TDvorak/Trackeep
1
0
Fork 0
mirror of https://github.com/Dvorinka/Trackeep.git synced 2026-06-04 12:32:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: migrate to DragonflyDB and clean up environment configuration

Browse Source 
- Replace Redis with DragonflyDB for better performance and memory efficiency
- Remove redundant environment variables (POSTGRES_*, ENCRYPTION_KEY, OAUTH_SERVICE_URL)
- Consolidate database configuration to use single DB_* variables
- Use JWT_SECRET for both JWT tokens and encryption
- Remove PORT variable redundancy, use BACKEND_PORT consistently
- Clean up docker-compose configurations for dev/prod consistency
- Add DragonflyDB configuration with optimized memory usage
- Remove redis.conf as it's no longer needed
- Update health checks to use Redis-compatible CLI for DragonflyDB
This commit is contained in:
Tomas Dvorak
2026-03-03 12:20:08 +01:00
parent fc913b5641
commit 9a580c77d2
9 changed files with 212 additions and 508 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env.example
+14 -80
View File
@@ -1,10 +1,9 @@
# Server Configuration # Server Configuration
PORT=8080 FRONTEND_PORT=3000
BACKEND_PORT=8080
DB_PORT=5432
DRAGONFLY_PORT=6379
GIN_MODE=debug GIN_MODE=debug
READ_TIMEOUT=15s
WRITE_TIMEOUT=15s
IDLE_TIMEOUT=60s
SHUTDOWN_TIMEOUT=30s
# Database Configuration # Database Configuration
DB_TYPE=postgres DB_TYPE=postgres
@@ -15,24 +14,14 @@ DB_PASSWORD=your_password_here
DB_NAME=trackeep DB_NAME=trackeep
DB_SSL_MODE=disable DB_SSL_MODE=disable
# Docker Compose Database (used by docker-compose.yml) # DragonflyDB Configuration
POSTGRES_DB=trackeep DRAGONFLY_ADDR=dragonfly:6379
POSTGRES_USER=trackeep DRAGONFLY_PASSWORD=your_dragonfly_password_here
POSTGRES_PASSWORD=your_secure_password_here
# JWT Configuration # JWT Configuration (also used for encryption)
# JWT_SECRET is used for both JWT token signing and 2FA backup codes encryption
# Must be exactly 64 hexadecimal characters (32 bytes when decoded)
# Generate with: openssl rand -hex 32
# Or with Node.js: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
# Or with Python: python3 -c "import secrets; print(secrets.token_hex(32))"
JWT_SECRET=your_jwt_secret_here_64_hex_characters_long_exactly JWT_SECRET=your_jwt_secret_here_64_hex_characters_long_exactly
JWT_EXPIRES_IN=24h JWT_EXPIRES_IN=24h
# Encryption Configuration
# Now uses JWT_SECRET for encryption - no separate ENCRYPTION_KEY needed
# This ensures 2FA backup codes are encrypted with the same key used for JWT tokens
# File Upload Configuration # File Upload Configuration
UPLOAD_DIR=./uploads UPLOAD_DIR=./uploads
MAX_FILE_SIZE=10485760 MAX_FILE_SIZE=10485760
@@ -44,65 +33,10 @@ CORS_ALLOWED_ORIGINS=*
VITE_DEMO_MODE=false VITE_DEMO_MODE=false
# AI Services Configuration # AI Services Configuration
# AI services are now configured only within the Trackeep application SEARCH_API_PROVIDER=demo
# No environment variables needed - configure tokens and settings in the app settings SEARCH_RESULTS_LIMIT=10
# ============================================================================= # Auto Update Configuration
# REDIS CONFIGURATION (Optional but Recommended) AUTO_UPDATE_CHECK=false
# ============================================================================= UPDATE_CHECK_INTERVAL=24h
# Redis provides caching, session storage, rate limiting, and real-time features PRERELEASE_UPDATES=false
# Uncomment and configure these to enable Redis support
# REDIS_ADDR=redis:6379
# REDIS_PASSWORD=your_secure_redis_password_here
