Initial import

2026-03-10 14:03:52 +03:00
commit 6c0ca4e28b
102 changed files with 6598 additions and 0 deletions
--- a/infra/AGENTS.md
+++ b/infra/AGENTS.md
@@ -0,0 +1,14 @@
+# AGENTS.md
+
+## Scope
+Applies within `infra/`.
+
+## Responsibilities
+- Docker Compose templates
+- reverse-proxy configuration
+- deploy-facing config examples
+
+## Rules
+- Keep the single-VPS Compose deployment as the primary target until product scope changes.
+- Do not assume Kubernetes or multi-host orchestration.
+- Document every externally exposed port and persistent volume.
--- a/infra/caddy/Caddyfile
+++ b/infra/caddy/Caddyfile
@@ -0,0 +1,8 @@
+# Placeholder reverse-proxy config for the future Docker Compose deployment.
+# Replace example.com and upstream targets during implementation.
+
+example.com {
+  encode zstd gzip
+
+  reverse_proxy web:3000
+}
--- a/infra/compose/README.md
+++ b/infra/compose/README.md
@@ -0,0 +1,17 @@
+# infra/compose
+
+Deployment templates for the chosen single-VPS Docker Compose target.
+
+## Services
+- `migrate`
+- `web`
+- `worker`
+- `bot`
+- `postgres`
+- `caddy`
+- optional `minio`
+
+## Current state
+- Runtime images now build the PNPM workspace in-container.
+- Database bootstrap now runs as a one-shot `migrate` service before app startup.
+- The next schema changes should be added as versioned Prisma migrations.
--- a/infra/compose/docker-compose.example.yml
+++ b/infra/compose/docker-compose.example.yml
@@ -0,0 +1,94 @@
+name: nproxy
+
+services:
+  migrate:
+    build:
+      context: ../..
+      dockerfile: infra/docker/migrate.Dockerfile
+    env_file:
+      - ../../.env
+    depends_on:
+      postgres:
+        condition: service_healthy
+    restart: "no"
+
+  web:
+    build:
+      context: ../..
+      dockerfile: infra/docker/web.Dockerfile
+    env_file:
+      - ../../.env
+    depends_on:
+      migrate:
+        condition: service_completed_successfully
+      postgres:
+        condition: service_healthy
+
+  worker:
+    build:
+      context: ../..
+      dockerfile: infra/docker/worker.Dockerfile
+    env_file:
+      - ../../.env
+    depends_on:
+      migrate:
+        condition: service_completed_successfully
+      postgres:
+        condition: service_healthy
+
+  bot:
+    build:
+      context: ../..
+      dockerfile: infra/docker/bot.Dockerfile
+    env_file:
+      - ../../.env
+    depends_on:
+      migrate:
+        condition: service_completed_successfully
+      postgres:
+        condition: service_healthy
+
+  postgres:
+    image: postgres:16-alpine
+    environment:
+      POSTGRES_DB: nproxy
+      POSTGRES_USER: nproxy
+      POSTGRES_PASSWORD: nproxy
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U nproxy -d nproxy"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
+
+  caddy:
+    image: caddy:2
+    depends_on:
+      - web
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ../caddy/Caddyfile:/etc/caddy/Caddyfile:ro
+      - caddy-data:/data
+      - caddy-config:/config
+
+  minio:
+    profiles: ["local-storage"]
+    image: minio/minio:latest
+    command: server /data --console-address :9001
+    environment:
+      MINIO_ROOT_USER: ${MINIO_ROOT_USER}
+      MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
+    ports:
+      - "9000:9000"
+      - "9001:9001"
+    volumes:
+      - minio-data:/data
+
+volumes:
+  postgres-data:
+  caddy-data:
+  caddy-config:
+  minio-data:
--- a/infra/docker/README.md
+++ b/infra/docker/README.md
@@ -0,0 +1,13 @@
+# infra/docker
+
+Docker build definitions for the single-VPS Compose topology.
