From 2f95c8d9682e0bfd00892e25d5652832056f534a Mon Sep 17 00:00:00 2001 From: Marc Mintel Date: Sun, 1 Mar 2026 17:51:01 +0100 Subject: [PATCH] fix(infra): use dynamic project variables for Traefik router labels and aliases to prevent collisions --- apps/web/.turbo/turbo-lint.log | 14 +++++++- docker-compose.yml | 66 +++++++++++++++++----------------- 2 files changed, 46 insertions(+), 34 deletions(-) diff --git a/apps/web/.turbo/turbo-lint.log b/apps/web/.turbo/turbo-lint.log index 5b39b63..32001cd 100644 --- a/apps/web/.turbo/turbo-lint.log +++ b/apps/web/.turbo/turbo-lint.log @@ -55,6 +55,9 @@ /Users/marcmintel/Projects/mintel.me/apps/web/src/components/BlogOGImageTemplate.tsx 41:17 warning Using `` could result in slower LCP and higher bandwidth. Consider using `` from `next/image` or a custom image loader to automatically optimize images. This may incur additional usage or cost from your provider. See: https://nextjs.org/docs/messages/no-img-element @next/next/no-img-element +/Users/marcmintel/Projects/mintel.me/apps/web/src/components/CombinedQuotePDF.tsx + 30:9 warning 'date' is assigned a value but never used. Allowed unused vars must match /^_/u @typescript-eslint/no-unused-vars + /Users/marcmintel/Projects/mintel.me/apps/web/src/components/ComponentShareButton.tsx 126:30 warning 'e' is defined but never used. Allowed unused caught errors must match /^_/u @typescript-eslint/no-unused-vars @@ -70,6 +73,9 @@ /Users/marcmintel/Projects/mintel.me/apps/web/src/components/ContactForm/EmailTemplates.tsx 1:13 warning 'React' is defined but never used. Allowed unused vars must match /^_/u @typescript-eslint/no-unused-vars +/Users/marcmintel/Projects/mintel.me/apps/web/src/components/ContactForm/pdf/LocalEstimationPDF.tsx + 94:9 warning 'getPageNum' is assigned a value but never used. Allowed unused vars must match /^_/u @typescript-eslint/no-unused-vars + /Users/marcmintel/Projects/mintel.me/apps/web/src/components/ContactForm/steps/BaseStep.tsx 13:3 warning 'HelpCircle' is defined but never used. Allowed unused vars must match /^_/u @typescript-eslint/no-unused-vars 14:3 warning 'ArrowRight' is defined but never used. Allowed unused vars must match /^_/u @typescript-eslint/no-unused-vars @@ -160,6 +166,12 @@ 360:3 warning 'payload' is defined but never used. Allowed unused args must match /^_/u @typescript-eslint/no-unused-vars 361:3 warning 'req' is defined but never used. Allowed unused args must match /^_/u @typescript-eslint/no-unused-vars +/Users/marcmintel/Projects/mintel.me/apps/web/src/migrations/20260301_151838.ts + 3:32 warning 'payload' is defined but never used. Allowed unused args must match /^_/u @typescript-eslint/no-unused-vars + 3:41 warning 'req' is defined but never used. Allowed unused args must match /^_/u @typescript-eslint/no-unused-vars + 110:3 warning 'payload' is defined but never used. Allowed unused args must match /^_/u @typescript-eslint/no-unused-vars + 111:3 warning 'req' is defined but never used. Allowed unused args must match /^_/u @typescript-eslint/no-unused-vars + /Users/marcmintel/Projects/mintel.me/apps/web/src/payload/actions/generateField.ts 3:10 warning 'config' is defined but never used. Allowed unused vars must match /^_/u @typescript-eslint/no-unused-vars @@ -323,5 +335,5 @@ /Users/marcmintel/Projects/mintel.me/apps/web/src/payload/components/OptimizeButton.tsx 6:10 warning 'Button' is defined but never used. Allowed unused vars must match /^_/u @typescript-eslint/no-unused-vars -✖ 137 problems (0 errors, 137 warnings) +✖ 143 problems (0 errors, 143 warnings)  diff --git a/docker-compose.yml b/docker-compose.yml index 3c7a539..b52032f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,51 +10,51 @@ services: labels: - "traefik.enable=true" # HTTP ⇒ HTTPS redirect - - 'traefik.http.routers.mintel-me-web.rule=${TRAEFIK_HOST_RULE:-Host("${TRAEFIK_HOST:-mintel.localhost}")}' - - "traefik.http.routers.mintel-me-web.entrypoints=web" - # - "traefik.http.routers.mintel-me-web.middlewares=redirect-https" + - 'traefik.http.routers.