soroush.asadi
9765491f6f
CI/CD / CI · API (dotnet build + test) (push) Successful in 41s
CI/CD / CI · Admin API (dotnet build) (push) Successful in 29s
CI/CD / CI · Dashboard (tsc) (push) Successful in 1m7s
CI/CD / CI · Admin Web (tsc) (push) Successful in 38s
CI/CD / CI · Website (tsc) (push) Successful in 45s
CI/CD / CI · Koja (tsc) (push) Successful in 51s
CI/CD / Deploy · all services (push) Successful in 1m31s
Production-readiness audit fixes — every mock fallback is now gated on IsDevelopment; in production these paths fail loudly instead: - ZarinPal/Tara/SnappPay init: missing credentials returned a MOCK payment URL whose callback verified as paid — a café could activate a paid plan without paying. Now: "Payment gateway is not configured." - Tara/SnappPay verify: a forged MOCK-* trace/token on the callback was accepted as a verified payment in any environment. Now rejected outside Development. - Taraz (سامانه مودیان): returned a fake MOCK-TARAZ tracking code as if invoices reached the tax authority. Now returns an honest error (the real integration is not built yet). - Admin integrations: NextPay/Vandar removed — they were listed but have no gateway implementation (selecting them silently used ZarinPal). - docker-compose: ASPNETCORE_ENVIRONMENT default flipped Development → Production so a missing env var can never run prod in dev mode. 86 tests pass. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
71 lines
2.5 KiB
YAML
71 lines
2.5 KiB
YAML
# Meezi admin stack — overlay on top of main compose
|
|
#
|
|
# Requires main stack (postgres + redis) to be running.
|
|
# Usage:
|
|
# docker compose -f docker-compose.yml -f docker-compose.admin.yml up -d --build
|
|
#
|
|
# URLs:
|
|
# Admin panel http://SERVER:3102/fa/admin/login
|
|
# Admin API http://SERVER:5081/swagger
|
|
|
|
services:
|
|
admin-api:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/admin-api/Dockerfile
|
|
extra_hosts:
|
|
- "mirror:host-gateway"
|
|
args:
|
|
DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-mirror.soroushasadi.com/dotnet/sdk:10.0}
|
|
DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-mirror.soroushasadi.com/dotnet/aspnet:10.0}
|
|
container_name: meezi-admin-api
|
|
restart: unless-stopped
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_healthy
|
|
environment:
|
|
ASPNETCORE_ENVIRONMENT: "${ASPNETCORE_ENVIRONMENT:-Production}"
|
|
ASPNETCORE_URLS: http://+:8080
|
|
RUN_MIGRATIONS: "${RUN_MIGRATIONS:-true}"
|
|
ConnectionStrings__DefaultConnection: "${DB_CONNECTION_STRING:-Host=postgres;Port=5432;Database=meezi;Username=meezi;Password=meezi_local_pass}"
|
|
ConnectionStrings__Redis: redis:6379
|
|
Jwt__Key: "${JWT_KEY:-dev-jwt-key-CHANGE-THIS-IN-PRODUCTION-min32chars}"
|
|
Cors__Origins__0: "${CORS_ADMIN_ORIGIN_0:-http://localhost:3102}"
|
|
Cors__Origins__1: "${CORS_ORIGIN_0:-http://localhost:3101}"
|
|
Kavenegar__ApiKey: "${KAVENEGAR_API_KEY:-}"
|
|
Kavenegar__SenderNumber: "${KAVENEGAR_SENDER:-90005671}"
|
|
Seed__SystemAdminPhone: "${SEED_ADMIN_PHONE:-}"
|
|
Seed__SystemAdminUsername: "${SEED_ADMIN_USERNAME:-admin}"
|
|
Seed__SystemAdminPassword: "${SEED_ADMIN_PASSWORD:-}"
|
|
ports:
|
|
- "${ADMIN_API_PORT:-5081}:8080"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "bash -c 'cat </dev/null >/dev/tcp/127.0.0.1/8080' || exit 1"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 12
|
|
start_period: 40s
|
|
|
|
admin-web:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/admin-web/Dockerfile
|
|
extra_hosts:
|
|
- "mirror:host-gateway"
|
|
args:
|
|
NODE_IMAGE: ${NODE_IMAGE:-mirror.soroushasadi.com/node:20-alpine}
|
|
NPM_REGISTRY: ${NPM_REGISTRY:-https://mirror.soroushasadi.com/repository/npm-group/}
|
|
NEXT_PUBLIC_ADMIN_API_URL: ${NEXT_PUBLIC_ADMIN_API_URL:-http://localhost:5081}
|
|
container_name: meezi-admin-web
|
|
restart: unless-stopped
|
|
depends_on:
|
|
admin-api:
|
|
condition: service_healthy
|
|
environment:
|
|
PORT: "3000"
|
|
HOSTNAME: 0.0.0.0
|
|
ports:
|
|
- "${ADMIN_WEB_PORT:-3102}:3000"
|