dennii/Termix
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 22 Wiki Activity
Files
7763e6a904684ec0af8e93c57bfb227f7908476c
Termix/docker-compose.yml
ZacharyZcR 7763e6a904 ENTERPRISE: Implement zero-config SSL/TLS with dual HTTP/HTTPS architecture 
Major architectural improvements:
- Auto-generate SSL certificates on first startup with OpenSSL
- Dual HTTP (8081) + HTTPS (8443) backend API servers
- Frontend auto-detects protocol and uses appropriate API endpoint
- Fix database ORM initialization race condition with getDb() pattern
- WebSocket authentication with JWT verification during handshake
- Zero-config .env file generation for production deployment
- Docker and nginx configurations for container deployment

Technical fixes:
- Eliminate module initialization race conditions in database access
- Replace direct db imports with safer getDb() function calls
- Automatic HTTPS frontend development server (npm run dev:https)
- SSL certificate generation with termix.crt/termix.key
- Cross-platform environment variable support with cross-env

This enables seamless HTTP→HTTPS upgrade with zero manual configuration.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-22 11:12:58 +08:00

83 lines
2.3 KiB
YAML
Raw Blame History

# Termix Default Docker Compose Configuration
# SSL/TLS enabled by default for secure connections
version: '3.8'
services:
termix:
build: .
ports:
# HTTP port (redirects to HTTPS)
- "${PORT:-8080}:8080"
# HTTPS port (default enabled)
- "${SSL_PORT:-8443}:8443"
environment:
# SSL Configuration (enabled by default)
- ENABLE_SSL=true
- SSL_PORT=${SSL_PORT:-8443}
- SSL_DOMAIN=${SSL_DOMAIN:-localhost}
# SSL Certificate paths (auto-generated inside container)
- SSL_CERT_PATH=/app/ssl/termix.crt
- SSL_KEY_PATH=/app/ssl/termix.key
# Security keys (auto-generated on first startup if not provided)
- JWT_SECRET=${JWT_SECRET:-}
- DATABASE_KEY=${DATABASE_KEY:-}
# Server configuration
- PORT=${PORT:-8080}
- NODE_ENV=${NODE_ENV:-production}
# CORS configuration (allow all origins by default)
- ALLOWED_ORIGINS=${ALLOWED_ORIGINS:-*}
# Database configuration
- DATABASE_ENCRYPTION=${DATABASE_ENCRYPTION:-true}
volumes:
# Persist SSL certificates (auto-generated)
- ssl_certs:/app/ssl
# Persist database and data
- termix_data:/app/data
# Optional: Mount custom SSL certificates
# - ./ssl:/app/ssl:ro
# Health check for HTTPS (with fallback to HTTP)
healthcheck:
test: |
curl -f -k https://localhost:8443/health 2>/dev/null ||
curl -f http://localhost:8080/health 2>/dev/null ||
exit 1
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
restart: unless-stopped
# SSL is automatically configured during startup
# No additional scripts needed - integrated into application startup
volumes:
ssl_certs:
driver: local
termix_data:
driver: local
# Quick Start:
# 1. Run: docker-compose up
# 2. Access: https://localhost:8443 (HTTPS with auto-generated certificates)
# 3. Alt: http://localhost:8080 (HTTP redirects to HTTPS)
#
# The application will automatically:
# - Generate SSL certificates on first startup
# - Generate JWT and database encryption keys
# - Enable HTTPS/WSS connections
# - Display connection information in logs
#
# Optional .env file configuration:
# SSL_PORT=8443
# SSL_DOMAIN=yourdomain.com
# JWT_SECRET=your_custom_jwt_secret_64_chars
# DATABASE_KEY=your_custom_database_key_64_chars
Reference in New Issue View Git Blame Copy Permalink