Skip to content

Commit 7a8dd19

Browse files
SatanLittleHelperSatanLittleHelper
authored
Merge pull request #28 from SatanLittleHelper/config/deployment-environments
config/deployment-environments: add dev and prod deployment configura…
2 parents 2d82df2 + 5cb843b commit 7a8dd19

6 files changed

Lines changed: 415 additions & 1 deletion

File tree

Makefile

Lines changed: 69 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,23 @@ run-dev:
1818
JWT_ISSUER=strive-api \
1919
JWT_AUDIENCE=strive-app \
2020
JWT_CLOCK_SKEW=2m \
21+
CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:3001,http://localhost:4200,http://127.0.0.1:3000,http://127.0.0.1:4200 \
22+
CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,OPTIONS \
23+
CORS_ALLOWED_HEADERS=Accept,Authorization,Content-Type,X-Request-ID \
24+
CORS_EXPOSED_HEADERS=X-Request-ID \
25+
CORS_ALLOW_CREDENTIALS=true \
26+
CORS_MAX_AGE=86400 \
27+
COOKIE_SECURE=false \
28+
COOKIE_SAMESITE=Lax \
29+
COOKIE_DOMAIN= \
30+
RATE_LIMIT_ENABLED=true \
31+
RATE_LIMIT_AUTH_PER_MINUTE=5 \
32+
RATE_LIMIT_GENERAL_PER_MINUTE=60 \
33+
RATE_LIMIT_BURST_SIZE=10 \
34+
EXERCISEDB_ENABLED=true \
35+
EXERCISEDB_BASE_URL=https://exercise.hellogym.io \
36+
EXERCISEDB_TIMEOUT=30s \
37+
EXERCISEDB_RETRY_COUNT=3 \
2138
go run ./cmd/server
2239

2340
db-up:
@@ -95,6 +112,58 @@ docker-logs-all:
95112
@echo "Showing all logs..."
96113
docker compose logs -f
97114

115+
# Development deployment commands
116+
dev-up:
117+
@echo "Starting development environment..."
118+
docker compose -f docker-compose.dev.yml up -d
119+
120+
dev-up-build:
121+
@echo "Building and starting development environment..."
122+
docker compose -f docker-compose.dev.yml up --build -d
123+
124+
dev-down:
125+
@echo "Stopping development environment..."
126+
docker compose -f docker-compose.dev.yml down
127+
128+
dev-restart:
129+
@echo "Restarting development environment..."
130+
docker compose -f docker-compose.dev.yml down
131+
docker compose -f docker-compose.dev.yml up --build -d
132+
133+
dev-logs:
134+
@echo "Showing development logs..."
135+
docker compose -f docker-compose.dev.yml logs -f app
136+
137+
dev-logs-all:
138+
@echo "Showing all development logs..."
139+
docker compose -f docker-compose.dev.yml logs -f
140+
141+
# Production deployment commands
142+
prod-up:
143+
@echo "Starting production environment..."
144+
docker compose up -d
145+
146+
prod-up-build:
147+
@echo "Building and starting production environment..."
148+
docker compose up --build -d
149+
150+
prod-down:
151+
@echo "Stopping production environment..."
152+
docker compose down
153+
154+
prod-restart:
155+
@echo "Restarting production environment..."
156+
docker compose down
157+
docker compose up --build -d
158+
159+
prod-logs:
160+
@echo "Showing production logs..."
161+
docker compose logs -f app
162+
163+
prod-logs-all:
164+
@echo "Showing all production logs..."
165+
docker compose logs -f
166+
98167
build:
99168
go build -o bin/server ./cmd/server
100169

