Simplify Docker Compose to single-file architecture

- Convert multi-file overlay approach to single docker-compose.yml - Use environment variables for dev/production differences - Remove complex network configuration conflicts - Align with framework principles: simplicity over complexity - Production config via .env.production file Benefits: - No more network subnet conflicts - Single source of truth - Framework-compliant architecture - Easier maintenance and debugging Related: #19 Docker network conflict resolution
2025-09-12 23:36:05 +02:00
parent e30753ba0e
commit 9526034e18
4 changed files with 299 additions and 18 deletions
--- a/.env.production
+++ b/.env.production
@@ -24,6 +24,55 @@ SECURITY_RATE_LIMIT_PER_MINUTE=30
 SECURITY_RATE_LIMIT_BURST=5
 SESSION_LIFETIME=1800

+# Docker Production Configuration
+RESTART_POLICY=always
+VOLUME_MODE=ro
+LOG_DRIVER=json-file
+LOG_MAX_SIZE=10m
+LOG_MAX_FILE=3
+LOG_LABELS=environment=production
+
+# PHP Production Settings
+PHP_USER=www-data:www-data
+PHP_IDE_CONFIG=""
+XDEBUG_MODE=off
+COMPOSER_INSTALL_FLAGS=--no-dev --optimize-autoloader --classmap-authoritative
+
+# Resource Limits (Production)
+WEB_MEMORY_LIMIT=256M
+WEB_CPU_LIMIT=0.5
+WEB_MEMORY_RESERVATION=128M
+WEB_CPU_RESERVATION=0.25
+
+PHP_MEMORY_LIMIT=512M
+PHP_CPU_LIMIT=1.0
+PHP_MEMORY_RESERVATION=256M
+PHP_CPU_RESERVATION=0.5
+
+DB_MEMORY_LIMIT=1G
+DB_CPU_LIMIT=1.0
+DB_MEMORY_RESERVATION=512M
+DB_CPU_RESERVATION=0.5
+
+REDIS_MEMORY_LIMIT=256M
+REDIS_CPU_LIMIT=0.5
+REDIS_MEMORY_RESERVATION=128M
+REDIS_CPU_RESERVATION=0.25
+
+# Network Security (Production)
+NETWORK_BACKEND_INTERNAL=true
+NETWORK_CACHE_INTERNAL=true
+
+# Production-specific configs
+DB_PORT=
+REDIS_CONFIG_PATH=./docker/redis/redis-secure.conf
+DB_CONFIG_PATH=./docker/mysql/conf.d/security.cnf
+HEALTHCHECK_START_PERIOD=30s
+
+# Production ports (only HTTPS)
+APP_PORT=
+APP_SSL_PORT=443
+
 # External APIs (Production)
 SHOPIFY_WEBHOOK_SECRET=SECURE_WEBHOOK_SECRET_HERE
 RAPIDMAIL_USERNAME=production_username