egullickson/motovaultpro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7d90f4b25a786c9bba5638c2a43a0f51582c536e
motovaultpro/docker-compose.blue-green.yml
Eric Gullickson 853a075e8b
All checks were successful
Deploy to Staging / Build Images (push) Successful in 39s
Details
Deploy to Staging / Deploy to Staging (push) Successful in 52s
Details
Deploy to Staging / Verify Staging (push) Successful in 9s
Details
Deploy to Staging / Notify Staging Ready (push) Successful in 8s
Details
Deploy to Staging / Notify Staging Failure (push) Has been skipped
Details
chore: centralize docker-compose variables into .env 
Stripe Price IDs were hardcoded and duplicated across 4 compose files.
Log levels were hardcoded per-overlay instead of using generate-log-config.sh.
This refactors all environment-specific variables into a single .env file
that CI/CD generates from Gitea repo variables + generate-log-config.sh.

- Add .env.example template with documented variables
- Replace hardcoded values with ${VAR:-default} substitution in base compose
- Simplify prod overlay from 90 to 32 lines (remove redundant env blocks)
- Add YAML anchors to blue-green overlay (eliminate blue/green duplication)
- Remove redundant OCR env block from staging overlay
- Change generate-log-config.sh to output to stdout (pipe into .env)
- Update staging/production CI/CD to generate .env with Stripe + log vars
- Remove dangerous pk_live_ default from VITE_STRIPE_PUBLISHABLE_KEY