docker-compose.dev.yml

Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
version: '3.8'
2+
3+
services:
4+
app:
5+
build: .
6+
ports:
7+
- "8080:8080"
8+
environment:
9+
- PORT=8080
10+
- LOG_LEVEL=INFO
11+
- LOG_FORMAT=json
12+
- DB_HOST=postgres
13+
- DB_PORT=5432
14+
- DB_USER=postgres
15+
- DB_PASSWORD=password
16+
- DB_NAME=strive
17+
- DB_SSL_MODE=disable
18+
- JWT_SECRET=dev-secret-key-12345-very-long-for-security
19+
- JWT_ISSUER=strive-api
20+
- JWT_AUDIENCE=strive-app
21+
- JWT_CLOCK_SKEW=2m
22+
- CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:3001,http://localhost:4200,https://your-dev-domain.com
23+
- CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,OPTIONS
24+
- CORS_ALLOWED_HEADERS=Accept,Authorization,Content-Type,X-Request-ID
25+
- CORS_EXPOSED_HEADERS=X-Request-ID
26+
- CORS_ALLOW_CREDENTIALS=true
27+
- CORS_MAX_AGE=86400
28+
- COOKIE_SECURE=false
29+
- COOKIE_SAMESITE=Lax
30+
- COOKIE_DOMAIN=
31+
- RATE_LIMIT_ENABLED=true
32+
- RATE_LIMIT_AUTH_PER_MINUTE=5
33+
- RATE_LIMIT_GENERAL_PER_MINUTE=60
34+
- RATE_LIMIT_BURST_SIZE=10
35+
- EXERCISEDB_ENABLED=true
36+
- EXERCISEDB_BASE_URL=https://exercise.hellogym.io
37+
- EXERCISEDB_TIMEOUT=30s
38+
- EXERCISEDB_RETRY_COUNT=3
39+
depends_on:
40+
postgres:
41+
condition: service_healthy
42+
healthcheck:
43+
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/health"]
44+
interval: 30s
45+
timeout: 10s
46+
retries: 3
47+
start_period: 40s
48+
49+
postgres:
50+
image: postgres:15-alpine
51+
container_name: strive-postgres-dev
52+
environment:
53+
POSTGRES_DB: strive
54+
POSTGRES_USER: postgres
55+
POSTGRES_PASSWORD: password
56+
ports:
57+
- "5432:5432"
58+
volumes:
59+
- postgres_data_dev:/var/lib/postgresql/data
60+
- ./migrations:/docker-entrypoint-initdb.d
61+
healthcheck:
62+
test: ["CMD-SHELL", "pg_isready -U postgres -d strive"]
63+
interval: 5s
64+
timeout: 5s
65+
retries: 5
66+
67+
volumes:
68+
postgres_data_dev:

docker-compose.yml

Lines changed: 27 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,33 @@ services:
1515
- DB_PASSWORD=password
1616
- DB_NAME=strive
1717
- DB_SSL_MODE=disable
18-
- JWT_SECRET=dev-secret-key-12345
18+
- JWT_SECRET=production-secret-key-very-long-and-secure
19+
- JWT_ISSUER=strive-api
20+
- JWT_AUDIENCE=strive-app
21+
- JWT_CLOCK_SKEW=2m
22+
- CORS_ALLOWED_ORIGINS=https://your-production-frontend.com
23+
- CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,OPTIONS
24+
- CORS_ALLOWED_HEADERS=Accept,Authorization,Content-Type,X-Request-ID
25+
- CORS_EXPOSED_HEADERS=X-Request-ID
26+
- CORS_ALLOW_CREDENTIALS=true
27+
- CORS_MAX_AGE=86400
28+
- COOKIE_SECURE=true
29+
- COOKIE_SAMESITE=Strict
30+
- COOKIE_DOMAIN=
31+
- RATE_LIMIT_ENABLED=true
32+
- RATE_LIMIT_AUTH_PER_MINUTE=5
33+
- RATE_LIMIT_GENERAL_PER_MINUTE=60
34+
- RATE_LIMIT_BURST_SIZE=10
35+
- EXERCISEDB_ENABLED=true
36+
- EXERCISEDB_BASE_URL=https://exercise.hellogym.io
37+
- EXERCISEDB_TIMEOUT=30s
38+
- EXERCISEDB_RETRY_COUNT=3
39+
- SECURITY_HSTS_MAX_AGE=31536000
40+
- SECURITY_HSTS_INCLUDE_SUBDOMAINS=true
41+
- SECURITY_X_FRAME_OPTIONS=DENY
42+
- SECURITY_X_CONTENT_TYPE_OPTIONS=nosniff
43+
- SECURITY_REFERRER_POLICY=strict-origin-when-cross-origin
44+
- SECURITY_XSS_PROTECTION=1; mode=block
1945
depends_on:
2046
postgres:
2147
condition: service_healthy