# REDIS_DB=0
# REDIS_POOL_SIZE=20
# REDIS_DIAL_TIMEOUT=5s
# REDIS_READ_TIMEOUT=3s
# REDIS_WRITE_TIMEOUT=3s
# Feature Flags - Enable/disable Redis features
# REDIS_SESSIONS_ENABLED=true
# REDIS_CACHE_ENABLED=true
# REDIS_RATELIMIT_ENABLED=true
# REDIS_PUBSUB_ENABLED=true
# Redis Memory Settings (for Docker Compose)
# REDIS_MAXMEMORY=256mb
# REDIS_MAXMEMORY_POLICY=allkeys-lru
# =============================================================================
# PERFORMANCE TUNING
# =============================================================================
# Enable these settings for better performance with Redis caching
# Cache TTL settings (in seconds)
# SEARCH_CACHE_TTL=300
# ANALYTICS_CACHE_TTL=900
# USER_CACHE_TTL=900
# SESSION_CACHE_TTL=86400 # 24 hours
# Rate limiting settings
# RATE_LIMIT_REQUESTS_PER_MINUTE=100
# RATE_LIMIT_BURST_SIZE=150
# AI_RATE_LIMIT_REQUESTS_PER_MINUTE=20
# UPLOAD_RATE_LIMIT_REQUESTS_PER_MINUTE=10
# =============================================================================
# NOTE: Redis Deployment
# =============================================================================
# To deploy with Redis, add the Redis service to your docker-compose.yml:
#
# redis:
# image: redis:7-alpine
# restart: unless-stopped
# volumes:
# - redis_data:/data
# - ./redis.conf:/usr/local/etc/redis/redis.conf:ro
# command: redis-server /usr/local/etc/redis/redis.conf
# environment:
# - REDIS_PASSWORD=${REDIS_PASSWORD}
# networks:
# - trackeep-network
#
# And add to volumes: redis_data:
backend/config/config.go
+1 -1
View File
@@ -41,7 +41,7 @@ type AppConfig struct {
func Load() *Config { func Load() *Config {
return &Config{ return &Config{
Server: ServerConfig{ Server: ServerConfig{
Port: getEnvWithDefault("PORT", "8080"), Port: getEnvWithDefault("BACKEND_PORT", getEnvWithDefault("PORT", "8080")),
ReadTimeout: getDurationEnv("READ_TIMEOUT", 15*time.Second), ReadTimeout: getDurationEnv("READ_TIMEOUT", 15*time.Second),
WriteTimeout: getDurationEnv("WRITE_TIMEOUT", 15*time.Second), WriteTimeout: getDurationEnv("WRITE_TIMEOUT", 15*time.Second),
IdleTimeout: getDurationEnv("IDLE_TIMEOUT", 60*time.Second), IdleTimeout: getDurationEnv("IDLE_TIMEOUT", 60*time.Second),
docker-compose.prod.yml
+45 -20
View File
@@ -1,31 +1,34 @@
version: '3.8'
services: services:
trackeep-frontend: trackeep-frontend:
image: 'ghcr.io/dvorinka/trackeep/frontend:latest' image: 'ghcr.io/dvorinka/trackeep/frontend:latest'
ports: ports:
- '80:80' - "${FRONTEND_PORT:-80}:80"
- '443:443' - "${HTTPS_PORT:-443}:443"
environment: environment:
- NODE_ENV=production - NODE_ENV=production
- VITE_DEMO_MODE=${VITE_DEMO_MODE:-false} - VITE_DEMO_MODE=${VITE_DEMO_MODE:-false}
- FRONTEND_PORT=${FRONTEND_PORT:-80}
- BACKEND_PORT=${BACKEND_PORT:-8080}
depends_on: depends_on:
- trackeep-backend - trackeep-backend
restart: unless-stopped restart: unless-stopped
networks: networks:
- trackeep-network - trackeep-network
healthcheck:
test: ["CMD-SHELL", "pgrep nginx > /dev/null || exit 1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 20s
trackeep-backend: trackeep-backend:
image: 'ghcr.io/dvorinka/trackeep/backend:latest' image: 'ghcr.io/dvorinka/trackeep/backend:latest'
ports: ports:
- '8080:8080' - "${BACKEND_PORT:-8080}:${BACKEND_PORT:-8080}"
environment: environment:
- PORT=${PORT:-8080} - BACKEND_PORT=${BACKEND_PORT:-8080}
- FRONTEND_PORT=${FRONTEND_PORT:-80}
- GIN_MODE=${GIN_MODE:-release} - GIN_MODE=${GIN_MODE:-release}
- READ_TIMEOUT=${READ_TIMEOUT:-15s}
- WRITE_TIMEOUT=${WRITE_TIMEOUT:-15s}
