1d42be9882
All checks were successful
CI / Unit & Component Tests (pull_request) Successful in 3m19s
CI / OCR Service Tests (pull_request) Successful in 16s
CI / Backend Unit Tests (pull_request) Successful in 4m28s
CI / fail2ban Regex (pull_request) Successful in 39s
CI / Compose Bucket Idempotency (pull_request) Successful in 55s
Creates the skeleton observability stack (no running services yet) that all
subsequent Grafana LGTM + GlitchTip issues depend on:
- docker-compose.observability.yml: external archiv-net join, obs-net bridge,
named volumes for all five services, placeholder comments for each service
group (Metrics/Logs/Traces/Dashboards/Error Tracking), startup-order note
- infra/observability/{prometheus,loki,promtail,tempo,grafana/provisioning/{datasources,dashboards}}/.gitkeep
- .env.example: new # --- Observability --- section with PORT_GRAFANA,
PORT_GLITCHTIP, PORT_PROMETHEUS, GLITCHTIP_DOMAIN, GLITCHTIP_SECRET_KEY
(with generation hint), SENTRY_DSN, VITE_SENTRY_DSN
Verified: docker compose -f docker-compose.observability.yml config exits 0
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
62 lines
2.2 KiB
Plaintext
62 lines
2.2 KiB
Plaintext
# Datenbank (PostgreSQL)
|
|
POSTGRES_USER=archive_user
|
|
POSTGRES_PASSWORD=change-me
|
|
POSTGRES_DB=family_archive_db
|
|
|
|
# Object Storage (MinIO)
|
|
MINIO_ROOT_USER=minio_admin
|
|
MINIO_ROOT_PASSWORD=change-me
|
|
MINIO_DEFAULT_BUCKETS=archive-documents
|
|
|
|
# Ports (für Zugriff vom Host/NAS)
|
|
PORT_DB=5432
|
|
PORT_MINIO_API=9000
|
|
PORT_MINIO_CONSOLE=9001
|
|
PORT_BACKEND=8080
|
|
PORT_FRONTEND=5173
|
|
|
|
# Mailpit — local mail catcher (dev only, included in docker-compose)
|
|
# Web UI: http://localhost:8025
|
|
# SMTP: localhost:1025 (used automatically by the backend container)
|
|
PORT_MAILPIT_UI=8100
|
|
PORT_MAILPIT_SMTP=1025
|
|
|
|
# OCR Training — secret token required to call /train and /segtrain on the OCR service.
|
|
# Also set in the backend so it can pass the token through. Must not be empty in production.
|
|
# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
|
|
OCR_TRAINING_TOKEN=change-me-in-production
|
|
|
|
# --- Observability ---
|
|
# Optional stack — start with: docker compose -f docker-compose.observability.yml up -d
|
|
# Requires the main stack to already be running (docker compose up -d creates archiv-net).
|
|
|
|
# Ports for host access
|
|
PORT_GRAFANA=3001
|
|
PORT_GLITCHTIP=3002
|
|
PORT_PROMETHEUS=9090
|
|
|
|
# GlitchTip domain — production: use https://grafana.raddatz.cloud (must match Caddy vhost)
|
|
GLITCHTIP_DOMAIN=http://localhost:3002
|
|
|
|
# GlitchTip secret key — Django SECRET_KEY equivalent, used to sign sessions and tokens.
|
|
# REQUIRED in production — must not be empty or 'changeme'. Fail-closed: GlitchTip will
|
|
# refuse to start with an invalid key.
|
|
# Generate with: python3 -c "import secrets; print(secrets.token_hex(50))"
|
|
GLITCHTIP_SECRET_KEY=changeme-generate-a-real-secret
|
|
|
|
# Error reporting DSNs — leave empty to disable the SDK (safe default).
|
|
# SENTRY_DSN: backend (Spring Boot) — used by the GlitchTip/Sentry Java SDK
|
|
SENTRY_DSN=
|
|
# VITE_SENTRY_DSN: frontend (SvelteKit) — injected at build time via Vite
|
|
VITE_SENTRY_DSN=
|
|
|
|
# Production SMTP — uncomment and fill in to send real emails instead of catching them
|
|
# APP_BASE_URL=https://your-domain.example.com
|
|
# MAIL_HOST=smtp.example.com
|
|
# MAIL_PORT=587
|
|
# MAIL_USERNAME=your-smtp-user
|
|
# MAIL_PASSWORD=your-smtp-password
|
|
# MAIL_SMTP_AUTH=true
|
|
# MAIL_STARTTLS_ENABLE=true
|
|
# APP_MAIL_FROM=noreply@your-domain.example.com
|