+
+## Implemented in this iteration
+- Workspace-aware Node 22 images for `web`, `worker`, and `bot`
+- Dedicated `migrate` image for schema bootstrap
+- `corepack` + `pnpm` based install flow inside containers
+- TypeScript build step for each runtime before container startup
+
+## Current limitations
+- No production pruning yet
+- No `cli` image yet
--- a/infra/docker/bot.Dockerfile
+++ b/infra/docker/bot.Dockerfile
@@ -0,0 +1,32 @@
+FROM node:22-alpine
+
+ENV PNPM_HOME=/pnpm
+ENV PATH=$PNPM_HOME:$PATH
+
+RUN corepack enable
+
+WORKDIR /app
+
+COPY package.json pnpm-workspace.yaml tsconfig.base.json ./
+COPY apps/bot/package.json apps/bot/package.json
+COPY packages/config/package.json packages/config/package.json
+COPY packages/db/package.json packages/db/package.json
+COPY packages/domain/package.json packages/domain/package.json
+COPY packages/providers/package.json packages/providers/package.json
+
+RUN pnpm install --no-frozen-lockfile
+
+COPY apps/bot apps/bot
+COPY packages/config packages/config
+COPY packages/db packages/db
+COPY packages/domain packages/domain
+COPY packages/providers packages/providers
+
+RUN pnpm --filter @nproxy/config build
+RUN pnpm --filter @nproxy/domain build
+RUN pnpm --filter @nproxy/providers build
+RUN pnpm --filter @nproxy/db generate
+RUN pnpm --filter @nproxy/db build
+RUN pnpm --filter @nproxy/bot build
+
+CMD ["node", "apps/bot/dist/main.js"]
--- a/infra/docker/cli.Dockerfile
+++ b/infra/docker/cli.Dockerfile
@@ -0,0 +1,32 @@
+FROM node:22-alpine
+
+ENV PNPM_HOME=/pnpm
+ENV PATH=$PNPM_HOME:$PATH
+
+RUN corepack enable
+
+WORKDIR /app
+
+COPY package.json pnpm-workspace.yaml tsconfig.base.json ./
+COPY apps/cli/package.json apps/cli/package.json
+COPY packages/config/package.json packages/config/package.json
+COPY packages/db/package.json packages/db/package.json
+COPY packages/domain/package.json packages/domain/package.json
+COPY packages/providers/package.json packages/providers/package.json
+
+RUN pnpm install --no-frozen-lockfile
+
+COPY apps/cli apps/cli
+COPY packages/config packages/config
+COPY packages/db packages/db
+COPY packages/domain packages/domain
+COPY packages/providers packages/providers
+
+RUN pnpm --filter @nproxy/config build
+RUN pnpm --filter @nproxy/domain build
+RUN pnpm --filter @nproxy/providers build
+RUN pnpm --filter @nproxy/db generate
+RUN pnpm --filter @nproxy/db build
+RUN pnpm --filter @nproxy/cli build
+
+CMD ["node", "apps/cli/dist/main.js"]
--- a/infra/docker/migrate.Dockerfile
+++ b/infra/docker/migrate.Dockerfile
@@ -0,0 +1,26 @@
+FROM node:22-alpine
+
+ENV PNPM_HOME=/pnpm
+ENV PATH=$PNPM_HOME:$PATH
+
+RUN corepack enable
+
+WORKDIR /app
+
+COPY package.json pnpm-workspace.yaml tsconfig.base.json ./
+COPY packages/db/package.json packages/db/package.json
+COPY packages/domain/package.json packages/domain/package.json
+COPY packages/providers/package.json packages/providers/package.json
+
+RUN pnpm install --no-frozen-lockfile
+
+COPY packages/db packages/db
+COPY packages/domain packages/domain
+COPY packages/providers packages/providers
+
+RUN pnpm --filter @nproxy/domain build
+RUN pnpm --filter @nproxy/providers build
+RUN pnpm --filter @nproxy/db generate
+RUN pnpm --filter @nproxy/db build
+
+CMD ["sh", "-lc", "pnpm --filter @nproxy/db migrate:deploy && node packages/db/dist/bootstrap-main.js"]
--- a/infra/docker/web.Dockerfile
+++ b/infra/docker/web.Dockerfile
@@ -0,0 +1,34 @@
+FROM node:22-alpine
+
+ENV PNPM_HOME=/pnpm
+ENV PATH=$PNPM_HOME:$PATH
+
+RUN corepack enable
+
+WORKDIR /app
+
+COPY package.json pnpm-workspace.yaml tsconfig.base.json ./
+COPY apps/web/package.json apps/web/package.json
+COPY packages/config/package.json packages/config/package.json
+COPY packages/db/package.json packages/db/package.json
+COPY packages/domain/package.json packages/domain/package.json
+COPY packages/providers/package.json packages/providers/package.json
+
+RUN pnpm install --no-frozen-lockfile
+
+COPY apps/web apps/web
+COPY packages/config packages/config
+COPY packages/db packages/db
+COPY packages/domain packages/domain
+COPY packages/providers packages/providers
+
+RUN pnpm --filter @nproxy/config build
+RUN pnpm --filter @nproxy/domain build
+RUN pnpm --filter @nproxy/providers build
+RUN pnpm --filter @nproxy/db generate
+RUN pnpm --filter @nproxy/db build
+RUN pnpm --filter @nproxy/web build
+
+EXPOSE 3000
+
+CMD ["node", "apps/web/dist/main.js"]
--- a/infra/docker/worker.Dockerfile
+++ b/infra/docker/worker.Dockerfile
@@ -0,0 +1,32 @@
+FROM node:22-alpine
+
+ENV PNPM_HOME=/pnpm
+ENV PATH=$PNPM_HOME:$PATH
+
+RUN corepack enable
+
+WORKDIR /app
+
+COPY package.json pnpm-workspace.yaml tsconfig.base.json ./
+COPY apps/worker/package.json apps/worker/package.json
+COPY packages/config/package.json packages/config/package.json
+COPY packages/db/package.json packages/db/package.json
+COPY packages/domain/package.json packages/domain/package.json
+COPY packages/providers/package.json packages/providers/package.json
+
+RUN pnpm install --no-frozen-lockfile
+
+COPY apps/worker apps/worker
+COPY packages/config packages/config
+COPY packages/db packages/db
+COPY packages/domain packages/domain
+COPY packages/providers packages/providers
+
+RUN pnpm --filter @nproxy/config build
+RUN pnpm --filter @nproxy/domain build
+RUN pnpm --filter @nproxy/providers build
+RUN pnpm --filter @nproxy/db generate
+RUN pnpm --filter @nproxy/db build
+RUN pnpm --filter @nproxy/worker build
+
+CMD ["node", "apps/worker/dist/main.js"]