- IDLE_TIMEOUT=${IDLE_TIMEOUT:-60s}
- SHUTDOWN_TIMEOUT=${SHUTDOWN_TIMEOUT:-30s}
- DB_TYPE=${DB_TYPE:-postgres} - DB_TYPE=${DB_TYPE:-postgres}
- DB_HOST=${DB_HOST:-postgres} - DB_HOST=${DB_HOST:-postgres}
- DB_PORT=${DB_PORT:-5432} - DB_PORT=${DB_PORT:-5432}
@@ -35,19 +38,17 @@ services:
- DB_SSL_MODE=${DB_SSL_MODE:-disable} - DB_SSL_MODE=${DB_SSL_MODE:-disable}
- JWT_SECRET=${JWT_SECRET} - JWT_SECRET=${JWT_SECRET}
- JWT_EXPIRES_IN=${JWT_EXPIRES_IN:-24h} - JWT_EXPIRES_IN=${JWT_EXPIRES_IN:-24h}
- ENCRYPTION_KEY=${ENCRYPTION_KEY}
- UPLOAD_DIR=${UPLOAD_DIR:-./uploads} - UPLOAD_DIR=${UPLOAD_DIR:-./uploads}
- MAX_FILE_SIZE=${MAX_FILE_SIZE:-10485760} - MAX_FILE_SIZE=${MAX_FILE_SIZE:-10485760}
- 'CORS_ALLOWED_ORIGINS=${CORS_ALLOWED_ORIGINS:-*}' - 'CORS_ALLOWED_ORIGINS=${CORS_ALLOWED_ORIGINS:-*}'
- VITE_DEMO_MODE=${VITE_DEMO_MODE:-false} - VITE_DEMO_MODE=${VITE_DEMO_MODE:-false}
- SEARCH_API_PROVIDER=${SEARCH_API_PROVIDER:-demo} - SEARCH_API_PROVIDER=${SEARCH_API_PROVIDER:-demo}
- SEARCH_RESULTS_LIMIT=${SEARCH_RESULTS_LIMIT:-10} - SEARCH_RESULTS_LIMIT=${SEARCH_RESULTS_LIMIT:-10}
- SEARCH_CACHE_TTL=${SEARCH_CACHE_TTL:-300}
- SEARCH_RATE_LIMIT=${SEARCH_RATE_LIMIT:-100}
- 'OAUTH_SERVICE_URL=${OAUTH_SERVICE_URL:-http://localhost:9090}'
- AUTO_UPDATE_CHECK=${AUTO_UPDATE_CHECK:-false} - AUTO_UPDATE_CHECK=${AUTO_UPDATE_CHECK:-false}
- UPDATE_CHECK_INTERVAL=${UPDATE_CHECK_INTERVAL:-24h} - UPDATE_CHECK_INTERVAL=${UPDATE_CHECK_INTERVAL:-24h}
- PRERELEASE_UPDATES=${PRERELEASE_UPDATES:-false} - PRERELEASE_UPDATES=${PRERELEASE_UPDATES:-false}
- DRAGONFLY_ADDR=${DRAGONFLY_ADDR:-dragonfly:6379}
- DRAGONFLY_PASSWORD=${DRAGONFLY_PASSWORD}
volumes: volumes:
- './data:/data' - './data:/data'
- './uploads:/app/uploads' - './uploads:/app/uploads'
@@ -63,7 +64,7 @@ services:
- '--no-verbose' - '--no-verbose'
- '--tries=1' - '--tries=1'
- '--spider' - '--spider'
- 'http://localhost:8080/health' - "http://localhost:${BACKEND_PORT:-8080}/health"
interval: 30s interval: 30s
timeout: 10s timeout: 10s
retries: 3 retries: 3
@@ -71,23 +72,47 @@ services:
postgres: postgres:
image: 'postgres:15-alpine' image: 'postgres:15-alpine'
ports:
- "${DB_PORT:-5432}:5432"
environment: environment:
POSTGRES_DB: ${POSTGRES_DB:-trackeep} POSTGRES_DB: ${DB_NAME:-trackeep}
POSTGRES_USER: ${POSTGRES_USER:-trackeep} POSTGRES_USER: ${DB_USER:-trackeep}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_PASSWORD: ${DB_PASSWORD}
volumes: volumes:
- 'postgres_data:/var/lib/postgresql/data' - 'postgres_data:/var/lib/postgres/data'
restart: unless-stopped restart: unless-stopped
networks: networks:
- trackeep-network - trackeep-network
healthcheck: healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-trackeep} -d ${POSTGRES_DB:-trackeep}"] test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-trackeep} -d ${DB_NAME:-trackeep}"]
interval: 10s interval: 10s
timeout: 5s timeout: 5s
retries: 5 retries: 5
start_period: 30s
dragonfly:
image: ghcr.io/dragonflydb/dragonfly:latest
container_name: dragonfly
ports:
- "${DRAGONFLY_PORT:-6379}:6379"
volumes:
- dragonfly_data:/data
command: dragonfly --requirepass=${DRAGONFLY_PASSWORD} --proactor_threads=2
environment:
- DRAGONFLY_PASSWORD=${DRAGONFLY_PASSWORD}
restart: unless-stopped
networks:
- trackeep-network
healthcheck:
test: ["CMD-SHELL", "redis-cli -a ${DRAGONFLY_PASSWORD} ping"]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
volumes: volumes:
postgres_data: null postgres_data: null
dragonfly_data: null
networks: networks:
trackeep-network: trackeep-network:
docker-compose.redis.yml
-166
View File
@@ -1,166 +0,0 @@
# Docker Compose Override for Redis Support
#
# This file extends the base docker-compose.yml with Redis services.
#
# Usage:
# docker-compose -f docker-compose.yml -f docker-compose.redis.yml up -d
#
# Or merge into your main docker-compose.yml
version: '3.8'
services:
# Redis service for caching, sessions, and rate limiting
redis:
image: redis:7-alpine
container_name: trackeep-redis
restart: unless-stopped
volumes:
- redis_data:/data
- ./redis.conf:/usr/local/etc/redis/redis.conf:ro
command: >
sh -c "redis-server /usr/local/etc/redis/redis.conf
--requirepass $${REDIS_PASSWORD:-changeme}"
environment:
- REDIS_PASSWORD=${REDIS_PASSWORD:-changeme}
networks:
- trackeep-network
healthcheck:
test: ["CMD", "redis-cli", "-a", "${REDIS_PASSWORD:-changeme}", "ping"]
interval: 10s
timeout: 5s
retries: 3
start_period: 10s
# Security: Only expose to internal network, not external
# ports:
# - "127.0.0.1:6379:6379" # Uncomment for local debugging only
labels:
- "traefik.enable=false"
deploy:
resources:
limits:
memory: 512M
reservations:
memory: 128M
# Backend service with Redis environment variables
trackeep-backend:
environment:
# Redis Configuration
- REDIS_ADDR=${REDIS_ADDR:-redis:6379}
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_DB=${REDIS_DB:-0}
- REDIS_POOL_SIZE=${REDIS_POOL_SIZE:-20}
- REDIS_DIAL_TIMEOUT=${REDIS_DIAL_TIMEOUT:-5s}
- REDIS_READ_TIMEOUT=${REDIS_READ_TIMEOUT:-3s}
- REDIS_WRITE_TIMEOUT=${REDIS_WRITE_TIMEOUT:-3s}
# Feature Flags
- REDIS_SESSIONS_ENABLED=${REDIS_SESSIONS_ENABLED:-true}
- REDIS_CACHE_ENABLED=${REDIS_CACHE_ENABLED:-true}
- REDIS_RATELIMIT_ENABLED=${REDIS_RATELIMIT_ENABLED:-true}
- REDIS_PUBSUB_ENABLED=${REDIS_PUBSUB_ENABLED:-true}
depends_on:
redis:
condition: service_healthy
postgres:
condition: service_healthy
# Redis Commander - Optional Redis management UI
# Uncomment to enable web-based Redis management at http://localhost:8081
# redis-commander:
# image: rediscommander/redis-commander:latest
# container_name: trackeep-redis-commander
# restart: unless-stopped
# environment:
# - REDIS_HOST=redis
# - REDIS_PORT=6379
# - REDIS_PASSWORD=${REDIS_PASSWORD}
# ports:
# - "127.0.0.1:8081:8081"
# networks:
# - trackeep-network
# depends_on:
# - redis
volumes:
# Redis persistent data volume
redis_data:
driver: local
networks:
trackeep-network:
driver: bridge
# =============================================================================
# REDIS SENTINEL CONFIGURATION (For High Availability)
# =============================================================================
# Uncomment this section and comment out the single Redis instance above
# to enable Redis Sentinel for automatic failover
#
# services:
# redis-master:
# image: redis:7-alpine
# container_name: trackeep-redis-master
# volumes:
# - redis_master_data:/data
# command: >
# sh -c "redis-server
# --appendonly yes
# --maxmemory 256mb
# --maxmemory-policy allkeys-lru
# --requirepass $${REDIS_PASSWORD}"
# networks:
# - trackeep-network
#
# redis-replica-1:
# image: redis:7-alpine
# container_name: trackeep-redis-replica-1
# volumes:
# - redis_replica1_data:/data
# command: >
# sh -c "redis-server
# --appendonly yes
# --replicaof redis-master 6379
# --masterauth $${REDIS_PASSWORD}
# --requirepass $${REDIS_PASSWORD}"
# networks:
# - trackeep-network
# depends_on:
# - redis-master
#
# redis-replica-2:
# image: redis:7-alpine
# container_name: trackeep-redis-replica-2
# volumes:
# - redis_replica2_data:/data
# command: >
# sh -c "redis-server
# --appendonly yes
# --replicaof redis-master 6379
# --masterauth $${REDIS_PASSWORD}
# --requirepass $${REDIS_PASSWORD}"
# networks:
# - trackeep-network
# depends_on:
# - redis-master
#
# redis-sentinel-1:
# image: redis:7-alpine
# container_name: trackeep-sentinel-1
# command: >
# sh -c "echo 'sentinel monitor mymaster redis-master 6379 2' > /etc/sentinel.conf &&
# echo 'sentinel auth-pass mymaster $${REDIS_PASSWORD}' >> /etc/sentinel.conf &&
# echo 'sentinel down-after-milliseconds mymaster 5000' >> /etc/sentinel.conf &&
# echo 'sentinel failover-timeout mymaster 60000' >> /etc/sentinel.conf &&
# redis-sentinel /etc/sentinel.conf"
# networks:
# - trackeep-network
# depends_on:
# - redis-master
# - redis-replica-1
# - redis-replica-2
#
# volumes:
# redis_master_data:
# redis_replica1_data:
# redis_replica2_data:
docker-compose.yml
+31 -5
View File
@@ -6,9 +6,9 @@ services:
POSTGRES_USER: ${DB_USER:-trackeep} POSTGRES_USER: ${DB_USER:-trackeep}
POSTGRES_PASSWORD: ${DB_PASSWORD:?DB_PASSWORD is required} POSTGRES_PASSWORD: ${DB_PASSWORD:?DB_PASSWORD is required}
ports: ports:
- "5432:5432" - "${DB_PORT:-5432}:5432"
volumes: volumes:
- postgres_data:/var/lib/postgresql/data - postgres_data:/var/lib/postgres/data
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-trackeep} -d ${DB_NAME:-trackeep}"] test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-trackeep} -d ${DB_NAME:-trackeep}"]
@@ -17,16 +17,38 @@ services:
retries: 5 retries: 5
start_period: 30s start_period: 30s
dragonfly:
image: ghcr.io/dragonflydb/dragonfly:latest
container_name: dragonfly
ports:
- "${DRAGONFLY_PORT:-6379}:6379"
volumes:
- dragonfly_data:/data
command: dragonfly --requirepass=${DRAGONFLY_PASSWORD} --proactor_threads=2
environment:
- DRAGONFLY_PASSWORD=${DRAGONFLY_PASSWORD}
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli -a ${DRAGONFLY_PASSWORD} ping"]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
trackeep-backend: trackeep-backend:
build: build:
context: ./backend context: ./backend
dockerfile: Dockerfile dockerfile: Dockerfile
ports: ports:
- "${PORT:-8080}:8080" - "${BACKEND_PORT:-8080}:${BACKEND_PORT:-8080}"
env_file: env_file:
- .env - .env
environment: environment:
- APP_VERSION=${APP_VERSION:-1.0.0} - APP_VERSION=${APP_VERSION:-1.0.0}
- BACKEND_PORT=${BACKEND_PORT:-8080}
- FRONTEND_PORT=${FRONTEND_PORT:-8080}
- DRAGONFLY_ADDR=${DRAGONFLY_ADDR:-dragonfly:6379}
- DRAGONFLY_PASSWORD=${DRAGONFLY_PASSWORD}
volumes: volumes:
- ./data:/data - ./data:/data
- ./uploads:/app/uploads - ./uploads:/app/uploads
@@ -35,8 +57,10 @@ services:
depends_on: depends_on:
postgres: postgres:
condition: service_healthy condition: service_healthy
dragonfly:
condition: service_healthy
healthcheck: healthcheck:
test: ["CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:8080/health || wget --no-verbose --tries=1 --spider http://localhost:8080/live"] test: ["CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:${BACKEND_PORT:-8080}/health || wget --no-verbose --tries=1 --spider http://localhost:${BACKEND_PORT:-8080}/live"]
interval: 30s interval: 30s
timeout: 10s timeout: 10s