${PROJECT_NAME}-web.rule=${TRAEFIK_HOST_RULE:-Host("${TRAEFIK_HOST:-mintel.localhost}")}' + - "traefik.http.routers.${PROJECT_NAME}-web.entrypoints=web" + # - "traefik.http.routers.${PROJECT_NAME}-web.middlewares=redirect-https" # HTTPS router (Standard) - - 'traefik.http.routers.mintel-me.rule=${TRAEFIK_HOST_RULE:-Host("${TRAEFIK_HOST:-mintel.localhost}")}' - - "traefik.http.routers.mintel-me.entrypoints=${TRAEFIK_ENTRYPOINT:-web}" - - "traefik.http.routers.mintel-me.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-}" - - "traefik.http.routers.mintel-me.tls=${TRAEFIK_TLS:-false}" - - "traefik.http.routers.mintel-me.service=mintel-me-app-svc" - - "traefik.http.routers.mintel-me.middlewares=${AUTH_MIDDLEWARE:-mintel-me-ratelimit,mintel-me-forward}" - - "traefik.http.services.mintel-me-app-svc.loadbalancer.server.port=3000" + - 'traefik.http.routers.${PROJECT_NAME}.rule=${TRAEFIK_HOST_RULE:-Host("${TRAEFIK_HOST:-mintel.localhost}")}' + - "traefik.http.routers.${PROJECT_NAME}.entrypoints=${TRAEFIK_ENTRYPOINT:-web}" + - "traefik.http.routers.${PROJECT_NAME}.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-}" + - "traefik.http.routers.${PROJECT_NAME}.tls=${TRAEFIK_TLS:-false}" + - "traefik.http.routers.${PROJECT_NAME}.service=${PROJECT_NAME}-app-svc" + - "traefik.http.routers.${PROJECT_NAME}.middlewares=${AUTH_MIDDLEWARE:-${PROJECT_NAME}-ratelimit,${PROJECT_NAME}-forward}" + - "traefik.http.services.${PROJECT_NAME}-app-svc.loadbalancer.server.port=3000" - "traefik.docker.network=infra" - "caddy=${TRAEFIK_HOST:-mintel.localhost}" - "caddy.reverse_proxy={{upstreams 3000}}" # Public Router (Whitelist for OG Images, Sitemaps, Health) - - 'traefik.http.routers.mintel-me-public.rule=(${TRAEFIK_HOST_RULE:-Host("${TRAEFIK_HOST:-mintel.localhost}")}) && (PathPrefix("/health") || PathPrefix("/sitemap.xml") || PathPrefix("/robots.txt") || PathPrefix("/manifest.webmanifest") || PathPrefix("/api/og") || PathRegexp(".*opengraph-image.*") || PathRegexp(".*sitemap.*"))' - - "traefik.http.routers.mintel-me-public.entrypoints=${TRAEFIK_ENTRYPOINT:-web}" - - "traefik.http.routers.mintel-me-public.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-}" - - "traefik.http.routers.mintel-me-public.tls=${TRAEFIK_TLS:-false}" - - "traefik.http.routers.mintel-me-public.service=mintel-me-app-svc" - - "traefik.http.routers.mintel-me-public.middlewares=${AUTH_MIDDLEWARE_UNPROTECTED:-mintel-me-ratelimit,mintel-me-forward}" - - "traefik.http.routers.mintel-me-public.priority=2000" + - 'traefik.http.routers.${PROJECT_NAME}-public.rule=(${TRAEFIK_HOST_RULE:-Host("${TRAEFIK_HOST:-mintel.localhost}")}) && (PathPrefix("/health") || PathPrefix("/sitemap.xml") || PathPrefix("/robots.txt") || PathPrefix("/manifest.webmanifest") || PathPrefix("/api/og") || PathRegexp(".*opengraph-image.*") || PathRegexp(".*sitemap.*"))' + - "traefik.http.routers.${PROJECT_NAME}-public.entrypoints=${TRAEFIK_ENTRYPOINT:-web}" + - "traefik.http.routers.${PROJECT_NAME}-public.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-}" + - "traefik.http.routers.${PROJECT_NAME}-public.tls=${TRAEFIK_TLS:-false}" + - "traefik.http.routers.