server { + listen 80; + server_name testerabbitmq.dot-dot.ru; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl; + server_name testerabbitmq.dot-dot.ru; + + access_log /var/log/nginx/rabbitmqteste.dot-dot.ru_access.log json; + error_log /var/log/nginx/rabbitmqteste.dot-dot.ru_error.log; + + ssl_certificate /etc/nginx/ssl/dot2024.crt; + ssl_certificate_key /etc/nginx/ssl/dot2024.key; + + proxy_buffer_size 128k; + proxy_buffers 4 128k; + client_body_buffer_size 32k; + client_header_buffer_size 256k; + large_client_header_buffers 4 256k; + + location / { + client_max_body_size 600m; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://rabbitmq:15672; + proxy_connect_timeout 600; + proxy_send_timeout 600; + proxy_read_timeout 600; + send_timeout 600; + } + + location /metrics { + client_max_body_size 600m; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Scheme $scheme; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://rabbitmq:15692/metrics; + proxy_connect_timeout 600; + proxy_send_timeout 600; + proxy_read_timeout 600; + send_timeout 600; + } +} \ No newline at end of file diff --git a/configs/nginx/ssl/dot2023.crt b/configs/nginx/ssl/dot2023.crt new file mode 100644 index 0000000..6dac8f0 --- /dev/null +++ b/configs/nginx/ssl/dot2023.crt @@ -0,0 +1,89 @@ +-----BEGIN CERTIFICATE----- +MIIHQTCCBimgAwIBAgIMYVwKHoDdXb8WTFQpMA0GCSqGSIb3DQEBCwUAMEwxCzAJ +BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB +bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEc0MB4XDTIzMDgwMjE0MTYxN1oXDTI0MDkw +MjE0MTYxNlowFzEVMBMGA1UEAwwMKi5kb3QtZG90LnJ1MIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCV +dDp4+ffuBFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9Cq +VVT1F3s+YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4Nex +VqHnL4ClHvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZ +yebOxix+4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ON +hUo3nNd8zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR +2CCzy9maj4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7Or +ikVdMcDb68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEe +hdTSpoASD/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt +/GmjwJlFCWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5A +bRb6YRW+wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivz +jxcCAwEAAaOCA1YwggNSMA4GA1UdDwEB/wQEAwIFoDCBkwYIKwYBBQUHAQEEgYYw +gYMwRgYIKwYBBQUHMAKGOmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj +ZXJ0L2FscGhhc3NsY2FzaGEyNTZnNC5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9v +Y3NwLmdsb2JhbHNpZ24uY29tL2FscGhhc3NsY2FzaGEyNTZnNDBXBgNVHSAEUDBO +MAgGBmeBDAECATBCBgorBgEEAaAyCgEDMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v +d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAwQQYDVR0f +BDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9hbHBoYXNzbGNh +c2hhMjU2ZzQuY3JsMCMGA1UdEQQcMBqCDCouZG90LWRvdC5ydYIKZG90LWRvdC5y +dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUT8us +qMLvq92Db2u/zpg9XFgldhUwHQYDVR0OBBYEFIt9yZp7jkyW2E7F5+NDJJmTMtN/ +MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDuzdBk1dsazsVct520zROiModG +fLzs3sNRSFlGcR+1mwAAAYm2m1GuAAAEAwBHMEUCIQDVSAsUx+m51oyOz+83SGL2 +JpUGiUKiXgInZsWbG25VygIgLF23BEmAoRV+PFPclVuHrztd4lQecA+32tvUZ3xf +OWQAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYm2m07AAAAE +AwBGMEQCIE14pWcPqQC25z/q0FR5PaU+xIilbLwXvYm1UvJSajPDAiBEYH/fq9iP +pnK9z+7aLua2mh6uF2RMHRtcE/nbsr2tcQB2ANq2v2s/tbYin5vCu1xr6HCRcWy7 +UYSFNL2kPTBI1/urAAABibabTscAAAQDAEcwRQIgQlo7NdtTa6cyiAKdsfozkLMQ +wt+D4WZCcdzk9GYul74CIQCa7MvbM4pP0jSLN6MYWPEAt0hXiDzHKihtVt0ChW0R +qDANBgkqhkiG9w0BAQsFAAOCAQEAB338wY8/u9tawPiCdr6dD10SO9+mQNCv83xI +Qa7IQ/33VQUMQ6qCMYTLZqu7c/e1x587UG7TLf0I3awEfBbLeMkTJKEooCK9VG3O +nfWD/lTwvr13lEpKuEEx643eqirxJEv3bQTHpQBn1Pkm9Svw/LJWi/bUKg0VNjYs +jQrZYH0q3jzx3dV3S5hUCjGL6d0tflD5w5YHWWMaEuVsn7yYovAROKnYOWuVisPJ +YRA6cADR39usU1CyLTSb50PHUOosnp+YqZCzVkU2Z/gPLyXjiRKU6wou8baSoDHu +KoxoGK4YfjizRTAdEexD+LHh0s1Ev6gr9OetJWPjbhghNGPIbw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG +A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv +b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw +MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i +YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT +aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ +jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp +xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp +1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG +snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ +U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 +9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B +AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz +yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE +38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP +AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad +DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME +HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEijCCA3KgAwIBAgIQfU1CqStDHX5kU+fBmo1YdzANBgkqhkiG9w0BAQsFADBX +MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE +CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIyMTAx +MjAzNDk0M1oXDTI3MTAxMjAwMDAwMFowTDELMAkGA1UEBhMCQkUxGTAXBgNVBAoT +EEdsb2JhbFNpZ24gbnYtc2ExIjAgBgNVBAMTGUFscGhhU1NMIENBIC0gU0hBMjU2 +IC0gRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtJCmVZhWIPzOH +A3jP1QwkuDFT8/+DImyZlSt85UpZwq7G0Sqd+n8gLlHIZypQkad5VkT7OLU+MI78 +lC7LVwxpU19ExlaWL67ANyWG8XHx3AJFQoZhuDbvUeNzRQyQs6XS5wN6uDlF0Bf1 +AtCUQWrGGLGYwyC1xTrzgrFKpESsIXMqklUGTsh8i7DKZhRUVfgrPLJUkbbLUrLY +42+KRCiwfSvBloC5PgDYnj3oMZ1aTe3Wfk3l1I4D3RKaJ4PU1qHXhHJOge2bjGIG +l6MsaBN+BB2sr6EnxX0xnMIbew2oIfOFoLqs47vh/GH4JN0qql2WBHfDPVDm3b+G +QxY6N/LXAgMBAAGjggFbMIIBVzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI +KwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE +FE/LrKjC76vdg29rv86YPVxYJXYVMB8GA1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTN +NKj//P1LMHoGCCsGAQUFBwEBBG4wbDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Au +Z2xvYmFsc2lnbi5jb20vcm9vdHIxMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJl +Lmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIxLmNydDAzBgNVHR8ELDAqMCig +JqAkhiJodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QuY3JsMCEGA1UdIAQa +MBgwCAYGZ4EMAQIBMAwGCisGAQQBoDIKAQMwDQYJKoZIhvcNAQELBQADggEBABol +9nNkiECpWQenQ7oVP1FhvRX/LWTdzXpdMmp/SELnEJhoOe+366E0dt8tWGg+ezAc +DPeGYPmp83nAVLeDpji7Nqu8ldB8+G/B6U9GB8i2DDIAqSsFEvcMbWb5gZ2/DmRN +cifGi9FKAuFu2wyft4s4DHwzL2CJ2zjMlUOM3RaE1cxuOs+Om6MCD9G7vnkAtSiC +/OOfHO902f4yI2a48K+gKaAf3lISFXjd32pwQ21LpM3ueIGydaJ+1/z8nv+C7SUT +5bHoz7cYU27LUvh1n2WSNnC6/QwFSoP6gNKa4POO/oO13xjhrLRHJ/04cKMbRALt +JWQkPacJ8SJVhB2R7BI= +-----END CERTIFICATE----- diff --git a/configs/nginx/ssl/dot2023.key b/configs/nginx/ssl/dot2023.key new file mode 100644 index 0000000..a9c3884 --- /dev/null +++ b/configs/nginx/ssl/dot2023.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAz6xhGhA8PUZbJ1F9viMiaO4ZiAjSW9YwooX9ATCVdDp4+ffu +BFGel8IxxzxcBIQy4GToEfMgoViifL6OnX0OOQLDEfrWQYATXmkEz9CqVVT1F3s+ +YVxBrdTRpgvPwPb5mFyJ1XtKnyNf7Flb9SKER5Nk8PRY3XOKellv4NexVqHnL4Cl +HvOdsZYNzV3jHJ7CMwQb17h6Qfr9Q7dReLl02xVGbE2sFOLqDbBMq7KZyebOxix+ +4L1p9uT3cqE2Us2rRT5RFP5tmgdB3ALIlID4hfiwlNtSSvgPOaML+6ONhUo3nNd8 +zvKa4n9ta9hWAhSe0iBXs2IS3DBTaDJqCm83HW34hp0K0WrBaH8v+RbR2CCzy9ma +j4u2wJ95Rqkyj3usc/60wYMBe86cQh1WYMJJDVUPKlctwWFBqsuWr7OrikVdMcDb +68w+FcEIQGYjVe9tASDAlu4pV0e2KdbtqjX/JgrMf1gRBp0JuPDryzEehdTSpoAS +D/lOp4dXrm6OIGDhQdl2KCvpG3TysFaUDdvoSkLm9CAPqNcICf+XQGpt/GmjwJlF +CWaxlKIec7v9wOdZNr4bbz2Gy8QzbbDfhj34hCUqrJbaNs8KidW8VK5AbRb6YRW+ +wjkoeeouoyE2BpspVhuqjwI49Rrc4tWWbqsdV15eaGHuxH8MhzKqIivzjxcCAwEA +AQKCAgEAri0Pi8KOI348uW9ZnPzuwT7hXvy3IZs1Uzo5hqPu1XqtOEm+8RRbhUC0 +azuumYMfAKDhGxzlAy3JqgJQrrnSEfLFFPFifbEjjY1bIckK82K75SPSn+m2lEro +QvGpH1iE4krKt6geX/ZVX29a9vAqLbXrdUQavDFJtXAJq3R8IgLMWUT2OE1utyD5 +FoNmFfz5N7x8daMdtvUBMagwxqYU4iKn2/IRH7tpPm3dACxdW78fMYrkJy32D8Ld +3uBjJXOl7/9iFc+GsSbhD9utyw+YYRTBVTfVf1cpvdeIF1eHPIGQvxTkctV7Hfhu +F4NsL3aH9gh2Rdc9pjtJ2RxfX70DZUJ+mDguAwkVDeLlrxUqanqRAUew9mw4yqFd +Jni5MeSU6+1aSA6rDlCMsXdpaIfozcj9UHfvs8aNTLV0iHs6QG0NVOJhm/DtzPfb +SFQhtJ93CPeuWqdNylFiq0mdhHv09RWiSXOwDZbRmZGdfR8KVEg91LBLw9v+F51L +ewSFZMH6akr+6H6D1kjLumAQsUF6nEsPpVoRZHzvlpUVUKV7q+BI1N/Fqlncw9I+ +9IysFimQbfx9itFlzNfMYOQ1pfP51nuiCflojlOJUP4n3YnzdJA37AwXSZYndyiW +PsX5CWYEOn+IW8TnS9ZoGT1YfsOnNx0oDW6RTu+5m7LjNvnu8jECggEBAO3onsfT +oU/E8AAFf3FVNrGI4GuUWu9Nl1+vClMFRpyOeiSafVvodXg6fgckhOr8KQlfwB1r +QBXz/zkUKV3lWGuONx4z9NAlUB5Nvb3uHof6nWgE4ZZ74CjXR3IZM9WlbcOxB4YV +KjBT+IgvbKv7UdbKGpFq/wZWT1t8MwbjcDcwLSvxXcZOF/VQB7EJftht24Z5Mqfn +B8u2Z6afS2VlX3GbVg8ymsT+ohrKZSsIScrD/c52rDUkiIYldLSljRBaRCxlXwBx +kUMNQvYMtRSv/b22cSAZDXV8vN8gby7XZMM6f3UKYF9BCbxbJvpwbGOsBqrsWySo +JwiayvBMw8kNn9sCggEBAN93KqwxIKplr8yaLc9vFqXR/dLIJkK2YvaYTK9NjGVb +4U5Z18K+Yv57dy7M7sDay61uHG52YEpbiyALD+XaVcWpYBNOvuNiu35Oa4WOdV7N +4yU5+DcjhgJySeiQ64NW8s88yD6pmHzFxXYgKkLkkr2EqaL+yvCYVCs1o5bV0boo +2Y8n8UxjgLSxVWHWALW38IfbI1nkK/IabWO1hl1m8pdXaPZax68NIp3R8YFyWHep +JiJryUAtSbo3QLdXM90OFPLtiSY1faHcvzb7FZ6ux8RKbbXAIkNTcjnf66AQhVNp +jykYRcALX+r+Xj6RLPypwniGDqlhao1dlw2s+VokgHUCggEBALTj2EaLrO1gCjOZ ++oqLhih6sFhb1sB5OI1yI+F383Z6BnjqVkKZfyfJIaYAqGebDwCnowU7VODcQsR9 +he50wUQWP+ZhDtVsaXyBE7Hj6abucNx0SaoHyiqDdTlV3EmnnMvcQKI8WXWhgyjZ +FkG1t0YfKRBEUF/bJD+lMY8dQ2dS5CWzQd/T5PeKwC5lz+JztSSL5m4vhYfoyuqv +173i1C0nNModafw6t7qzBTUw+hqH5uUi6lEF1CBbPl9UOOukFo3DDfbiYtaesLkw +dEakgcPLgjwrkEYyb9Efciolb+HZCqxNFXWXl/V1QS/OZztpwzAWwj4e9H7gY0lO +tNab210CggEAJtLTTRsz66bDBi77KoDIVILJMGepjgmV4/XNzN8SN0HhQPWG8MSW ++lOE/1KHYGYi4Lyyn9ZdIE4LO8PwPSTTpgWpNXGG5IZwwJ7rO0bmyVPH1N3fa+T2 +EVK92HPlFupyQOL0fz6DyZmqlr072mdPvzFfL3xI0cgFR4SIKVp4l3klYyOzXmwj +HkF47gh6Exgj59aAq8tifytsOdh9wZhzKSv8hmB7NMR5cSXaaXzuNcvjXjOPwWCc +4Idc7P1ve0ZJCXOPUl4Ut5xcdDbnKKyA9G9h5CO/UCcdP0TR8PstzrIWNzOKWrUf +MvqCcShTwonTyZCw12ifVHQgHDYjFDAnSQKCAQAqlEkgCuA9ObOsj7W4KM/OjWd/ +wK8EC9oESdBOl9fn/pAktyh73GYYsIqwaHFRDcTLr74ULdqx+4vsOvCXl0wMMFOq +iAZdba8CYtjFVDudJf3oJceSHiITocJqo4H4zOxeL0K1ssoX5caN5kYzYufCfKKH +dGEPWnI+l3akR1kqHL6Xoq0YluPGh6PhkV2X6tuUf4G5K1NEdT4+KE1IeJqFviLd +mOE5sErWyUrQotsI2n14gsdONOwS0FkElGlEZgCPu2uiXhrYeUf+R4r/V3MNtwVl +aFk8InJnkfr7XitOv/Q+eJThwhnnNCrefLj/x9vAHUrNvRf+NpKr1xSDk9fk +-----END RSA PRIVATE KEY----- diff --git a/configs/nginx/ssl/dot2024.crt b/configs/nginx/ssl/dot2024.crt new file mode 100644 index 0000000..c3da3d4 --- /dev/null +++ b/configs/nginx/ssl/dot2024.crt @@ -0,0 +1,107 @@ +-----BEGIN CERTIFICATE----- +MIIHVjCCBj6gAwIBAgIMUR4H/7XMBL9Q9JAXMA0GCSqGSIb3DQEBCwUAMFUxCzAJ +BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSswKQYDVQQDEyJH +bG9iYWxTaWduIEdDQyBSNiBBbHBoYVNTTCBDQSAyMDIzMB4XDTI0MDgxNDA0MjQz +MVoXDTI1MDkxNTA0MjQzMFowFzEVMBMGA1UEAwwMKi5kb3QtZG90LnJ1MIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA8eI42aZ18C3CHE8CEcUhMwCbfPle +RZg0Egj+gqyiGa/RXjpWm0Zq9MKhOPnal0h2VlFxFNAeyRcy/x7QZloUIDegZYUZ +UW4lMYiEwF9jSXINlfuzgKQhMPB9wnJhNt+O1gdO3u0FVy1ChBv6eat480gvi0wq +EEE6YC09OjFRbErlF1jAFL1QIPOw0xqZrafRp+qfK3DJc8IZsuzhVFIV+CyBA897 +zrUwbF7aYTGwKotk6w11L1TZwK1iiUSkvAGOu1V6LMod3WlHE8YICp3lPuEsj9Zr +nJl0x+3/4XSS7ogcInUdFopf9odLD6umGk1xDIA7uCm9hlyA/YQBmyYinngXyfy1 +6WTDLdIsCNzZpiRvbPxbxvAp7Exmqs5xWmb4qSYSThdZgp/ucJUiN3MWbYcc9fP2 +/wifmes9OlfoAV/QlrpehpaP86VavkS0rBrUGf0OSdC0w79ZAllZeamU9zLHWwIi +LfpzmlqCC9EXrK0GWTl/K2CLgYifoIi8m3053kKKVIXLfuYSlotv9y3hRKxkW0b6 +dtLhP3LjN+lvR7BNKTCNhafyIuHLcXHnj6yKkSYoH/wd/rkQCjlQx8dG419ouW9t +oiSch6x4O/aLyFY3aO4/GnoECLUyUtsrPowF87QE6iiaxI6EokW9HF9hN85OxQ+u +wd7w3gTvSLWR3DcCAwEAAaOCA2IwggNeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB +Af8EAjAAMIGZBggrBgEFBQcBAQSBjDCBiTBJBggrBgEFBQcwAoY9aHR0cDovL3Nl +Y3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3NnY2NyNmFscGhhc3NsY2EyMDIz +LmNydDA8BggrBgEFBQcwAYYwaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vZ3Nn +Y2NyNmFscGhhc3NsY2EyMDIzMFcGA1UdIARQME4wCAYGZ4EMAQIBMEIGCisGAQQB +oDIKAQMwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20v +cmVwb3NpdG9yeS8wRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5nbG9iYWxz +aWduLmNvbS9nc2djY3I2YWxwaGFzc2xjYTIwMjMuY3JsMCMGA1UdEQQcMBqCDCou +ZG90LWRvdC5ydYIKZG90LWRvdC5ydTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB +BQUHAwIwHwYDVR0jBBgwFoAUvQW384qTPHPLefoPhRKhd5YYkXQwHQYDVR0OBBYE +FEFaB0lwsh68jY4d3zGJ8RSUenjoMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA +dQCvGBoo1oyj4KmKTJxnqwn4u7wiuq68sTijoZ3T+bYDDQAAAZFPIWD2AAAEAwBG +MEQCIBr9tqm+1D7C4ecXmA7ne6gHVeLgGOFf3jjnYdz80JWhAiASjtZlH8rYzLwF +3AX/Cfo+7KfRG+mbk2FY9OKJuu7bWgB1ABLxTjS9U3JMhAYZw48/ehP457Vih4ic +bTAFhOvlhiY6AAABkU8hYO0AAAQDAEYwRAIgSFiFncqd8KmZrv8brFZAaKzbCjR1 +GU5ygJCv2K9xWnsCIFuwzf8leBa2eSKvSY7MCUgxXgRFl7rYjPjc6Foap0hyAHcA +DeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGRTyFhEgAABAMASDBG +AiEAxlxp+G3ArhozCos4yDTtLSB4sZ8496/R0WAlUqRLeRYCIQDKszlCeQNZB83Y +XGVCkPV+unVCmfKuuUJei1Md9GHjhjANBgkqhkiG9w0BAQsFAAOCAQEAg/1URGZb +xq8lMzrDb95Exkqm45FHLVbifPBSqiyCVtqa9VWDkyAQqCHhaCCB0N1YmCZGbXZy +HefWc8f/v4Kxam/8IpUXAH7U7sWZhX6p1yRn6Z5+FnWoyr1I6t/tDv1yBvB2EsKe +jJPLLPq41Aw6QP5EZ8Eks1VREW5aq2a+8WDJKnL3CCCtlIBh6cntADzZBBE2Zb2E +0/lM83sGLj9vAFw/PIkE/OCVobtpcj56O1UYZs/RDbLNhPUmhUhpSHSaiWU7VXeR +PoLgStsJrBZTSg1bdj8HK32lTzKcYspWwvjzbPclllxGzqKLTIdtCA9SbIl+363n +YMEkGJPyfIu4uQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFjDCCA3SgAwIBAgIQfx8skC6D0OO2+zvuR4tegDANBgkqhkiG9w0BAQsFADBM +MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xv +YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMzA3MTkwMzQzMjVaFw0y +NjA3MTkwMDAwMDBaMFUxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu +IG52LXNhMSswKQYDVQQDEyJHbG9iYWxTaWduIEdDQyBSNiBBbHBoYVNTTCBDQSAy +MDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00Jvk5ADppO0rgDn +j1M14XIb032Aas409JJFAb8cUjipFOth7ySLdaWLe3s63oSs5x3eWwzTpX4BFkzZ +bxT1eoJSHfT2M0wZ5QOPcCIjsr+YB8TAvV2yJSyq+emRrN/FtgCSTaWXSJ5jipW8 +SJ/VAuXPMzuAP2yYpuPcjjQ5GyrssDXgu+FhtYxqyFP7BSvx9jQhh5QV5zhLycua +n8n+J0Uw09WRQK6JGQ5HzDZQinkNel+fZZNRG1gE9Qeh+tHBplrkalB1g85qJkPO +J7SoEvKsmDkajggk/sSq7NPyzFaa/VBGZiRRG+FkxCBniGD5618PQ4trcwHyMojS +FObOHQIDAQABo4IBXzCCAVswDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsG +AQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBS9 +BbfzipM8c8t5+g+FEqF3lhiRdDAfBgNVHSMEGDAWgBSubAWjkxPioufi1xzWx/B/ +yGdToDB7BggrBgEFBQcBAQRvMG0wLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5n +bG9iYWxzaWduLmNvbS9yb290cjYwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUu +Z2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3QtcjYuY3J0MDYGA1UdHwQvMC0wK6Ap +oCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yNi5jcmwwIQYDVR0g +BBowGDAIBgZngQwBAgEwDAYKKwYBBAGgMgoBAzANBgkqhkiG9w0BAQsFAAOCAgEA +fMkkMo5g4mn1ft4d4xR2kHzYpDukhC1XYPwfSZN3A9nEBadjdKZMH7iuS1vF8uSc +g26/30DRPen2fFRsr662ECyUCR4OfeiiGNdoQvcesM9Xpew3HLQP4qHg+s774hNL +vGRD4aKSKwFqLMrcqCw6tEAfX99tFWsD4jzbC6k8tjSLzEl0fTUlfkJaWpvLVkpg +9et8tD8d51bymCg5J6J6wcXpmsSGnksBobac1+nXmgB7jQC9edU8Z41FFo87BV3k +CtrWWsdkQavObMsXUPl/AO8y/jOuAWz0wyvPnKom+o6W4vKDY6/6XPypNdebOJ6m +jyaILp0quoQvhjx87BzENh5s57AIOyIGpS0sDEChVDPzLEfRsH2FJ8/W5woF0nvs +BTqfYSCqblQbHeDDtCj7Mlf8JfqaMuqcbE4rMSyfeHyCdZQwnc/r9ujnth691AJh +xyYeCM04metJIe7cB6d4dFm+Pd5ervY4x32r0uQ1Q0spy1VjNqUJjussYuXNyMmF +HSuLQQ6PrePmH5lcSMQpYKzPoD/RiNVD/PK0O3vuO5vh3o7oKb1FfzoanDsFFTrw +0aLOdRW/tmLPWVNVlAb8ad+B80YJsL4HXYnQG8wYAFb8LhwSDyT9v+C1C1lcIHE7 +nE0AAp9JSHxDYsma9pi4g0Phg3BgOm2euTRzw7R0SzU= +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIFgzCCA2ugAwIBAgIORea7A4Mzw4VlSOb/RVEwDQYJKoZIhvcNAQEMBQAwTDEg +MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjYxEzARBgNVBAoTCkdsb2Jh +bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQxMjEwMDAwMDAwWhcNMzQx +MjEwMDAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjET +MBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCAiIwDQYJ +KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJUH6HPKZvnsFMp7PPcNCPG0RQssgrRI +xutbPK6DuEGSMxSkb3/pKszGsIhrxbaJ0cay/xTOURQh7ErdG1rG1ofuTToVBu1k +ZguSgMpE3nOUTvOniX9PeGMIyBJQbUJmL025eShNUhqKGoC3GYEOfsSKvGRMIRxD +aNc9PIrFsmbVkJq3MQbFvuJtMgamHvm566qjuL++gmNQ0PAYid/kD3n16qIfKtJw +LnvnvJO7bVPiSHyMEAc4/2ayd2F+4OqMPKq0pPbzlUoSB239jLKJz9CgYXfIWHSw +1CM69106yqLbnQneXUQtkPGBzVeS+n68UARjNN9rkxi+azayOeSsJDa38O+2HBNX +k7besvjihbdzorg1qkXy4J02oW9UivFyVm4uiMVRQkQVlO6jxTiWm05OWgtH8wY2 +SXcwvHE35absIQh1/OZhFj931dmRl4QKbNQCTXTAFO39OfuD8l4UoQSwC+n+7o/h +bguyCLNhZglqsQY6ZZZZwPA1/cnaKI0aEYdwgQqomnUdnjqGBQCe24DWJfncBZ4n +WUx2OVvq+aWh2IMP0f/fMBH5hc8zSPXKbWQULHpYT9NLCEnFlWQaYw55PfWzjMpY +rZxCRXluDocZXFSxZba/jJvcE+kNb7gu3GduyYsRtYQUigAZcIN5kZeR1Bonvzce +MgfYFGM8KEyvAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSubAWjkxPioufi1xzWx/B/yGdToDAfBgNVHSMEGDAWgBSu +bAWjkxPioufi1xzWx/B/yGdToDANBgkqhkiG9w0BAQwFAAOCAgEAgyXt6NH9lVLN +nsAEoJFp5lzQhN7craJP6Ed41mWYqVuoPId8AorRbrcWc+ZfwFSY1XS+wc3iEZGt +Ixg93eFyRJa0lV7Ae46ZeBZDE1ZXs6KzO7V33EByrKPrmzU+sQghoefEQzd5Mr61 +55wsTLxDKZmOMNOsIeDjHfrYBzN2VAAiKrlNIC5waNrlU/yDXNOd8v9EDERm8tLj +vUYAGm0CuiVdjaExUd1URhxN25mW7xocBFymFe944Hn+Xds+qkxV/ZoVqW/hpvvf +cDDpw+5CRu3CkwWJ+n1jez/QcYF8AOiYrg54NMMl+68KnyBr3TsTjxKM4kEaSHpz +oHdpx7Zcf4LIHv5YGygrqGytXm3ABdJ7t+uA/iU3/gKbaKxCXcPu9czc8FB10jZp +nOZ7BN9uBmm23goJSFmH63sUYHpkqmlD75HHTOwY3WzvUy2MmeFe8nI+z1TIvWfs +pA9MRf/TuTAjB0yPEL+GltmZWrSZVxykzLsViVO6LAUP5MSeGbEYNNVMnbrt9x+v +JJUEeKgDu+6B5dpffItKoZB0JaezPkvILFa9x8jvOOJckvB595yEunQtYQEgfn7R +8k8HWV+LLUNS60YMlOH1Zkd5d9VUWx+tJDfLRVpOoERIyNiwmcUVhAn21klJwGW4 +5hpxbqCo8YLoRT5s1gLXCmeDBVrJpBA= +-----END CERTIFICATE----- \ No newline at end of file diff --git a/configs/nginx/ssl/dot2024.key b/configs/nginx/ssl/dot2024.key new file mode 100644 index 0000000..50b5bbd --- /dev/null +++ b/configs/nginx/ssl/dot2024.