retries: 3 retries: 3
@@ -50,11 +74,12 @@ services:
- VITE_DEMO_MODE=${VITE_DEMO_MODE:-false} - VITE_DEMO_MODE=${VITE_DEMO_MODE:-false}
- VITE_API_URL=${VITE_API_URL:-http://localhost:8080} - VITE_API_URL=${VITE_API_URL:-http://localhost:8080}
ports: ports:
- "5173:80" - "${FRONTEND_PORT:-3000}:${FRONTEND_PORT:-3000}"
environment: environment:
- VITE_APP_VERSION=${APP_VERSION:-1.0.0} - VITE_APP_VERSION=${APP_VERSION:-1.0.0}
- VITE_DEMO_MODE=${VITE_DEMO_MODE:-false} - VITE_DEMO_MODE=${VITE_DEMO_MODE:-false}
- VITE_API_URL=${VITE_API_URL:-http://localhost:8080} - VITE_API_URL=${VITE_API_URL:-http://localhost:8080}
- FRONTEND_PORT=${FRONTEND_PORT:-3000}
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock # Docker socket for updates - /var/run/docker.sock:/var/run/docker.sock # Docker socket for updates
depends_on: depends_on:
@@ -70,3 +95,4 @@ services:
volumes: volumes:
postgres_data: postgres_data:
dragonfly_data:
dragonfly.conf
+112
View File
@@ -0,0 +1,112 @@
# DragonflyDB Configuration for Trackeep
#
# DragonflyDB is a modern Redis-compatible in-memory database
# Optimized for performance and lower memory usage
# =============================================================================
# NETWORK
# =============================================================================
# Accept connections on all interfaces (safe when behind Docker network)
bind 0.0.0.0
# Default port (same as Redis for compatibility)
port 6379
# TCP listen() backlog
tcp-backlog 511
# Close connection after N seconds of idle time (0 = disabled)
timeout 0
# TCP keepalive
tcp-keepalive 300
# =============================================================================
# SECURITY
# =============================================================================
# Require password for connections
# Set via environment variable: requirepass ${DRAGONFLY_PASSWORD}
requirepass dragonfly123
# Disable dangerous commands in production
rename-command FLUSHDB ""
rename-command FLUSHALL ""
rename-command CONFIG "CONFIG_9f8a2b3c"
rename-command DEBUG ""
rename-command SHUTDOWN "SHUTDOWN_7d4e1f9a"
# =============================================================================
# MEMORY MANAGEMENT
# =============================================================================
# Maximum memory limit (256MB suitable for small-medium deployments)
# DragonflyDB is more memory efficient than Redis
maxmemory 256mb
# Eviction policy when maxmemory is reached
# allkeys-lru: Remove less recently used keys first (recommended for caching)
maxmemory-policy allkeys-lru
# =============================================================================
# PERSISTENCE
# =============================================================================
# Enable AOF persistence (recommended for session durability)
appendonly yes
# AOF file name
appendfilename "appendonly.aof"
# Sync strategy: everysec (recommended balance)
appendfsync everysec
# Auto-rewrite AOF when it grows by X%
auto-aof-rewrite-percentage 100
# Minimum size before auto-rewrite
auto-aof-rewrite-min-size 64mb
# Working directory for persistence
dir /data
# =============================================================================
# CLIENTS & PERFORMANCE
# =============================================================================
# Maximum number of client connections
maxclients 10000