docs/deployment-guide.md

Lines changed: 132 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,132 @@
1+
# Deployment Guide
2+
3+
## Локальная разработка
4+
5+
### 1. Запуск локального окружения
6+
7+
```bash
8+
# Запуск базы данных
9+
make db-up
10+
11+
# Запуск приложения в dev режиме
12+
make run-dev
13+
```
14+
15+
### 2. Запуск через Docker (dev окружение)
16+
17+
```bash
18+
# Запуск dev окружения
19+
make dev-up
20+
21+
# Пересборка и запуск
22+
make dev-up-build
23+
24+
# Просмотр логов
25+
make dev-logs
26+
27+
# Остановка
28+
make dev-down
29+
```
30+
31+
### 3. Запуск через Docker (production окружение)
32+
33+
```bash
34+
# Запуск production окружения
35+
make prod-up
36+
37+
# Пересборка и запуск
38+
make prod-up-build
39+
40+
# Просмотр логов
41+
make prod-logs
42+
43+
# Остановка
44+
make prod-down
45+
```
46+
47+
## Деплой на Render.com
48+
49+
### 1. Настройка переменных окружения
50+
51+
В Render Dashboard настройте следующие переменные:
52+
53+
#### Обязательные переменные:
54+
- `JWT_SECRET` - секретный ключ (минимум 32 символа)
55+
- `DB_HOST` - хост базы данных
56+
- `DB_USER` - пользователь БД
57+
- `DB_PASSWORD` - пароль БД
58+
- `DB_NAME` - имя БД
59+
60+
#### CORS настройки:
61+
- `CORS_ALLOWED_ORIGINS` - разрешенные домены (через запятую)
62+
- `CORS_ALLOW_CREDENTIALS=true`
63+
64+
#### Cookie настройки:
65+
- `COOKIE_SECURE=true` (для HTTPS)
66+
- `COOKIE_SAMESITE=Strict` (для production)
67+
- `COOKIE_DOMAIN=` (пустое для текущего домена)
68+
69+
### 2. Деплой через Render
70+
71+
#### Development стенд:
72+
1. Подключите репозиторий к Render
73+
2. Используйте `render.dev.yaml` для dev стенда
74+
3. Настройте переменные окружения
75+
4. Деплой произойдет автоматически при push в main
76+
77+
#### Production стенд:
78+
1. Используйте `render.yaml` для production
79+
2. Настройте все переменные окружения
80+
3. Убедитесь, что `CORS_ALLOWED_ORIGINS` содержит ваш production домен
81+
4. Деплой произойдет автоматически при push в main
82+
83+
### 3. Проверка деплоя
84+
85+
```bash
86+
# Проверка здоровья
87+
curl https://your-app.onrender.com/health
88+
89+
# Проверка детального статуса
90+
curl https://your-app.onrender.com/health/detailed
91+
92+
# Проверка CORS
93+
curl -H "Origin: https://your-frontend.com" \
94+
-H "Access-Control-Request-Method: POST" \
95+
-H "Access-Control-Request-Headers: Content-Type" \
96+
-X OPTIONS \
97+
https://your-app.onrender.com/api/v1/auth/login
98+
```
99+
100+
## Настройка для разных окружений
101+
102+
### Development (локальная разработка)
103+
- `COOKIE_SECURE=false`
104+
- `COOKIE_SAMESITE=Lax`
105+
- `CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:4200`
106+
107+
### Staging (dev стенд)
108+
- `COOKIE_SECURE=true`
109+
- `COOKIE_SAMESITE=None`
110+
- `CORS_ALLOWED_ORIGINS=https://your-dev-frontend.com`
111+
112+
### Production
113+
- `COOKIE_SECURE=true`
114+
- `COOKIE_SAMESITE=Strict`
115+
- `CORS_ALLOWED_ORIGINS=https://your-production-frontend.com`
116+
117+
## Troubleshooting
118+
119+
### Проблемы с куки
120+
1. Убедитесь, что `CORS_ALLOW_CREDENTIALS=true`
121+
2. Проверьте настройки `COOKIE_SECURE` и `COOKIE_SAMESITE`
122+
3. Для cross-domain куки нужен `SameSite=None` и `Secure=true`
123+
124+
### Проблемы с CORS
125+
1. Проверьте `CORS_ALLOWED_ORIGINS`
126+
2. Убедитесь, что домен точно совпадает
127+
3. Проверьте, что `CORS_ALLOW_CREDENTIALS=true`
128+
129+
### Проблемы с базой данных
130+
1. Проверьте подключение к БД
131+
2. Убедитесь, что миграции выполнены
132+
3. Проверьте SSL настройки (`DB_SSL_MODE`)