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEA8eI42aZ18C3CHE8CEcUhMwCbfPleRZg0Egj+gqyiGa/RXjpW +m0Zq9MKhOPnal0h2VlFxFNAeyRcy/x7QZloUIDegZYUZUW4lMYiEwF9jSXINlfuz +gKQhMPB9wnJhNt+O1gdO3u0FVy1ChBv6eat480gvi0wqEEE6YC09OjFRbErlF1jA +FL1QIPOw0xqZrafRp+qfK3DJc8IZsuzhVFIV+CyBA897zrUwbF7aYTGwKotk6w11 +L1TZwK1iiUSkvAGOu1V6LMod3WlHE8YICp3lPuEsj9ZrnJl0x+3/4XSS7ogcInUd +Fopf9odLD6umGk1xDIA7uCm9hlyA/YQBmyYinngXyfy16WTDLdIsCNzZpiRvbPxb +xvAp7Exmqs5xWmb4qSYSThdZgp/ucJUiN3MWbYcc9fP2/wifmes9OlfoAV/Qlrpe +hpaP86VavkS0rBrUGf0OSdC0w79ZAllZeamU9zLHWwIiLfpzmlqCC9EXrK0GWTl/ +K2CLgYifoIi8m3053kKKVIXLfuYSlotv9y3hRKxkW0b6dtLhP3LjN+lvR7BNKTCN +hafyIuHLcXHnj6yKkSYoH/wd/rkQCjlQx8dG419ouW9toiSch6x4O/aLyFY3aO4/ +GnoECLUyUtsrPowF87QE6iiaxI6EokW9HF9hN85OxQ+uwd7w3gTvSLWR3DcCAwEA +AQKCAgBHE8zU2D9r1mZl3ymigyTgUdte/AAhvzn92rq/N29i0PFbGRV+B1FCnza1 +AWakcdykPMZX8Vg6iyCnKyzeBrZHSVFOw6/O5+jyB0XLKbyJRoSLgC0dLh26vdCW +pPnAIC1e40Lf6xJYraoQHBCcVDD0fE/MRRNPN3up62FEil18zv1GwQOglIjJRhK9 +1eE20EuhZiZjo37vDyhyFX2ZQ43FIX6/2eZttXyHO9A8I1e7CL8c+xVmVS6vmcOM +xqkJvgNtNQ7zvmjMOTVzsAuI4yEMOyrXEZEJsWZJobxBSforMb/iuDtV9k+Ap/z8 +m9nxfLQtkjj6Qvm4U9JrrLC0IJ6nFC1Xnxx71YuwVsjvJhDidS30OSRfKTnJrRBA +Elx42ymkWuYgsw7Tt50ePGNTU6YlfrRZC/nA/65vnknzR6y7BSo+X7BdPMXKf2Kh +sFossaKbdk3FGLoNBmame4pTirR17ogE2vvNhRn2v7bs76/der6uKQkTmcWHExbB +hURVXxqaNwW3nH3rL7ooByno2zaNPbX3KgI8auUqKq66lnxG5+Ggdsl2B+yQF5x/ +S4vAAb+eJlBeFcMqvBzjLKnN5mQ0j9Cw/svvl+ckdCxVriH4EmHe4WmS6L3JbG44 +P+D4ttRL2LON1BVySB659iCzZ8Ru+774yr7NvBwsUDf1ONqaQQKCAQEA+95aRS+C +YrFcI2YoePb2+49CT9+bzQZEU6c+JMKEiSGHe+1gGVKwqLqwa8KPe9glhi/389Hg +cGFdBotrZtBM2G3QMF5VtN7LYKYqVSzMGcSmrtUU0o40pTk1mdY4zGnEjeH9c/Mr +7S5mTgQGKCCC40dAUrwVIJkqPWDCfUmLwMX85UhKaAT4jbeKcczvdGmPtugimoBD +Yc3w2U7VqEKH2LaOvpGP5rK2+dINJhYds+TesMjUV5+a1PfDWJwyjExwH9mYTHuR +Ja9Spu8W6sFjwCJg0O2vdGTfSKHyHYEdR+ABhLb1nE7w/MOFSYCCpTLhUOXkiQSC +gm2Pq3XKrD6JpwKCAQEA9dnw3gwXs1qPlS4Rv2v+6vomRb9ZIxLQozGf1Vtq97qV +jB8xPXD+6tQRfu8zGxa0n8gDjYVE92BpH5bNZ51K2Xe7Ug2hnoVutOKBO31i1o7d +PXUqzbi7666i86oU5ypJEd/Djc17ihmhWX2dWoZr7UODCbTobiODtibMcbqmaJKz +9bR8P63o/DdRhrHkRRtknImwZHZ/8TNbJpTs3BT9QSfXB7FmphGPUR2JhDhyWaOm +vByVw3oMzb2getBAeHHPbEK8bygBQkKSN0Sv0hOHfU3vsPIudD0At6zXxESx86hs +QYz8Bgt0vdkDZdsCGVy/ZbH7fQUBxnX0Pj8duthK8QKCAQAtYEbFFiUYYLmnyvzZ +piyi75FT0IZCLrHanFPOzZiRGBBPnFlm1oXrMA8equOsvSktfrDeJV6ZAIGA71c/ +I6HkkAwk2qn4NvdPB0CzLanrrokVEGB6+pGzfpYQjA6ZjSiTIzbFT/cG+QgHYCQ3 +0HukNK76+NWZlN6ORkNjzP83kLPaHucAzHx3E60GiZROVcJFgpbRXPBGy5JrpA9M +DAhrW6Bl5tWVC3d5lIU36l4Zjc8s7FGNI70CR0zTRvi4XAELS+lrRgvFTUvHtWVc +j9DHyanFmjy07INpk3uKIzvCOjIr1cZ0DajO8O6vak6fMoZzS6ebo8tbch+jFUqZ +M38bAoIBAQCZRLKWK6HG7alfzmXAGbrFkQe1KdKPPBaX9sL3R1PLdyXuQi/3Zu91 +RJpXsRYCSEh46D/WxYO2WQOQbvpFI1lbc/py8A6W/gaDfEYm6UdqDYy92MLDl+yH +xMrP73OynbkKDJ8kUzs2YD4nxVkI645zT0htD7xrlXZyY4PHTx6ZSQQqJMflBy2d +t3r65wIxVx+FO42dRAcFPwgPaH61wdwU95plsGIXHBFl920Y4fvgCFdVJNj1EazT +wuk+R4A51nICwyQohB8syMXQ8OBPrl8kbicFACaXzsQYvgeR02XBSnma8CLaPeAc +zyMAJ+YKG7ky1B+91BZEPJr1B3IoXtlxAoIBADilYIz2QK+MjhkaTroe3B80yPn9 +HEZrJU97fWbwFxgj2prITitwVg4wo98/+bnyFyJUESVMZBaiE8zShHW5gmXMdChS +DUTKIp9qPB6+YHDnqixgKvRNdR8F2UErxD6Q+sqa9+w7KMjhQirEm7Ffpy+hGqKm +fT7mMAWNIV43QaHXD40xakJ+uIqjhXa09V1M+nUbhn9W6Tyqv6i5xu3iNd86MzEh +3QCbDqjtE8Dr2DcTkRXLECG9tiQHi5q0OOJPzn0bNoUFQPT8gJ3p14Q7kzhPnXo2 +qjItUwFJxX+pPx6GQgNt7BYOxRVX34VWH3iaqTVtzCLX5xpUs1fx77bZ+ww= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/configs/nuxt/entrypoint.sh b/configs/nuxt/entrypoint.sh new file mode 100755 index 0000000..a1dc972 --- /dev/null +++ b/configs/nuxt/entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +DOMAIN="${DOMAIN:-dot-dot.ru}" + +for x in $(grep -lrw "dot-dot.ru" .nuxt/);do + echo "replace dot-dot.ru to https://${DOMAIN} in $x" + sed -i -e "s/dot-dot.ru/${DOMAIN}/g" $x; +done + +"$@" diff --git a/configs/php/.env b/configs/php/.env index b5504f9..d3f66c3 100644 --- a/configs/php/.env +++ b/configs/php/.env @@ -1,6 +1,7 @@ -APP_ENV=dev APP_SECRET=c35a0abba25a5396d74ec17fca238d9a +CONTAINER_NAME=php + LOCK_DSN=flock PHP_SOCKET_PORT=8080 @@ -9,7 +10,7 @@ DATABASE_URL_DOT_STATISTIC=mysql://root:root@db:3306/dot_statistic?serverVersion DOCUMENT_ROOT=/application APP_HOST=teste.dot-dot.ru -APP_SCHEME=http +APP_SCHEME=https MAILER_DSN=null://null @@ -132,3 +133,12 @@ SOVKOM_API_URL=secret MAGIC_API_URL=https://magic-trans.ru/ MAGIC_API_URL=https://magic-trans.ru/ + +SMS_PROVIDER=prostor-sms +PROSTOR_SMS_END_POINT_URL=http://api.prostor-sms.ru +PROSTOR_SMS_LOGIN=secret +PROSTOR_SMS_PASSWORD=secret + +ACCOUNTING_AUDIT_URL=https://crm.dot-dot.ru +ACCOUNTING_AUDIT_LOGIN=secret +ACCOUNTING_AUDIT_PASSWORD=secret diff --git a/configs/php/.env.local b/configs/php/.env.local index 9e407cf..af591df 100644 --- a/configs/php/.env.local +++ b/configs/php/.env.local @@ -1,4 +1,5 @@ - +CONTAINER_NAME=php +APP_ENV=prod NotificationBuildServicejSP_KEY=16e93b225c730920ac5741a8d8df788f DADATA_API_TOKEN=c9aa5fdc338a746e23ce91ceb6fdb9e635749833 @@ -17,7 +18,7 @@ GOOGLE_MAPS_ACCESS_KEY=AIzaSyBCPl2LcpRvplzLUNVMVLhA3b7k46lTCTg NUXT_BASE_URL=teste.dot-dot.ru -ATISU_API_TOKEN=a9698671a68441c7b3959e43995d1506 +ATISU_API_TOKEN=46b599c3ab7f4574b560f48ea005d9f3 ###> google/apiclient ### ANALITIC_GOOGLE_CLIENT_ID=672035500859-n6cq8lb393rs5f7q46pnjrc6u9hjiomg.apps.googleusercontent.com @@ -31,8 +32,7 @@ TELEGRAM_CHAT_ID=-875661421 ###< telegramm ### ###> voicia ### -VOICIA_API_KEY=7589ed2721e50e299eb3baf2e3100a6b -VOICIA_CALL_ID=8788 +VOICIA_CALL_ID=1949 ###< voicia ### ###> ml_calculator ### @@ -49,9 +49,9 @@ ML_CARRIER_SCORING=https://ml.dot-dot.ru/v2/classification/carrier/scoring ###< carrier_scoring ### ###> direction_scoring ### -ML_DIRECTION_SCORING_URL=https://ml.dot-dot.ru/v2/classification/direction/confidence +ML_DIRECTION_SCORING_URL=https://ml.dot-dot.ru/v3/classification/direction/confidence ###< direction_scoring ### - + ###> direction_recalculate ### ML_DIRECTION_RECALCULATE_URL=https://ml.dot-dot.ru/v2/schedule/calculate ###< direction_recalculate ### @@ -113,13 +113,55 @@ SOVKOM_API_KEY=AAk6UcV88xCCC26654rM SOVKOM_API_URL=https://testout.sovcomins.ru ###< SOVKOMTEST### +ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v2/schedule/carrier/scoring + ML_REGULAR_DIRECTION_URL=https://ml.dot-dot.ru/v2/schedule/transport +ACCOUNTING_AUDIT_URL="https://crm.dot-dot.ru/TTLBuhreport/hs/TT/reconciliationreport" + ###> YandexTracker ### YTRACKER_API_TOKEN="y0_AgAEA7qkKFmeAAjF8AAAAADXovQd6htdkt7LTDW_sNHCz7qV9zdVHaQ" YTRACKER_ORGANISATION_ID=355207 ###< YandexTracker ### -ML_REGULAR_DIRECTION_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v1/schedule/carrier/scoring -ML_REGULAR_DIRECTION_CHAIN_URL=https://ml.dot-dot.ru/v1/schedule/chains -ML_REGULAR_DIRECTION_CHAIN_RELEVANCE_CARRIERS_URL=https://ml.dot-dot.ru/v1/schedule/chains/carrier/scoring +SMARTCAPTCHA_SERVER_KEY=ysc2_GLQZ8QPaFh0eXqZ5KaRMuRRZOX7qNNMy7P9Mq82V6c4e7b81 + +###> sentry/sentry-symfony ### +SENTRY_DSN="https://1127a3ada375b040486c3ab0d86cbcab@sentry.dot-dot.ru/5" +SENTRY_SERVER_NAME=testE +SENTRY_SERVER_USER_NAME=kurilenko +###< sentry/sentry-symfony ### + +ML_CALCULATOR_TRADE_ONLY_URL=https://ml.dot-dot.ru/v1/tender/price + +ML_REGULAR_DIRECTION_HISTORY_ORDER_URL=https://ml.dot-dot.ru/v1/schedule/transport/orders + +#QUEUE_DSN_OC_CARRIER_OFFERS=amqp://guest:guest@rabbitmq:5672/%2f/OC_CARRIER_OFFERS +#QUEUE_DSN_STATISTIC_EXPORT=amqp://guest:guest@rabbitmq:5672/%2f/STATISTIC_EXPORT +QUEUE_DSN_OC_CARRIER_OFFERS=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/OC_CARRIER_OFFERS +QUEUE_DSN_STATISTIC_EXPORT=amqp://ddadmin:Utahth9aeshahgh3saik@rabbitmq:5672/%2f/STATISTIC_EXPORT + +CRYPTOPRO_PATH='/opt/cprocsp/bin/amd64/cryptcp -sign -dn '"ООО ""ТОЧКА-ТОЧКА ЛОГИСТИКА"""' -der' +SIGNED_DOC_PATH="/application/var/documents/signeddocs" +ABSOLUTE_SIGNED_DOC_PATH="/home/ddadmin/demolms/signeddocs" +CHROMIUM_BROWSER_SYS_PATH="/usr/bin/chromium-browser" + + +###> API_KONTUR_FOCUS### +USER_TRUST_API_KONTUR_FOCUS_END_POINT_URL=https://focus-api.kontur.ru +USER_TRUST_API_KONTUR_FOCUS_API_TOKEN=3208d29d15c507395db770d0e65f3711e40374df +USER_TRUST_CHECK_BACKEND=true +###< API_KONTUR_FOCUS### + +QUEUE_DSN_USER_TRUST=amqp://guest:guest@rabbitmq:5672/%2f/USER_TRUST + + +CHROMIUM_BROWSER_SYS_PATH="/usr/bin/chromium-browser" + +### DD-3326 check_carrier&drivers in OTK 2_Step ### +OTK_API_END_POINT_URL="https://test-api.otk.su" +OTK_API_TOKEN="Q5vBE9jusg38Rk7wHt2bzycT4K6pePFZ" +### DD-3326 check_carrier&drivers in OTK 2_Step ### + +ACCOUNTING_AUDIT_LOGIN=ReportServis +ACCOUNTING_AUDIT_PASSWORD=fE7mubiv diff --git a/configs/php/firebase-fcm-dotdot-key.json b/configs/php/firebase-fcm-dotdot-key.json new file mode 100755 index 0000000..d5d7878 --- /dev/null +++ b/configs/php/firebase-fcm-dotdot-key.json @@ -0,0 +1,13 @@ +{ + "type": "service_account", + "project_id": "t-t-logistics", + "private_key_id": "d43ca447a200d75f02886d06689212e27f0fd823", + "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCeqg8yH6kQp+eL\nJqjrwkgDHyw6xnKUqjidAV7C259tZD6BXzxcqzaqKc3DdCWyB8Eu0EpTfBsp6M+6\n3KACXXZ++Pd3bgzp3KOFRV16eDLr/xkvGUlMIKwb3saDjnPSdvrU0TqwCURQ+PEi\nPm6s4UTZ/bPp/h62q/oTxB3bQVwoOUcCljPynjAYUG49OXVbUW1yCMbgo1QUIXbU\n/b7mcNwjNyUnUX3mTjarjEVislqkO0j5XB06Hdnnb0z7OED0nJSV6ZRA0933Y4hL\nS+JFer1IuQGP3B8NpMdmOdCDpZPb4odcgt2Zw4gwqEV3iCE7OmXJtAQq/Nmd3luh\n6Sls4FVPAgMBAAECggEAPimZl4VA+0YVWPbWErxE83gon4R1itpgIN9TDZv3S+gM\n9ynlX9cyrRuAwtWEGUqhfOJdZHUIvXQ5wtfClvqgPOH1LqT+yTdJF6NUGvHx3XVO\nHB5XkcxxMeAnvY43wZsc7flleWfADMtjygtU2EXP8GpOLVyDEwWxDkJ1ghwK67Ta\ndpQWWbSnqo1alEWdELJ8y39xJrB/JSnFGc2sstfD5tx4fJ+1jI0ZvnCz3G1d42Rr\nnLaHfRoGSt5TddyvqejAXOhtL/Rhnki1XKhrl9/v1d25kUFPc+dK8z4yUXpWAHWs\nQfhPkRCaEYdTy9wbQ3T2tRATamuxYdGRGPVh47BSHQKBgQDeVHtk1MZVW0mohTCm\n+dto4QPGe0CVomQ1M6DGLv8fLpCTCpb2vdeftVjWXghZrWWaYBK3nZcyTP5+ii/g\nDW94TFWzB3a0M+tE1BGwc8Y9fifGqgcTeIxDbZzrDjmhOlebSvygX4uclmplPznl\ncaRpva3W6XJYGnCqMJf/XSaRTQKBgQC2sVHSA9X58Wy3ZTrbtTC1xGDx/2yGvoAw\n8w5pSj2w8f6wXvBV32uGWdf74s7XLS3g4I/y9nUGAJRJfzbBMwaAzjGHGX5UC6kp\nNJ5ZCfyRFOJ2hllIcsksj96RyDATry4fTc210XwXHHauz4tsqSfP6JomWggh6fj6\nTf4oq3zzCwKBgD1doiVlmUysArux74jXBBmBqhIZqOzkQrZwhprNE/veVWdQj/SQ\n17gsTNX2ZGWkN5wRknj91WK73667o5U7AB57K1hb4gbBIdoAktVaT0hfzsjF22gj\naMufsKUsavm2acHiQ7JcTOOunLVPa0KKSHArO5VLIBVzTs+a1AlXA7MtAoGAGRaw\nzc6JDBIDhAv60UFIty2IwrL5DGgM4qv+RqdTYYFaII5pIuHTuleMOaMkFJi3vDIa\nkpsV5wUdWBqIQm/nbLjkRFFT7+bKDEaVmFSuwp3Dm9NHX5Oj3OLFBfAf6hQcmV/t\n6BIkoGfgRJFr7Dgup3ah9LJYe4/OCVG8nYkvV5ECgYBFfQlhYv24M4RHQ/EbOIJY\nmZgZzcGz7nA0AWS8zeSoTizAtPwnoPElOs/+drJ+CKaAnfr8+BZ1spP2I8Sj6l9g\nXeDBlZvX7Q1baz6vdQr1KscjmWnHUbaDCrGWK+95umAVpyrabopynQt7T0GrBWKz\n+nixrt/C57fjiE2OHM8big==\n-----END PRIVATE KEY-----\n", + "client_email": "firebase-push-auth-dd@t-t-logistics.iam.gserviceaccount.com", + "client_id": "117030561604837789287", + "auth_uri": "https://accounts.google.com/o/oauth2/auth", + "token_uri": "https://oauth2.googleapis.com/token", + "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", + "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-push-auth-dd%40t-t-logistics.iam.gserviceaccount.com", + "universe_domain": "googleapis.com" +} diff --git a/configs/php/www.conf b/configs/php/www.conf new file mode 100644 index 0000000..302be9c --- /dev/null +++ b/configs/php/www.conf @@ -0,0 +1,455 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or NONE) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. The owner +; and group can be specified either by name or by their numeric IDs. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = www-data +;listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is different than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 25 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: (min_spare_servers + max_spare_servers) / 2 +pm.start_servers = 10 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 10 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 20 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following information: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/local/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The address on which to accept FastCGI status request. This creates a new +; invisible pool that can handle requests independently. This is useful +; if the main pool is busy with long running requests because it is still possible +; to get the status before finishing the long running requests. +; +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Default Value: value of the listen option +;pm.status_listen = 127.0.0.1:9001 + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{milliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some examples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout set by 'request_terminate_timeout' ini option is not engaged after +; application calls 'fastcgi_finish_request' or when application has finished and +; shutdown functions are being called (registered via register_shutdown_function). +; This option will enable timeout limit to be applied unconditionally +; even in such cases. +; Default Value: no +;request_terminate_timeout_track_finished = no + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environment, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +;decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/local) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/configs/php/zz-docker.conf b/configs/php/zz-docker.conf new file mode 100644 index 0000000..363ab1f --- /dev/null +++ b/configs/php/zz-docker.conf @@ -0,0 +1,5 @@ +[global] +daemonize = no + +[www] +listen = 0.0.0.0:9000 diff --git a/configs/rabbitmq/enabled_plugins b/configs/rabbitmq/enabled_plugins new file mode 100644 index 0000000..318ea04 --- /dev/null +++ b/configs/rabbitmq/enabled_plugins @@ -0,0 +1 @@ +[rabbitmq_management,rabbitmq_prometheus]. \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index aab34de..41089ae 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,13 +1,37 @@ -version: "3.3" - volumes: certbot_volume: nginx_log_volume: mysql_data_volume: mysql_backup_volume: php_var_volume: + rabbitmq_volume: + redis_volume: + php_support_volume: +x-defaults-php: &defaults-php + image: registry.dot-dot.ru/dot-dot:${DOTDOT_TAG} + restart: unless-stopped + user: www-data + volumes: + - ./configs/php/.env:/application/.env + - ./configs/php/.env.local:/application/.env.local + - ./configs/php/zz-docker.conf:/usr/local/etc/php-fpm.d/zz-docker.conf + - php_var_volume:/application/var + - php_support_volume:/application/var/support-issue + - ./configs/php/www.conf:/usr/local/etc/php-fpm.d/www.conf + - ./configs/php/firebase-fcm-dotdot-key.json:/application/config/firebase-fcm-dotdot-key.json + depends_on: + - db + - rabbitmq + extra_hosts: + - "sentry.dot-dot.ru:192.168.100.111" + - "testesigner.dot-dot.ru:192.168.100.110" + - "teste.dot-dot.ru:192.168.100.110" + - "testelms.dot-dot.ru:192.168.100.110" + networks: + - dd + networks: dd: name: ${NETWORK} @@ -31,18 +55,29 @@ services: networks: - dd + backend: + <<: *defaults-php + php: - image: registry.dot-dot.ru/dot-dot:${DOTDOT_TAG} - # command: "php-fpm && nginx -g 'daemon off;'" - restart: unless-stopped - volumes: - - ./configs/php/.env:/application/.env - - ./configs/php/.env.local:/application/.env.local - - php_var_volume:/application/var - depends_on: - - db - networks: - - dd + # TODO: Денис должен переделать и добавить + command: ./bin/console app:auction:reload + <<: *defaults-php + + statistic-export: + <<: *defaults-php + command: ./bin/console messenger:consume StatisticExport + + carrier-offers: + <<: *defaults-php + command: ./bin/console messenger:consume CarrierOffers + + user-trust: + <<: *defaults-php + command: sh -c 'while true; do echo run; ./bin/console messenger:consume UserTrust; sleep 60;done' + + auction: + <<: *defaults-php + command: sh -c 'while true; do echo run; ./bin/console app:auction:process; sleep 60;done' static: image: registry.dot-dot.ru/dot-dot-static:${DOTDOT_TAG} @@ -56,11 +91,42 @@ services: command: npm run start volumes: - ./configs/nuxt/.env:/app/.env + - ./configs/nuxt/entrypoint.sh:/entrypoint.sh env_file: - ./configs/nuxt/.env + entrypoint: /entrypoint.sh networks: - dd + lms: + image: registry.dot-dot.ru/lms:${LMS_TAG} + restart: unless-stopped + command: npm run start + volumes: + - ./configs/lms/.env:/app/.env + - ./configs/lms/entrypoint.sh:/entrypoint.sh + env_file: + - ./configs/lms/.env + entrypoint: /entrypoint.sh + networks: + - dd + + admin: + image: registry.dot-dot.ru/dashboard:${DASHBORD_TAG} + command: frankenphp php-server -r /application/public + restart: unless-stopped + environment: + - SERVER_NAME=testeadmin.dot-dot.ru + volumes: + - ./configs/dashboard/.env:/application/.env + depends_on: + - db + networks: + dd: + ingress: + aliases: + - ${NETWORK}-admin + nginx: image: nginx:1.25.3-alpine3.18 restart: unless-stopped @@ -72,14 +138,71 @@ services: - ./configs/nginx/other:/etc/nginx/other - certbot_volume:/etc/letsencrypt - nginx_log_volume:/var/log/nginx - labels: - - "traefik.enable=true" - - "traefik.http.routers.nginx${NETWORK}.rule=Host(`${NETWORK}.dot-dot.ru`)" - - "traefik.http.services.nginx${NETWORK}.loadbalancer.server.port=80" depends_on: - nuxt - php - static networks: - - dd - - ingress + dd: + ingress: + aliases: + - ${NETWORK}-nginx + + rabbitmq: + image: rabbitmq:3.12.1-management-alpine + restart: unless-stopped + hostname: ${COMPOSE_PROJECT_NAME} + volumes: + - rabbitmq_volume:/var/lib/rabbitmq + - ./configs/rabbitmq/enabled_plugins:/etc/rabbitmq/enabled_plugins + environment: + - RABBITMQ_DEFAULT_USER=${RABBITMQ_USERNAME} + - RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD} + - RABBITMQ_CONFIG_FILE=/etc/rabbitmq/rabbitmq.conf + networks: + dd: {} + + redis: + image: redis:7.2.4-alpine3.19 + restart: unless-stopped + volumes: + - redis_volume:/data + - ./configs/redis:/usr/local/etc/redis + environment: + - REDIS_PORT=6379 + networks: + dd: {} + + redis-exporter: + image: oliver006/redis_exporter:v1.59.0 + command: + - "--redis.addr=redis://redis:6379" + networks: + dd: {} + + php-cli-mltorgtrans: + user: 1000:1000 + image: registry.dot-dot.ru/mltorgtrans:${MLTORGTRANS_TAG} + command: php artisan app:run-collector + restart: unless-stopped + volumes: + - ./configs/mltorgtrans/.env:/application/.env + env_file: + - ./configs/mltorgtrans/.env + depends_on: + - db + networks: + dd: {} + + php-cli-mlatrucks: + image: registry.dot-dot.ru/mlatrucks:${MLATRUCKS_TAG} + command: php artisan app:run-collector + restart: unless-stopped + volumes: + - ./configs/mlatrucks/.env:/application/.env + env_file: + - ./configs/mlatrucks/.env + depends_on: + - db + networks: + dd: {}