# Number of databases (default 16)
databases 16
# Latency monitoring
latency-monitor-threshold 100
# Slow log (log queries taking > N microseconds)
slowlog-log-slower-than 10000
# Slow log max length
slowlog-max-len 128
# =============================================================================
# LOGGING
# =============================================================================
# Log level: debug, verbose, notice, warning
loglevel notice
# Log file (empty = stdout, good for Docker)
logfile ""
# =============================================================================
# DRAGONFLYDB SPECIFIC OPTIMIZATIONS
# =============================================================================
# Enable DragonflyDB-specific optimizations
# These are automatically enabled in DragonflyDB
# Better memory management
# Improved multi-core utilization
# Enhanced performance for caching workloads
frontend/Dockerfile
+4 -5
View File
@@ -11,15 +11,14 @@ ARG VITE_API_URL=http://localhost:8080
COPY frontend/package*.json ./frontend/ COPY frontend/package*.json ./frontend/
RUN cd frontend && npm install --include=dev RUN cd frontend && npm install --include=dev
# Copy environment variables and source code # Copy frontend source code only
COPY ../.env ./frontend/.env COPY frontend/ ./frontend/
COPY . ./frontend/
# Create a .env.production file with build arguments # Create a .env.production file with build arguments
RUN cd frontend && echo "VITE_DEMO_MODE=${VITE_DEMO_MODE}" >> .env.production && \ RUN cd frontend && echo "VITE_DEMO_MODE=${VITE_DEMO_MODE}" >> .env.production && \
echo "VITE_API_URL=${VITE_API_URL}" >> .env.production echo "VITE_API_URL=${VITE_API_URL}" >> .env.production
# Build the application # Build the application (frontend only)
RUN cd frontend && npm run build RUN cd frontend && npm run build
# Production stage # Production stage
@@ -38,7 +37,7 @@ COPY frontend/nginx.conf /etc/nginx/nginx.conf
# Make a backup of the original index.html for runtime substitution # Make a backup of the original index.html for runtime substitution
RUN cp /usr/share/nginx/html/index.html /usr/share/nginx/html/index.html.orig RUN cp /usr/share/nginx/html/index.html /usr/share/nginx/html/index.html.orig
# Expose port 80 # Expose port (will be dynamically set by entrypoint)
EXPOSE 80 EXPOSE 80
# Start the entrypoint script # Start the entrypoint script
frontend/docker-entrypoint.sh
+5
View File
@@ -6,6 +6,10 @@
# Default values # Default values
DEMO_MODE=${VITE_DEMO_MODE:-false} DEMO_MODE=${VITE_DEMO_MODE:-false}
API_URL=${VITE_API_URL:-http://localhost:8080} API_URL=${VITE_API_URL:-http://localhost:8080}
FRONTEND_PORT=${FRONTEND_PORT:-3000}
# Update nginx configuration to use the dynamic port
sed -i "s/listen 80;/listen ${FRONTEND_PORT};/g" /etc/nginx/nginx.conf
# Create a temporary script for env substitution # Create a temporary script for env substitution
cat > /tmp/env_substitute.sh << 'EOF' cat > /tmp/env_substitute.sh << 'EOF'
@@ -25,6 +29,7 @@ sed -i "s|VITE_API_URL_PLACEHOLDER|$VITE_API_URL|g" $HTML_FILE
echo "Environment variables injected:" echo "Environment variables injected:"
echo "VITE_DEMO_MODE=$VITE_DEMO_MODE" echo "VITE_DEMO_MODE=$VITE_DEMO_MODE"
echo "VITE_API_URL=$VITE_API_URL" echo "VITE_API_URL=$VITE_API_URL"
echo "FRONTEND_PORT=$FRONTEND_PORT"