render.dev.yaml

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
services:
2+
- type: web
3+
name: strive-api-dev
4+
env: docker
5+
plan: free
6+
autoDeploy: true
7+
healthCheckPath: /health
8+
dockerfilePath: ./Dockerfile
9+
branch: main
10+
envVars:
11+
- key: PORT
12+
value: 8080
13+
- key: LOG_LEVEL
14+
value: INFO
15+
- key: LOG_FORMAT
16+
value: json
17+
- key: DB_HOST
18+
sync: false
19+
- key: DB_PORT
20+
value: 5432
21+
- key: DB_USER
22+
sync: false
23+
- key: DB_PASSWORD
24+
sync: false
25+
- key: DB_NAME
26+
sync: false
27+
- key: DB_SSL_MODE
28+
value: require
29+
- key: JWT_SECRET
30+
sync: false
31+
- key: JWT_ISSUER
32+
value: strive-api
33+
- key: JWT_AUDIENCE
34+
value: strive-app
35+
- key: JWT_CLOCK_SKEW
36+
value: 2m
37+
- key: CORS_ALLOWED_ORIGINS
38+
value: https://your-dev-frontend.com,http://localhost:3000,http://localhost:4200
39+
- key: CORS_ALLOWED_METHODS
40+
value: GET,POST,PUT,DELETE,OPTIONS
41+
- key: CORS_ALLOWED_HEADERS
42+
value: Accept,Authorization,Content-Type,X-Request-ID
43+
- key: CORS_EXPOSED_HEADERS
44+
value: X-Request-ID
45+
- key: CORS_ALLOW_CREDENTIALS
46+
value: "true"
47+
- key: CORS_MAX_AGE
48+
value: 86400
49+
- key: COOKIE_SECURE
50+
value: "true"
51+
- key: COOKIE_SAMESITE
52+
value: "None"
53+
- key: COOKIE_DOMAIN
54+
value: ""
55+
- key: RATE_LIMIT_ENABLED
56+
value: "true"
57+
- key: RATE_LIMIT_AUTH_PER_MINUTE
58+
value: 10
59+
- key: RATE_LIMIT_GENERAL_PER_MINUTE
60+
value: 100
61+
- key: RATE_LIMIT_BURST_SIZE
62+
value: 20
63+
- key: EXERCISEDB_ENABLED
64+
value: "true"
65+
- key: EXERCISEDB_BASE_URL
66+
value: https://exercise.hellogym.io
67+
- key: EXERCISEDB_TIMEOUT
68+
value: 30s
69+
- key: EXERCISEDB_RETRY_COUNT
70+
value: 3

0 commit comments

Comments
 (0)