${PROJECT_NAME}-public.service=${PROJECT_NAME}-app-svc" + - "traefik.http.routers.${PROJECT_NAME}-public.middlewares=${AUTH_MIDDLEWARE_UNPROTECTED:-${PROJECT_NAME}-ratelimit,${PROJECT_NAME}-forward}" + - "traefik.http.routers.${PROJECT_NAME}-public.priority=2000" # Middlewares - - "traefik.http.middlewares.mintel-me-ratelimit.ratelimit.average=100" - - "traefik.http.middlewares.mintel-me-ratelimit.ratelimit.burst=50" + - "traefik.http.middlewares.${PROJECT_NAME}-ratelimit.ratelimit.average=100" + - "traefik.http.middlewares.${PROJECT_NAME}-ratelimit.ratelimit.burst=50" # Gatekeeper Router (Path-based) - - 'traefik.http.routers.mintel-me-gatekeeper.rule=(Host("${TRAEFIK_HOST:-mintel.localhost}") && PathPrefix("/gatekeeper"))' - - "traefik.http.routers.mintel-me-gatekeeper.entrypoints=${TRAEFIK_ENTRYPOINT:-web}" - - "traefik.http.routers.mintel-me-gatekeeper.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-}" - - "traefik.http.routers.mintel-me-gatekeeper.tls=${TRAEFIK_TLS:-false}" - - "traefik.http.routers.mintel-me-gatekeeper.service=mintel-me-gatekeeper-svc" + - 'traefik.http.routers.${PROJECT_NAME}-gatekeeper.rule=(Host("${TRAEFIK_HOST:-mintel.localhost}") && PathPrefix("/gatekeeper"))' + - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.entrypoints=${TRAEFIK_ENTRYPOINT:-web}" + - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.tls.certresolver=${TRAEFIK_CERT_RESOLVER:-}" + - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.tls=${TRAEFIK_TLS:-false}" + - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.service=${PROJECT_NAME}-gatekeeper-svc" - - "traefik.http.middlewares.mintel-me-auth.forwardauth.address=http://mintel-me-gatekeeper:3000/gatekeeper/api/verify" - - "traefik.http.middlewares.mintel-me-auth.forwardauth.trustForwardHeader=true" - - "traefik.http.middlewares.mintel-me-auth.forwardauth.authRequestHeaders=X-Forwarded-Host,X-Forwarded-Proto,X-Forwarded-For,Cookie" - - "traefik.http.middlewares.mintel-me-auth.forwardauth.authResponseHeaders=X-Auth-User" + - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.address=http://${PROJECT_NAME}-gatekeeper:3000/gatekeeper/api/verify" + - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.trustForwardHeader=true" + - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.authRequestHeaders=X-Forwarded-Host,X-Forwarded-Proto,X-Forwarded-For,Cookie" + - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.authResponseHeaders=X-Auth-User" # Forwarded Headers - - "traefik.http.middlewares.mintel-me-forward.headers.customrequestheaders.X-Forwarded-Proto=https" - - "traefik.http.middlewares.mintel-me-forward.headers.customrequestheaders.X-Forwarded-Ssl=on" + - "traefik.http.middlewares.${PROJECT_NAME}-forward.headers.customrequestheaders.X-Forwarded-Proto=https" + - "traefik.http.middlewares.${PROJECT_NAME}-forward.headers.customrequestheaders.X-Forwarded-Ssl=on" - mintel-me-gatekeeper: + gatekeeper: profiles: ["gatekeeper"] image: registry.infra.mintel.me/mintel/gatekeeper:v1.7.12 container_name: ${PROJECT_NAME:-mintel-me}-gatekeeper @@ -62,7 +62,7 @@ services: networks: infra: aliases: - - mintel-me-gatekeeper + - ${PROJECT_NAME}-gatekeeper env_file: - ${ENV_FILE:-.env} environment: @@ -74,7 +74,7 @@ services: GATEKEEPER_PASSWORD: ${GATEKEEPER_PASSWORD:-mintel} NEXT_PUBLIC_BASE_URL: ${GATEKEEPER_ORIGIN} labels: - - "traefik.http.services.mintel-me-gatekeeper-svc.loadbalancer.server.port=3000" + - "traefik.http.services.${PROJECT_NAME}-gatekeeper-svc.loadbalancer.server.port=3000" - "traefik.docker.network=infra" - "caddy=gatekeeper.${TRAEFIK_HOST:-mintel.localhost}" - "caddy.reverse_proxy={{upstreams 3000}}"