feat: update deployment configuration and encrypted env loader

- Update Ansible playbooks and roles for application deployment - Add new Gitea/Traefik troubleshooting playbooks - Update Docker Compose configurations (base, local, staging, production) - Enhance EncryptedEnvLoader with improved error handling - Add deployment scripts (autossh setup, migration, secret testing) - Update CI/CD workflows and documentation - Add Semaphore stack configuration
2025-11-02 20:38:06 +01:00
parent 7b7f0b41d2
commit 24cbbccf4c
44 changed files with 5280 additions and 276 deletions
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -0,0 +1,158 @@
+# Local Development Override
+# Usage: docker-compose -f docker-compose.base.yml -f docker-compose.local.yml up
+#
+# This file overrides base configuration with local development settings:
+# - Development ports (8888:80, 8443:443, 5433:5432)
+# - Host-mounted volumes for live code editing
+# - Debug flags enabled (APP_DEBUG, Xdebug)
+# - Development-friendly restart policies
+
+services:
+  web:
+    container_name: web
+    ports:
+      - "8888:80"
+      - "8443:443"
+    environment:
+      - APP_ENV=${APP_ENV:-development}
+    volumes:
+      - ./:/var/www/html:${VOLUME_MODE:-cached}
+      - ./ssl:/var/www/ssl:ro
+    restart: ${RESTART_POLICY:-unless-stopped}
+    # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local
+    # Environment variables are loaded by EncryptedEnvLoader in the PHP application
+    logging:
+      driver: "${LOG_DRIVER:-local}"
+      options:
+        max-size: "${LOG_MAX_SIZE:-5m}"
+        max-file: "${LOG_MAX_FILE:-2}"
+    healthcheck:
+      start_period: ${HEALTHCHECK_START_PERIOD:-10s}
+    deploy:
+      resources:
+        limits:
+          memory: ${WEB_MEMORY_LIMIT:-256M}
+          cpus: ${WEB_CPU_LIMIT:-0.5}
+        reservations:
+          memory: ${WEB_MEMORY_RESERVATION:-128M}
+          cpus: ${WEB_CPU_RESERVATION:-0.25}
+
+  php:
+    container_name: php
+    user: "${PHP_USER:-1000:1000}"
+    volumes:
+      # Host-Mounts für direkten Zugriff (Development-friendly)
+      - ./:/var/www/html:${VOLUME_MODE:-cached}
+      - ./storage/logs:/var/www/html/storage/logs:rw
+      - ./storage/uploads:/var/www/html/storage/uploads:rw
+      - ./storage/analytics:/var/www/html/storage/analytics:rw
+    environment:
+      PHP_IDE_CONFIG: "${PHP_IDE_CONFIG:-serverName=docker}"
+      APP_ENV: ${APP_ENV:-development}
+      APP_DEBUG: ${APP_DEBUG:-true}
+      XDEBUG_MODE: ${XDEBUG_MODE:-debug}
+    restart: ${RESTART_POLICY:-unless-stopped}
+    # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local
+    # Environment variables are loaded by EncryptedEnvLoader in the PHP application
+    logging:
+      driver: "${LOG_DRIVER:-local}"
+      options:
+        max-size: "${LOG_MAX_SIZE:-5m}"
+        max-file: "${LOG_MAX_FILE:-2}"
+    deploy:
+      resources:
+        limits:
+          memory: ${PHP_MEMORY_LIMIT:-512M}
+          cpus: ${PHP_CPU_LIMIT:-1.0}
+        reservations:
+          memory: ${PHP_MEMORY_RESERVATION:-256M}
+          cpus: ${PHP_CPU_RESERVATION:-0.5}
+
+  php-test:
+    volumes:
+      - ./:/var/www/html:${VOLUME_MODE:-cached}
+    # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local
+
+  db:
+    container_name: db
+    ports:
+      - "${DB_EXTERNAL_PORT:-5433}:5432"
+    restart: ${RESTART_POLICY:-unless-stopped}
+    logging:
+      driver: "${LOG_DRIVER:-local}"
+      options:
+        max-size: "${LOG_MAX_SIZE:-5m}"
+        max-file: "${LOG_MAX_FILE:-2}"
+    deploy:
+      resources:
+        limits:
+          memory: ${DB_MEMORY_LIMIT:-1G}
+          cpus: ${DB_CPU_LIMIT:-1.0}
+        reservations:
+          memory: ${DB_MEMORY_RESERVATION:-512M}
+          cpus: ${DB_CPU_RESERVATION:-0.5}
+
+  redis:
+    container_name: redis
+    restart: ${RESTART_POLICY:-unless-stopped}
+    logging:
+      driver: "${LOG_DRIVER:-local}"
+      options:
+        max-size: "${LOG_MAX_SIZE:-5m}"
+        max-file: "${LOG_MAX_FILE:-2}"
+    # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local
+    deploy:
+      resources:
+        limits:
+          memory: ${REDIS_MEMORY_LIMIT:-256M}
+          cpus: ${REDIS_CPU_LIMIT:-0.5}
+        reservations:
+          memory: ${REDIS_MEMORY_RESERVATION:-128M}
+          cpus: ${REDIS_CPU_RESERVATION:-0.25}
+
+  queue-worker:
+    container_name: queue-worker
+    user: "1000:1000"  # Same user ID as PHP container
+    volumes:
+      - ./:/var/www/html:cached
+      - ./storage/logs:/var/www/html/storage/logs:rw
+    environment:
+      - APP_ENV=${APP_ENV:-development}
+      - WORKER_DEBUG=${WORKER_DEBUG:-false}
+      - WORKER_SLEEP_TIME=${WORKER_SLEEP_TIME:-100000}
+      - WORKER_MAX_JOBS=${WORKER_MAX_JOBS:-1000}
+    restart: unless-stopped
+    # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local
+    deploy:
+      resources:
+        limits:
+          memory: 1G
+        reservations:
+          memory: 512M
+
+  minio:
+    container_name: minio
+    ports:
+      - "${MINIO_API_PORT:-9000}:9000"
+      - "${MINIO_CONSOLE_PORT:-9001}:9001"
+    restart: ${RESTART_POLICY:-unless-stopped}
+    logging:
+      driver: "${LOG_DRIVER:-local}"
+      options:
+        max-size: "${LOG_MAX_SIZE:-5m}"
+        max-file: "${LOG_MAX_FILE:-2}"
+    deploy:
+      resources:
+        limits:
+          memory: ${MINIO_MEMORY_LIMIT:-512M}
+          cpus: ${MINIO_CPU_LIMIT:-0.5}
+        reservations:
+          memory: ${MINIO_MEMORY_RESERVATION:-256M}
+          cpus: ${MINIO_CPU_RESERVATION:-0.25}
+
+networks:
+  backend:
+    internal: ${NETWORK_BACKEND_INTERNAL:-false}
+  cache:
+    internal: ${NETWORK_CACHE_INTERNAL:-false}
+