EOF EOF
# Make the script executable # Make the script executable
redis.conf
-231
View File
@@ -1,231 +0,0 @@
# Redis Configuration for Trackeep
#
# This configuration is optimized for a self-hosted productivity application
# with moderate concurrent user load (< 1000 users).
# =============================================================================
# NETWORK
# =============================================================================
# Accept connections on all interfaces (safe when behind Docker network)
bind 0.0.0.0
# Default port
port 6379
# TCP listen() backlog
# Increase if Redis is slow to accept connections under high load
tcp-backlog 511
# Unix socket (alternative to TCP, not used in Docker)
# unixsocket /tmp/redis.sock
# unixsocketperm 700
# Close connection after N seconds of idle time (0 = disabled)
timeout 0
# TCP keepalive
# Useful for detecting dead peers
tcp-keepalive 300
# =============================================================================
# SECURITY
# =============================================================================
# Require password for connections
# Set via environment variable: requirepass ${REDIS_PASSWORD}
# requirepass changeme
# ACL configuration (Redis 6+)
# user default on >password ~* &* +@all
# Disable dangerous commands in production
rename-command FLUSHDB ""
rename-command FLUSHALL ""
rename-command CONFIG "CONFIG_9f8a2b3c"
rename-command DEBUG ""
rename-command SHUTDOWN "SHUTDOWN_7d4e1f9a"
# =============================================================================
# MEMORY MANAGEMENT
# =============================================================================
# Maximum memory limit (256MB suitable for small-medium deployments)
# Adjust based on available RAM and usage patterns
maxmemory 256mb
# Eviction policy when maxmemory is reached
# allkeys-lru: Remove less recently used keys first (recommended for caching)
# volatile-lru: Remove less recently used keys with expire set
# allkeys-random: Random key removal
# volatile-random: Random key removal from expired set
# allkeys-lfu: Remove least frequently used keys
# volatile-lfu: Remove least frequently used keys with expire set
# volatile-ttl: Remove keys with shortest TTL
# noeviction: Return errors on write operations
maxmemory-policy allkeys-lru
# Samples for LRU/LFU eviction
# Higher = more accurate but slower
maxmemory-samples 5
# Replica ignore maxmemory (don't evict on replicas)
replica-ignore-maxmemory yes
# =============================================================================
# PERSISTENCE (RDB)
# =============================================================================
# Save to disk after N seconds if at least M keys changed
# Save every 15 minutes if at least 1 key changed
save 900 1
# Save every 5 minutes if at least 10 keys changed
save 300 10
# Save every minute if at least 10000 keys changed
save 60 10000
# Stop writes if RDB save fails
stop-writes-on-bgsave-error yes
# Compress RDB files
rdbcompression yes
# Checksum RDB files
rdbchecksum yes
# RDB file name
dbfilename dump.rdb
# Working directory for RDB/AOF
dir /data
# =============================================================================
# PERSISTENCE (AOF)
# =============================================================================
# Enable AOF persistence (recommended for session durability)
appendonly yes
# AOF file name
appendfilename "appendonly.aof"
# Sync strategy:
# always: Sync every write (safest, slowest)
# everysec: Sync once per second (recommended balance)
# no: Let OS decide when to sync (fastest, less safe)
appendfsync everysec
# Don't fsync if a bg save is in progress
no-appendfsync-on-rewrite no
# Auto-rewrite AOF when it grows by X%
auto-aof-rewrite-percentage 100
# Minimum size before auto-rewrite
auto-aof-rewrite-min-size 64mb
# Load truncated AOF on startup
aof-load-truncated yes
# Use RDB preamble in AOF for faster rewrites
aof-use-rdb-preamble yes
# =============================================================================
# REPLICATION (for future Sentinel/Cluster setup)
# =============================================================================
# Replica of another Redis instance
# replicaof <masterip> <masterport>
# Master authentication
# masterauth <master-password>
# Replica read-only (default yes)
replica-read-only yes
# Diskless replication
repl-diskless-sync no
repl-diskless-sync-delay 5
# Replica priority (lower = preferred for failover)
replica-priority 100
# =============================================================================
# CLIENTS
# =============================================================================
# Maximum number of client connections
# Increase if you have many concurrent users
maxclients 10000
# =============================================================================
# PERFORMANCE TUNING
# =============================================================================
# Number of databases (default 16)
databases 16
# Disable THP (Transparent Huge Pages)
# This should be done at OS level, but Redis warns about it
# Latency monitoring
latency-monitor-threshold 100
# Slow log (log queries taking > N microseconds)
slowlog-log-slower-than 10000
# Slow log max length
slowlog-max-len 128
# Event notification (for cache invalidation patterns)
# Enable keyspace notifications for specific events
notify-keyspace-events Ex
# =============================================================================
# LOGGING
# =============================================================================
# Log level: debug, verbose, notice, warning
loglevel notice
# Log file (empty = stdout, good for Docker)
logfile ""
# Syslog (disabled for Docker)
# syslog-enabled no
# =============================================================================
# LAZY FREEING
# =============================================================================
# Use lazy freeing for better performance
lazyfree-lazy-eviction yes
lazyfree-lazy-expire yes
lazyfree-lazy-server-del yes
replica-lazy-flush yes
# =============================================================================
# KERNEL OOM CONTROL
# =============================================================================
# Control OOM killer behavior
oom-score-adj no
oom-score-adj-values 0 200 800
# =============================================================================
# I/O THREADING (Redis 6+)
# =============================================================================
# Enable I/O threads for better multi-core utilization
# Only useful with very high load
# io-threads 4
# io-threads-do-reads yes
# =============================================================================
# APPEND ONLY (Docker-specific)
# =============================================================================
# Disable THP warning in container environment
# (Transparent Huge Pages should be disabled at host level)