diff --git a/Makefile b/Makefile index 787c8a6..3f1c53d 100644 --- a/Makefile +++ b/Makefile @@ -238,13 +238,16 @@ docker-build-debug: ## Собрать Docker образ docker-run: ## Запустить Docker контейнер (одиночный) @echo "Запуск Docker контейнера..." @docker run -d \ - --name eventhub \ - -p 8080:8080 \ - -p 8081:8081 \ - -p 8445:8445 \ - -p 8446:8446 \ - -v eventhub-data:/app/data \ - eventhub:latest + --hostname eventhub.local \ + --env-file docker/.env \ + --name eventhub \ + -e NODE_NAME=eventhub@eventhub.local \ + -p 8080:8080 \ + -p 8081:8081 \ + -p 8445:8445 \ + -p 8446:8446 \ + -v eventhub-data:/app/data \ + eventhub:latest @echo "✅ Контейнер запущен на http://localhost:8080" docker-stop: ## Остановить Docker контейнер @@ -259,6 +262,11 @@ docker-logs: ## Показать логи Docker контейнера docker-shell: ## Зайти в Docker контейнер @docker exec -it eventhub sh +docker-compose-build-app: ## Собрать Docker образ + @echo "Сборка Docker образа..." + @docker-compose -f docker/docker-compose.yml build --no-cache eventhub-node1 eventhub-node2 eventhub-node3 + @echo "✅ Docker образ собран" + docker-compose-up: ## Запустить кластер (3 ноды) @echo "Запуск кластера EventHub (3 ноды)..." @docker-compose -f docker/docker-compose.yml --env-file docker/.env up -d diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index a8ca1b1..c45e8e2 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -101,6 +101,16 @@ services: - "traefik.enable=true" restart: unless-stopped + # ================== Admin ui ================== + admin-ui: + build: + context: ../../EventHubFrontAdmin # путь к проекту админки + dockerfile: Dockerfile + networks: + - eventhub-net + restart: unless-stopped + labels: + - "traefik.enable=true" # ================== Мониторинг ================== prometheus: image: prom/prometheus:latest diff --git a/docker/traefik/dynamic_conf.yml b/docker/traefik/dynamic_conf.yml index e0a9a59..ea411e0 100644 --- a/docker/traefik/dynamic_conf.yml +++ b/docker/traefik/dynamic_conf.yml @@ -19,11 +19,11 @@ http: plugin: coraza: directives: -# - "SecRuleEngine DetectionOnly" + # - "SecRuleEngine DetectionOnly" # можно раскомментировать для тестирования - "SecRuleEngine On" - "SecDebugLog /dev/stdout" - "SecDebugLogLevel 2" -# - "SecRule REQUEST_URI \"@rx /admin\" \"id:101,phase:1,log,deny,status:403\"" + # - "SecRule REQUEST_URI \"@rx /admin\" \"id:101,phase:1,log,deny,status:403\"" - "SecRule ARGS \"@rx (union|select|insert|drop|alter)\" \"id:102,phase:2,log,deny,status:403\"" api-ratelimit: @@ -39,7 +39,7 @@ http: burst: 5 routers: - # REST API пользователей + # --- REST API пользователей --- api: rule: "Host(`api.eventhub.local`)" entryPoints: ["web"] @@ -52,7 +52,7 @@ http: middlewares: ["api-ratelimit", "waf"] service: "api" - # WebSocket пользователей (без WAF) + # --- WebSocket пользователей (без WAF) --- ws: rule: "Host(`ws.eventhub.local`)" entryPoints: ["web"] @@ -64,33 +64,45 @@ http: tls: true service: "ws" - # Админский REST - admin-api: - rule: "Host(`admin.eventhub.local`)" + # --- Админ-панель (SPA) --- + admin-ui: + rule: "Host(`admin.eventhub.local`) && !PathPrefix(`/api/`) && !PathPrefix(`/ws/`)" + entryPoints: ["web"] + middlewares: ["redirect-to-https"] + service: "admin-ui-service" + admin-ui-secure: + rule: "Host(`admin.eventhub.local`) && !PathPrefix(`/api/`) && !PathPrefix(`/ws/`)" + entryPoints: ["websecure"] + tls: true + service: "admin-ui-service" + + # --- Проксирование /api/ на админский REST --- + admin-api-proxy: + rule: "Host(`admin.eventhub.local`) && PathPrefix(`/api/`)" entryPoints: ["web"] middlewares: ["redirect-to-https", "admin-ratelimit", "waf"] service: "admin-api" - admin-api-secure: - rule: "Host(`admin.eventhub.local`)" + admin-api-proxy-secure: + rule: "Host(`admin.eventhub.local`) && PathPrefix(`/api/`)" entryPoints: ["websecure"] tls: true middlewares: ["admin-ratelimit", "waf"] service: "admin-api" - # Админский WebSocket (без WAF) - admin-ws: - rule: "Host(`admin-ws.eventhub.local`)" + # --- Проксирование /ws/ на админский WebSocket --- + admin-ws-proxy: + rule: "Host(`admin.eventhub.local`) && PathPrefix(`/ws/`)" entryPoints: ["web"] middlewares: ["redirect-to-https"] service: "admin-ws" - admin-ws-secure: - rule: "Host(`admin-ws.eventhub.local`)" + admin-ws-proxy-secure: + rule: "Host(`admin.eventhub.local`) && PathPrefix(`/ws/`)" entryPoints: ["websecure"] tls: true service: "admin-ws" services: - # Пользовательский REST API (failover) + # --- Пользовательский REST API (failover) --- api: failover: service: api-live @@ -110,7 +122,7 @@ http: servers: - url: "http://fallback:80" - # Пользовательский WebSocket + # --- Пользовательский WebSocket --- ws: loadbalancer: servers: @@ -118,7 +130,7 @@ http: - url: "http://eventhub-node2:8081" - url: "http://eventhub-node3:8081" - # Админский REST (failover) + # --- Админский REST (failover) --- admin-api: failover: service: admin-api-live @@ -138,10 +150,16 @@ http: servers: - url: "http://fallback:80" - # Админский WebSocket + # --- Админский WebSocket --- admin-ws: loadbalancer: servers: - url: "http://eventhub-node1:8446" - url: "http://eventhub-node2:8446" - - url: "http://eventhub-node3:8446" \ No newline at end of file + - url: "http://eventhub-node3:8446" + + # --- SPA (админ‑панель) --- + admin-ui-service: + loadbalancer: + servers: + - url: "http://admin-ui:80" \ No newline at end of file diff --git a/src/config/local.vm.args b/src/config/local.vm.args new file mode 100644 index 0000000..c23151d --- /dev/null +++ b/src/config/local.vm.args @@ -0,0 +1,3 @@ +-sname ${NODE_NAME} +-setcookie ${RELEASE_COOKIE} +-kernel inet_dist_use_interface {0,0,0,0} \ No newline at end of file