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 19:57:36 -06:00

193 lines
6.8 KiB
YAML
Raw Blame History

# Blue-Green Deployment Overlay for MotoVaultPro
# Usage: docker compose -f docker-compose.yml -f docker-compose.blue-green.yml up -d
#
# This overlay defines blue and green stacks that share the same database layer.
# Traffic routing is handled by Traefik's weighted load balancer.
#
# Stack naming:
# BLUE: mvp-frontend-blue, mvp-backend-blue
# GREEN: mvp-frontend-green, mvp-backend-green
#
# Shared services (from base compose):
# mvp-traefik, mvp-postgres, mvp-redis
# ========================================
# Extension fields (YAML anchors for DRY)
# ========================================
x-frontend-env: &frontend-env
VITE_API_BASE_URL: /api
VITE_AUTH0_DOMAIN: ${VITE_AUTH0_DOMAIN:-motovaultpro.us.auth0.com}
VITE_AUTH0_CLIENT_ID: ${VITE_AUTH0_CLIENT_ID:-yspR8zdnSxmV8wFIghHynQ08iXAPoQJ3}
VITE_AUTH0_AUDIENCE: ${VITE_AUTH0_AUDIENCE:-https://api.motovaultpro.com}
SECRETS_DIR: /run/secrets
x-frontend-volumes: &frontend-volumes
- ./secrets/app/google-maps-api-key.txt:/run/secrets/google-maps-api-key:ro
- ./secrets/app/google-maps-map-id.txt:/run/secrets/google-maps-map-id:ro
x-frontend-healthcheck: &frontend-healthcheck
test: ["CMD-SHELL", "curl -sf http://localhost:3000 || exit 1"]
interval: 5s
timeout: 5s
retries: 3
start_period: 10s
x-backend-env: &backend-env
NODE_ENV: production
CONFIG_PATH: /app/config/production.yml
SECRETS_DIR: /run/secrets
LOG_LEVEL: ${BACKEND_LOG_LEVEL:-debug}
DATABASE_HOST: mvp-postgres
REDIS_HOST: mvp-redis
STRIPE_PRO_MONTHLY_PRICE_ID: ${STRIPE_PRO_MONTHLY_PRICE_ID:-price_1T1ZHMJXoKkh5RcKwKSSGIlR}
STRIPE_PRO_YEARLY_PRICE_ID: ${STRIPE_PRO_YEARLY_PRICE_ID:-price_1T1ZHnJXoKkh5RcKWlG2MPpX}
STRIPE_ENTERPRISE_MONTHLY_PRICE_ID: ${STRIPE_ENTERPRISE_MONTHLY_PRICE_ID:-price_1T1ZIBJXoKkh5RcKu2jyhqBN}
STRIPE_ENTERPRISE_YEARLY_PRICE_ID: ${STRIPE_ENTERPRISE_YEARLY_PRICE_ID:-price_1T1ZIQJXoKkh5RcK34YXiJQm}
x-backend-volumes: &backend-volumes
- ./config/app/production.yml:/app/config/production.yml:ro
- ./config/shared/production.yml:/app/config/shared.yml:ro
- ./secrets/app/postgres-password.txt:/run/secrets/postgres-password:ro
- ./secrets/app/auth0-client-secret.txt:/run/secrets/auth0-client-secret:ro
- ./secrets/app/google-maps-api-key.txt:/run/secrets/google-maps-api-key:ro
- ./secrets/app/google-maps-map-id.txt:/run/secrets/google-maps-map-id:ro
- ./secrets/app/resend-api-key.txt:/run/secrets/resend-api-key:ro
- ./secrets/app/auth0-management-client-id.txt:/run/secrets/auth0-management-client-id:ro
- ./secrets/app/auth0-management-client-secret.txt:/run/secrets/auth0-management-client-secret:ro
- ./secrets/app/stripe-secret-key.txt:/run/secrets/stripe-secret-key:ro
- ./secrets/app/stripe-webhook-secret.txt:/run/secrets/stripe-webhook-secret:ro
- ./data/documents:/app/data/documents
- ./data/backups:/app/data/backups
x-backend-healthcheck: &backend-healthcheck
test:
- CMD-SHELL
- node -e "require('http').get('http://localhost:3001/health', r => process.exit(r.statusCode===200?0:1)).on('error', () => process.exit(1))"
interval: 5s
timeout: 5s
retries: 5
start_period: 180s
services:
# ========================================
# BLUE Stack - Frontend
# ========================================
mvp-frontend-blue:
image: ${FRONTEND_IMAGE:-git.motovaultpro.com/egullickson/frontend:latest}
container_name: mvp-frontend-blue
restart: unless-stopped
environment: *frontend-env
volumes: *frontend-volumes
networks:
- frontend
depends_on:
- mvp-backend-blue
healthcheck: *frontend-healthcheck
deploy:
resources:
limits:
memory: 512M
labels:
- "traefik.enable=true"
- "traefik.docker.network=motovaultpro_frontend"
- "com.motovaultpro.stack=blue"
- "com.motovaultpro.service=frontend"
# ========================================
# BLUE Stack - Backend
# ========================================
mvp-backend-blue:
image: ${BACKEND_IMAGE:-git.motovaultpro.com/egullickson/backend:latest}
container_name: mvp-backend-blue
restart: unless-stopped
environment: *backend-env
volumes: *backend-volumes
networks:
- backend
- database
depends_on:
- mvp-postgres
- mvp-redis
healthcheck: *backend-healthcheck
deploy:
resources:
limits:
memory: 1G
labels:
- "traefik.enable=true"
- "traefik.docker.network=motovaultpro_backend"
- "com.motovaultpro.stack=blue"
- "com.motovaultpro.service=backend"
# ========================================
# GREEN Stack - Frontend
# ========================================
mvp-frontend-green:
image: ${FRONTEND_IMAGE:-git.motovaultpro.com/egullickson/frontend:latest}
container_name: mvp-frontend-green
restart: unless-stopped
environment: *frontend-env
volumes: *frontend-volumes
networks:
- frontend
depends_on:
- mvp-backend-green
healthcheck: *frontend-healthcheck
deploy:
resources:
limits:
memory: 512M
labels:
- "traefik.enable=true"
- "traefik.docker.network=motovaultpro_frontend"
- "com.motovaultpro.stack=green"
- "com.motovaultpro.service=frontend"
# ========================================
# GREEN Stack - Backend
# ========================================
mvp-backend-green:
image: ${BACKEND_IMAGE:-git.motovaultpro.com/egullickson/backend:latest}
container_name: mvp-backend-green
restart: unless-stopped
environment: *backend-env
volumes: *backend-volumes
networks:
- backend
- database
depends_on:
- mvp-postgres
- mvp-redis
healthcheck: *backend-healthcheck
deploy:
resources:
limits:
memory: 1G
labels:
- "traefik.enable=true"
- "traefik.docker.network=motovaultpro_backend"
- "com.motovaultpro.stack=green"
- "com.motovaultpro.service=backend"
# ========================================
# Shared Service - OCR Processing
# ========================================
mvp-ocr:
image: ${OCR_IMAGE:-git.motovaultpro.com/egullickson/ocr:latest}
volumes:
- ./secrets/app/auth0-ocr-client-id.txt:/run/secrets/auth0-ocr-client-id:ro
- ./secrets/app/auth0-ocr-client-secret.txt:/run/secrets/auth0-ocr-client-secret:ro
- ./secrets/app/google-wif-config.json:/run/secrets/google-wif-config.json:ro
# ========================================
# Override Traefik to add dynamic config
# ========================================
mvp-traefik:
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./config/traefik/traefik.yml:/etc/traefik/traefik.yml:ro
- ./config/traefik/dynamic:/etc/traefik/dynamic:ro
- ./certs:/certs:ro
- ./data/traefik:/data
- ./secrets/app/cloudflare-dns-token.txt:/run/secrets/cloudflare-dns-token:ro
Reference in New Issue View Git Blame Copy Permalink