admin/honeyDueAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
honeyDueAPI/docker-compose.dev.yml
Trey T 4abc57535e Add delete account endpoint and file encryption at rest 
Delete Account (Plan #2):
- DELETE /api/auth/account/ with password or "DELETE" confirmation
- Cascade delete across 15+ tables in correct FK order
- Auth provider detection (email/apple/google) for /auth/me/
- File cleanup after account deletion
- Handler + repository tests (12 tests)

Encryption at Rest (Plan #3):
- AES-256-GCM envelope encryption (per-file DEK wrapped by KEK)
- Encrypt on upload, auto-decrypt on serve via StorageService.ReadFile()
- MediaHandler serves decrypted files via c.Blob()
- TaskService email image loading uses ReadFile()
- cmd/migrate-encrypt CLI tool with --dry-run for existing files
- Encryption service + storage service tests (18 tests)
2026-03-26 10:41:01 -05:00

208 lines
5.5 KiB
YAML
Raw Permalink Blame History

# Local development compose file (self-contained, no base file needed)
# Usage:
# docker compose -f docker-compose.dev.yml up --build
services:
# PostgreSQL Database
db:
image: postgres:16-alpine
container_name: honeydue-db
restart: unless-stopped
environment:
POSTGRES_USER: ${POSTGRES_USER:-honeydue}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-honeydue_dev_password}
POSTGRES_DB: ${POSTGRES_DB:-honeydue}
volumes:
- postgres_data:/var/lib/postgresql/data
ports:
- "${DB_PORT:-5433}:5432" # 5433 externally to avoid conflicts with local postgres
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-honeydue} -d ${POSTGRES_DB:-honeydue}"]
interval: 10s
timeout: 5s
retries: 5
networks:
- honeydue-network
# Redis Cache
redis:
image: redis:7-alpine
container_name: honeydue-redis
restart: unless-stopped
command: redis-server --appendonly yes
volumes:
- redis_data:/data
ports:
- "${REDIS_PORT:-6379}:6379"
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
networks:
- honeydue-network
# honeyDue API
api:
build:
context: .
target: api
container_name: honeydue-api
restart: unless-stopped
ports:
- "${PORT:-8000}:8000"
environment:
# Server
PORT: "8000"
DEBUG: "true"
DEBUG_FIXED_CODES: "true"
ALLOWED_HOSTS: "localhost,127.0.0.1"
TIMEZONE: "${TIMEZONE:-UTC}"
# Database
DB_HOST: db
DB_PORT: "5432"
POSTGRES_USER: ${POSTGRES_USER:-honeydue}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-honeydue_dev_password}
POSTGRES_DB: ${POSTGRES_DB:-honeydue}
DB_SSLMODE: "disable"
# Redis
REDIS_URL: "redis://redis:6379/0"
# Security
SECRET_KEY: ${SECRET_KEY:-dev-secret-key-change-in-production-min-32-chars}
# Email
EMAIL_HOST: ${EMAIL_HOST:-smtp.gmail.com}
EMAIL_PORT: ${EMAIL_PORT:-587}
EMAIL_HOST_USER: ${EMAIL_HOST_USER}
EMAIL_HOST_PASSWORD: ${EMAIL_HOST_PASSWORD}
DEFAULT_FROM_EMAIL: ${DEFAULT_FROM_EMAIL:-honeyDue <noreply@honeyDue.treytartt.com>}
EMAIL_USE_TLS: "true"
# Push Notifications
APNS_AUTH_KEY_PATH: ${APNS_AUTH_KEY_PATH}
APNS_AUTH_KEY_ID: ${APNS_AUTH_KEY_ID}
APNS_TEAM_ID: ${APNS_TEAM_ID}
APNS_TOPIC: ${APNS_TOPIC:-com.tt.honeyDue}
APNS_USE_SANDBOX: "true"
FCM_SERVER_KEY: ${FCM_SERVER_KEY}
# Storage encryption
STORAGE_ENCRYPTION_KEY: ${STORAGE_ENCRYPTION_KEY}
volumes:
- ./push_certs:/certs:ro
- ./uploads:/app/uploads
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:8000/api/health/"]
interval: 30s
timeout: 10s
start_period: 10s
retries: 3
networks:
- honeydue-network
# honeyDue Admin Panel (Next.js)
admin:
build:
context: .
target: admin
container_name: honeydue-admin
restart: unless-stopped
ports:
- "${ADMIN_PORT:-3000}:3000"
environment:
PORT: "3000"
HOSTNAME: "0.0.0.0"
NEXT_PUBLIC_API_URL: "${NEXT_PUBLIC_API_URL:-http://api:8000}"
depends_on:
api:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:3000/"]
interval: 30s
timeout: 10s
retries: 3
networks:
- honeydue-network
# honeyDue Worker (Background Jobs)
worker:
build:
context: .
target: worker
container_name: honeydue-worker
restart: unless-stopped
environment:
# Database
DB_HOST: db
DB_PORT: "5432"
POSTGRES_USER: ${POSTGRES_USER:-honeydue}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-honeydue_dev_password}
POSTGRES_DB: ${POSTGRES_DB:-honeydue}
DB_SSLMODE: "disable"
# Redis
REDIS_URL: "redis://redis:6379/0"
# Security
SECRET_KEY: ${SECRET_KEY:-dev-secret-key-change-in-production-min-32-chars}
# Push Notifications
APNS_AUTH_KEY_PATH: "/certs/apns_key.p8"
APNS_AUTH_KEY_ID: ${APNS_AUTH_KEY_ID}
APNS_TEAM_ID: ${APNS_TEAM_ID}
APNS_TOPIC: ${APNS_TOPIC:-com.tt.honeyDue}
APNS_USE_SANDBOX: "true"
FCM_SERVER_KEY: ${FCM_SERVER_KEY}
# Email
EMAIL_HOST: ${EMAIL_HOST:-smtp.gmail.com}
EMAIL_PORT: ${EMAIL_PORT:-587}
EMAIL_HOST_USER: ${EMAIL_HOST_USER}
EMAIL_HOST_PASSWORD: ${EMAIL_HOST_PASSWORD}
DEFAULT_FROM_EMAIL: ${DEFAULT_FROM_EMAIL:-honeyDue <noreply@honeyDue.treytartt.com>}
EMAIL_USE_TLS: "true"
# Worker settings (UTC hours for scheduled jobs)
TASK_REMINDER_HOUR: ${TASK_REMINDER_HOUR:-14}
OVERDUE_REMINDER_HOUR: ${OVERDUE_REMINDER_HOUR:-15}
DAILY_DIGEST_HOUR: ${DAILY_DIGEST_HOUR:-3}
volumes:
- ./push_certs:/certs:ro
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
networks:
- honeydue-network
# Dozzle — lightweight real-time log viewer
dozzle:
image: amir20/dozzle:latest
container_name: honeydue-dozzle
restart: unless-stopped
ports:
- "${DOZZLE_PORT:-9999}:8080"
environment:
DOZZLE_NO_ANALYTICS: "true"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- honeydue-network
volumes:
postgres_data:
redis_data:
networks:
honeydue-network:
driver: bridge
Reference in New Issue View Git Blame Copy Permalink