From d9ff6d640d860fa85feb037004bcd7f36ebe9539 Mon Sep 17 00:00:00 2001 From: Marc Mintel Date: Fri, 6 Feb 2026 19:23:35 +0100 Subject: [PATCH] feat: Configure Traefik to use the infra network for services, add an internal Directus URL, and enhance Directus and Gatekeeper configurations. --- .gitea/workflows/deploy.yml | 1 + docker-compose.yaml | 15 +++++++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 01de540..e813e82 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -195,6 +195,7 @@ jobs: # Directus DIRECTUS_URL=${{ needs.prepare.outputs.directus_url }} DIRECTUS_HOST=${{ needs.prepare.outputs.directus_host }} + INTERNAL_DIRECTUS_URL=http://directus:8055 DIRECTUS_API_TOKEN=${{ secrets.DIRECTUS_API_TOKEN || vars.DIRECTUS_API_TOKEN }} DIRECTUS_ADMIN_EMAIL=${{ secrets.DIRECTUS_ADMIN_EMAIL || vars.DIRECTUS_ADMIN_EMAIL || 'admin@mintel.me' }} DIRECTUS_ADMIN_PASSWORD=${{ secrets.DIRECTUS_ADMIN_PASSWORD || vars.DIRECTUS_ADMIN_PASSWORD }} diff --git a/docker-compose.yaml b/docker-compose.yaml index 9babe4c..f5fd200 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -14,6 +14,7 @@ services: - "traefik.http.routers.${PROJECT_NAME}.tls=true" - "traefik.http.services.${PROJECT_NAME}.loadbalancer.server.port=3000" - "traefik.http.routers.${PROJECT_NAME}.middlewares=${PROJECT_NAME}-auth" + - "traefik.docker.network=infra" # Gatekeeper Router (Shared Host + dedicated Subdomain) - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.rule=(Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`) && PathPrefix(`/gatekeeper`)) || Host(`gatekeeper.${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)" @@ -22,13 +23,14 @@ services: - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.tls=true" - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.service=${PROJECT_NAME}-gatekeeper" - # Auth Middleware Definition - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.address=http://${PROJECT_NAME}-gatekeeper:3000/api/verify" - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.trustForwardHeader=true" - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.authResponseHeaders=X-Auth-User" + - "traefik.docker.network=infra" gatekeeper: image: registry.infra.mintel.me/mintel/gatekeeper:latest + container_name: ${PROJECT_NAME:-mb-grid-solutions}-gatekeeper restart: always networks: infra: @@ -41,11 +43,14 @@ services: PROJECT_NAME: ${PROJECT_NAME:-MB Grid Solutions} PROJECT_COLOR: ${PROJECT_COLOR:-#82ed20} COOKIE_DOMAIN: ${COOKIE_DOMAIN:-.mb-grid-solutions.com} + AUTH_COOKIE_NAME: ${AUTH_COOKIE_NAME:-mintel_gatekeeper_session} + GATEKEEPER_PASSWORD: ${GATEKEEPER_PASSWORD:-mintel} # Dedicated Base URL for Gatekeeper subdomain to prevent redirect loops NEXT_PUBLIC_BASE_URL: https://gatekeeper.${TRAEFIK_HOST:-mb-grid-solutions.localhost} labels: - "traefik.enable=true" - "traefik.http.services.${PROJECT_NAME}-gatekeeper.loadbalancer.server.port=3000" + - "traefik.docker.network=infra" directus: image: directus/directus:11 @@ -68,6 +73,10 @@ services: DB_DATABASE: ${DIRECTUS_DB_NAME:-directus} DB_USER: ${DIRECTUS_DB_USER:-directus} DB_PASSWORD: ${DIRECTUS_DB_PASSWORD:-directus} + # Telemetry & Performance + LOGGER_LEVEL: ${LOG_LEVEL:-info} + SENTRY_DSN: ${SENTRY_DSN} + SENTRY_ENVIRONMENT: ${TARGET:-development} volumes: - ./directus/uploads:/directus/uploads - ./directus/extensions:/directus/extensions @@ -77,8 +86,10 @@ services: - "traefik.http.routers.${PROJECT_NAME}-directus.entrypoints=websecure" - "traefik.http.routers.${PROJECT_NAME}-directus.tls.certresolver=le" - "traefik.http.routers.${PROJECT_NAME}-directus.tls=true" - - "traefik.http.routers.${PROJECT_NAME}-directus.middlewares=${PROJECT_NAME}-auth" + - "traefik.http.routers.${PROJECT_NAME}-directus.middlewares=${PROJECT_NAME}-forward,compress" - "traefik.http.services.${PROJECT_NAME}-directus.loadbalancer.server.port=8055" + - "traefik.http.middlewares.${PROJECT_NAME}-forward.headers.customrequestheaders.X-Forwarded-Proto=https" + - "traefik.docker.network=infra" directus-db: image: postgres:15-alpine