mirror of
https://github.com/DRYTRIX/TimeTracker.git
synced 2025-12-30 07:40:51 -06:00
c71d444756
- Move Docker healthcheck from Dockerfile to docker-compose files for better environment-specific configuration - Add silent flag to healthcheck curl commands to reduce log noise - Add error handling for missing link_templates table in client view - Improve offline sync date formatting with ISO 8601 conversion helper - Enhance error handlers and profile edit template This improves robustness when migrations haven't been run and provides better date handling in offline sync scenarios.
76 lines
2.7 KiB
YAML
76 lines
2.7 KiB
YAML
services:
|
|
app:
|
|
image: ghcr.io/drytrix/timetracker:development
|
|
container_name: timetracker-app-remote-dev
|
|
environment:
|
|
- TZ=${TZ:-Europe/Brussels}
|
|
- CURRENCY=${CURRENCY:-EUR}
|
|
- ROUNDING_MINUTES=${ROUNDING_MINUTES:-1}
|
|
- SINGLE_ACTIVE_TIMER=${SINGLE_ACTIVE_TIMER:-true}
|
|
- ALLOW_SELF_REGISTER=${ALLOW_SELF_REGISTER:-true}
|
|
- IDLE_TIMEOUT_MINUTES=${IDLE_TIMEOUT_MINUTES:-30}
|
|
- ADMIN_USERNAMES=${ADMIN_USERNAMES:-admin}
|
|
# IMPORTANT: Change SECRET_KEY in production! Used for sessions and CSRF tokens.
|
|
# Generate a secure key: python -c "import secrets; print(secrets.token_hex(32))"
|
|
#
|
|
# TROUBLESHOOTING: If forms fail with "CSRF token missing or invalid":
|
|
# 1. Verify SECRET_KEY is set and doesn't change between restarts
|
|
# 2. Check CSRF is enabled: WTF_CSRF_ENABLED=true
|
|
# 3. Ensure cookies are enabled in your browser
|
|
# 4. If behind a reverse proxy, ensure it forwards cookies correctly
|
|
# 5. Check the token hasn't expired (increase WTF_CSRF_TIME_LIMIT if needed)
|
|
# For details: docs/CSRF_CONFIGURATION.md
|
|
- SECRET_KEY=${SECRET_KEY:-your-secret-key-change-this}
|
|
- DATABASE_URL=postgresql+psycopg2://timetracker:timetracker@db:5432/timetracker
|
|
- LOG_FILE=/app/logs/timetracker.log
|
|
# CSRF Protection (enabled by default for security)
|
|
- WTF_CSRF_ENABLED=${WTF_CSRF_ENABLED:-true}
|
|
- WTF_CSRF_TIME_LIMIT=${WTF_CSRF_TIME_LIMIT:-3600}
|
|
# Enable secure cookies for HTTPS deployments
|
|
- SESSION_COOKIE_SECURE=${SESSION_COOKIE_SECURE:-true}
|
|
- REMEMBER_COOKIE_SECURE=${REMEMBER_COOKIE_SECURE:-true}
|
|
ports:
|
|
- "8080:8080"
|
|
volumes:
|
|
- app_data_remote_dev:/data
|
|
- app_uploads_remote_dev:/app/app/static/uploads
|
|
- ./logs:/app/logs
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "-s", "-o", "/dev/null", "http://localhost:8080/_health"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 40s
|
|
|
|
db:
|
|
image: postgres:16-alpine
|
|
container_name: timetracker-db-remote-dev
|
|
environment:
|
|
- POSTGRES_DB=${POSTGRES_DB:-timetracker}
|
|
- POSTGRES_USER=${POSTGRES_USER:-timetracker}
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-timetracker}
|
|
- TZ=${TZ:-Europe/Brussels}
|
|
volumes:
|
|
- db_data_remote_dev:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
start_period: 30s
|
|
restart: unless-stopped
|
|
|
|
volumes:
|
|
app_data_remote_dev:
|
|
driver: local
|
|
app_uploads_remote_dev:
|
|
driver: local
|
|
db_data_remote_dev:
|
|
driver: local
|
|
|
|
|