egullickson/motovaultpro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Docker / k8s network configuration

Browse Source
This commit is contained in:
Eric Gullickson
2025-11-07 08:16:35 -06:00
parent d30c2bad8f
commit 060867e796
2 changed files with 13 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
.env.development
View File

@@ -1,20 +0,0 @@
# Development Environment Variables
# This file is for local development only - NOT for production k8s deployment
# In k8s, these values come from ConfigMaps and Secrets
# Frontend Vite Configuration (build-time only)
VITE_AUTH0_DOMAIN=motovaultpro.us.auth0.com
VITE_AUTH0_CLIENT_ID=yspR8zdnSxmV8wFIghHynQ08iXAPoQJ3
VITE_AUTH0_AUDIENCE=https://api.motovaultpro.com
VITE_API_BASE_URL=/api
# Docker Compose Development Configuration
# These variables are used by docker-compose for container build args only
AUTH0_DOMAIN=motovaultpro.us.auth0.com
AUTH0_CLIENT_ID=yspR8zdnSxmV8wFIghHynQ08iXAPoQJ3
AUTH0_AUDIENCE=https://api.motovaultpro.com
# NOTE: Backend services no longer use this file
# Backend configuration comes from:
# - /app/config/production.yml (non-sensitive config)
# - /run/secrets/ (sensitive secrets)

16
docker-compose.yml
View File

@@ -17,8 +17,9 @@ services:
- ./certs:/certs:ro - ./certs:/certs:ro
- traefik_data:/data - traefik_data:/data
networks: networks:
- frontend frontend:
- backend ipv4_address: 10.96.1.50
backend:
healthcheck: healthcheck:
test: ["CMD", "traefik", "healthcheck"] test: ["CMD", "traefik", "healthcheck"]
interval: 30s interval: 30s
@@ -180,11 +181,14 @@ services:
timeout: 5s timeout: 5s
retries: 5 retries: 5
# Network Definition - Simplified # Network Definition
networks: networks:
frontend: frontend:
driver: bridge driver: bridge
internal: false # Only for Traefik public access internal: false # Only for Traefik public access
ipam:
config:
- subnet: 10.96.1.0/24
labels: labels:
- "com.motovaultpro.network=frontend" - "com.motovaultpro.network=frontend"
- "com.motovaultpro.purpose=public-traffic-only" - "com.motovaultpro.purpose=public-traffic-only"
@@ -192,6 +196,9 @@ networks:
backend: backend:
driver: bridge driver: bridge
internal: false # Needs external access for Auth0 JWT validation internal: false # Needs external access for Auth0 JWT validation
ipam:
config:
- subnet: 10.96.20.0/24
labels: labels:
- "com.motovaultpro.network=backend" - "com.motovaultpro.network=backend"
- "com.motovaultpro.purpose=api-services" - "com.motovaultpro.purpose=api-services"
@@ -199,6 +206,9 @@ networks:
database: database:
driver: bridge driver: bridge
internal: true # Data isolation internal: true # Data isolation
ipam:
config:
- subnet: 10.96.64.0/24
labels: labels:
- "com.motovaultpro.network=database" - "com.motovaultpro.network=database"
- "com.motovaultpro.purpose=data-layer" - "com.motovaultpro.purpose=data-layer"