Hartmut
fceceeee4b
- SMTP: SMTP_HOST/PORT/USER/FROM/TLS now all have ENV override support (previously only SMTP_PASSWORD was env-aware). ENV takes priority over DB. - docker-compose.yml: forward all SMTP_* env vars to app container + add Mailhog service (ports 1025 SMTP / 8025 HTTP, always available in dev) - Password reset: PasswordResetToken Prisma model + authRouter with requestPasswordReset (timing-safe, no email enumeration) + resetPassword - UI: /auth/forgot-password, /auth/reset-password/[token] pages + "Forgot password?" link on sign-in page - E2E: Mailhog helpers (getLatestEmailTo, clearMailhog, extractUrlFromEmail) + invite-flow.spec.ts + password-reset.spec.ts Co-Authored-By: claude-flow <ruv@ruv.net>
117 lines
3.4 KiB
YAML
117 lines
3.4 KiB
YAML
name: capakraken
|
|
|
|
services:
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
ports:
|
|
- "5433:5432"
|
|
environment:
|
|
POSTGRES_DB: capakraken
|
|
POSTGRES_USER: capakraken
|
|
POSTGRES_PASSWORD: capakraken_dev
|
|
command: >
|
|
postgres
|
|
-c log_connections=on
|
|
-c log_disconnections=on
|
|
-c log_statement=ddl
|
|
-c log_line_prefix='%t [%p] %u@%d '
|
|
-c log_min_duration_statement=1000
|
|
volumes:
|
|
- capakraken_pgdata:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U capakraken -d capakraken"]
|
|
interval: 5s
|
|
timeout: 3s
|
|
retries: 5
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
ports:
|
|
- "6380:6379"
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 5s
|
|
timeout: 3s
|
|
retries: 5
|
|
|
|
mailhog:
|
|
image: mailhog/mailhog
|
|
ports:
|
|
- "1025:1025" # SMTP
|
|
- "8025:8025" # HTTP API / Web UI
|
|
|
|
pgadmin:
|
|
image: dpage/pgadmin4
|
|
ports:
|
|
- "5050:80"
|
|
environment:
|
|
PGADMIN_DEFAULT_EMAIL: ${PGADMIN_EMAIL:-admin@capakraken.dev}
|
|
PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_PASSWORD:?PGADMIN_PASSWORD must be set}
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
|
|
app:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile.dev
|
|
ports:
|
|
- "3100:3100"
|
|
environment:
|
|
# Always use the Docker-internal service name. The host-level DATABASE_URL
|
|
# (localhost:5433) must not bleed into the container where "localhost" is
|
|
# the container itself, not the host.
|
|
DATABASE_URL: postgresql://capakraken:capakraken_dev@postgres:5432/capakraken
|
|
REDIS_URL: redis://redis:6379
|
|
NEXTAUTH_URL: ${NEXTAUTH_URL:?NEXTAUTH_URL must be set (e.g. https://your-domain.com)}
|
|
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET:?set NEXTAUTH_SECRET}
|
|
# Bypass auth + API rate limiters for E2E test runs only.
|
|
# MUST remain "false" in any production or staging deployment.
|
|
# Set E2E_TEST_MODE=true in the host environment before running E2E tests.
|
|
E2E_TEST_MODE: "${E2E_TEST_MODE:-false}"
|
|
# AI provider secrets — forwarded from host .env, not hardcoded
|
|
AZURE_OPENAI_API_KEY: ${AZURE_OPENAI_API_KEY:-}
|
|
OPENAI_API_KEY: ${OPENAI_API_KEY:-}
|
|
GEMINI_API_KEY: ${GEMINI_API_KEY:-}
|
|
# SMTP — forwarded from host .env; overrides SystemSettings DB values
|
|
SMTP_HOST: ${SMTP_HOST:-}
|
|
SMTP_PORT: ${SMTP_PORT:-}
|
|
SMTP_USER: ${SMTP_USER:-}
|
|
SMTP_FROM: ${SMTP_FROM:-}
|
|
SMTP_TLS: ${SMTP_TLS:-}
|
|
SMTP_PASSWORD: ${SMTP_PASSWORD:-}
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_healthy
|
|
volumes:
|
|
- .:/app
|
|
# Named volumes mask the bind-mount for generated/installed artefacts.
|
|
# Named (not anonymous) so they can be selectively removed: docker volume rm capakraken_node_modules
|
|
- capakraken_node_modules:/app/node_modules
|
|
- capakraken_next:/app/apps/web/.next
|
|
profiles:
|
|
- full
|
|
|
|
postgres-test:
|
|
image: postgres:16-alpine
|
|
ports:
|
|
- "${POSTGRES_TEST_PORT:-5434}:5432"
|
|
environment:
|
|
POSTGRES_DB: capakraken_test
|
|
POSTGRES_USER: capakraken
|
|
POSTGRES_PASSWORD: capakraken_test
|
|
tmpfs:
|
|
- /var/lib/postgresql/data
|
|
profiles:
|
|
- test
|
|
|
|
volumes:
|
|
capakraken_pgdata:
|
|
name: capakraken_pgdata
|
|
capakraken_node_modules:
|
|
name: capakraken_node_modules
|
|
capakraken_next:
|
|
name: capakraken_next
|