Major changes across backend, frontend, infrastructure: - Provider system with model selection (Google, DeepL, OpenAI, Ollama, Google Cloud) - Admin panel: user management, pricing, settings - Glossary system with CSV import/export - Subscription and tier quota management - Security hardening (rate limiting, API key auth, path traversal fixes) - Docker compose for dev, prod, and IONOS deployment - Alembic migrations for new tables - Frontend: dashboard, pricing page, landing page, i18n (en/fr) - Test suite and verification scripts Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
156 lines
4.6 KiB
YAML
156 lines
4.6 KiB
YAML
# ============================================================
|
|
# docker-compose.ionos.yml
|
|
# Stack production pour Ionos VPS
|
|
# Usage : docker compose -f docker-compose.ionos.yml up -d
|
|
# ============================================================
|
|
|
|
version: '3.8'
|
|
|
|
services:
|
|
|
|
# ── PostgreSQL ──────────────────────────────────────────────
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
container_name: translate-postgres
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_USER: ${POSTGRES_USER:-translate}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
POSTGRES_DB: ${POSTGRES_DB:-translate_db}
|
|
PGDATA: /var/lib/postgresql/data/pgdata
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
networks:
|
|
- internal
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-translate} -d ${POSTGRES_DB:-translate_db}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
start_period: 20s
|
|
|
|
# ── Redis ───────────────────────────────────────────────────
|
|
redis:
|
|
image: redis:7-alpine
|
|
container_name: translate-redis
|
|
restart: unless-stopped
|
|
command: redis-server --maxmemory 256mb --maxmemory-policy allkeys-lru --save 60 1
|
|
volumes:
|
|
- redis_data:/data
|
|
networks:
|
|
- internal
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
# ── Backend FastAPI ─────────────────────────────────────────
|
|
backend:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/backend/Dockerfile
|
|
target: production
|
|
container_name: translate-backend
|
|
restart: unless-stopped
|
|
env_file: .env
|
|
environment:
|
|
DATABASE_URL: postgresql+asyncpg://${POSTGRES_USER:-translate}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB:-translate_db}
|
|
REDIS_URL: redis://redis:6379/0
|
|
ENV: production
|
|
LOG_FORMAT: json
|
|
ENABLE_HSTS: "true"
|
|
volumes:
|
|
- uploads_data:/app/uploads
|
|
- outputs_data:/app/outputs
|
|
- ./data:/app/data # users.json, provider_settings.json persistent
|
|
networks:
|
|
- internal
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 30s
|
|
|
|
# ── Frontend Next.js ────────────────────────────────────────
|
|
frontend:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/frontend/Dockerfile
|
|
target: production
|
|
args:
|
|
NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL}
|
|
container_name: translate-frontend
|
|
restart: unless-stopped
|
|
environment:
|
|
NODE_ENV: production
|
|
PORT: 3000
|
|
networks:
|
|
- internal
|
|
depends_on:
|
|
- backend
|
|
healthcheck:
|
|
test: ["CMD", "wget", "-q", "--spider", "http://localhost:3000"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
|
|
# ── Nginx + Certbot SSL ─────────────────────────────────────
|
|
nginx:
|
|
image: nginx:alpine
|
|
container_name: translate-nginx
|
|
restart: unless-stopped
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- ./docker/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
|
|
- ./docker/nginx/conf.d:/etc/nginx/conf.d:ro
|
|
- certbot_www:/var/www/certbot:ro
|
|
- certbot_certs:/etc/letsencrypt:ro
|
|
networks:
|
|
- internal
|
|
depends_on:
|
|
- backend
|
|
- frontend
|
|
healthcheck:
|
|
test: ["CMD", "nginx", "-t"]
|
|
interval: 60s
|
|
timeout: 10s
|
|
retries: 3
|
|
|
|
# ── Certbot (Let's Encrypt) ─────────────────────────────────
|
|
certbot:
|
|
image: certbot/certbot:latest
|
|
container_name: translate-certbot
|
|
volumes:
|
|
- certbot_www:/var/www/certbot
|
|
- certbot_certs:/etc/letsencrypt
|
|
# Renouvellement automatique toutes les 12h
|
|
entrypoint: >
|
|
/bin/sh -c "trap exit TERM;
|
|
while :; do
|
|
certbot renew --webroot -w /var/www/certbot --quiet;
|
|
sleep 12h & wait $${!};
|
|
done"
|
|
networks:
|
|
- internal
|
|
|
|
volumes:
|
|
postgres_data:
|
|
redis_data:
|
|
uploads_data:
|
|
outputs_data:
|
|
certbot_www:
|
|
certbot_certs:
|
|
|
|
networks:
|
|
internal:
|
|
driver: bridge
|