From c3497ee62d5389d1c1b77a3353ba1708fc9d4bf3 Mon Sep 17 00:00:00 2001 From: Crimson Date: Wed, 3 Jun 2026 01:58:00 +0500 Subject: [PATCH] Prepare production Docker deployment --- .env.example | 4 ++- Dockerfile | 5 ++-- .../Api/AuthenticatedUserController.php | 15 ++++++++++ .../Controllers/Auth/LogoutController.php | 25 ++++++++++++++++ app/Http/Controllers/HomeController.php | 18 +++++++++++ docker-compose.yml | 15 ++++++---- docker/entrypoint.sh | 16 ++++++++++ routes/api.php | 6 ++-- routes/web.php | 30 ++++--------------- 9 files changed, 97 insertions(+), 37 deletions(-) create mode 100644 app/Http/Controllers/Api/AuthenticatedUserController.php create mode 100644 app/Http/Controllers/Auth/LogoutController.php create mode 100644 app/Http/Controllers/HomeController.php diff --git a/.env.example b/.env.example index 589d93b..1d1c7a7 100644 --- a/.env.example +++ b/.env.example @@ -2,19 +2,21 @@ APP_NAME=AirService APP_ENV=production APP_KEY= APP_DEBUG=false -APP_URL=https://example.ru +APP_URL=https://csk74.online LOG_CHANNEL=stderr LOG_LEVEL=error DB_CONNECTION=sqlite DB_DATABASE=/var/www/html/database/sqlite/database.sqlite +DB_FOREIGN_KEYS=true BROADCAST_DRIVER=log CACHE_DRIVER=file FILESYSTEM_DISK=local QUEUE_CONNECTION=database SESSION_DRIVER=file +SESSION_SECURE_COOKIE=true SESSION_LIFETIME=120 # S3 (опционально, если нужно хранение файлов) diff --git a/Dockerfile b/Dockerfile index 28c1fdf..080cdad 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,11 +11,12 @@ FROM php:8.2-fpm-alpine AS app WORKDIR /var/www/html RUN apk add --no-cache \ - libpng-dev libjpeg-turbo-dev freetype-dev libzip-dev sqlite \ + libpng-dev libjpeg-turbo-dev freetype-dev libzip-dev sqlite sqlite-dev \ + oniguruma-dev libxml2-dev \ zip unzip git RUN docker-php-ext-configure gd --with-freetype --with-jpeg \ - && docker-php-ext-install pdo pdo_sqlite gd zip opcache pcntl + && docker-php-ext-install pdo pdo_sqlite mbstring dom xml gd zip opcache pcntl COPY --from=composer:2 /usr/bin/composer /usr/bin/composer diff --git a/app/Http/Controllers/Api/AuthenticatedUserController.php b/app/Http/Controllers/Api/AuthenticatedUserController.php new file mode 100644 index 0000000..8f94915 --- /dev/null +++ b/app/Http/Controllers/Api/AuthenticatedUserController.php @@ -0,0 +1,15 @@ +user(); + } +} diff --git a/app/Http/Controllers/Auth/LogoutController.php b/app/Http/Controllers/Auth/LogoutController.php new file mode 100644 index 0000000..47c72bb --- /dev/null +++ b/app/Http/Controllers/Auth/LogoutController.php @@ -0,0 +1,25 @@ +check()) { + $activityLogService->log(auth()->user(), auth()->user(), auth()->id(), 'logout', 'Выход из системы', $request->ip()); + } + + Auth::logout(); + $request->session()->invalidate(); + $request->session()->regenerateToken(); + + return redirect()->route('login')->with('success', 'Вы вышли из системы.'); + } +} diff --git a/app/Http/Controllers/HomeController.php b/app/Http/Controllers/HomeController.php new file mode 100644 index 0000000..33ff79f --- /dev/null +++ b/app/Http/Controllers/HomeController.php @@ -0,0 +1,18 @@ +check()) { + return redirect()->route('login'); + } + + return redirect()->route(RoleRedirect::routeFor(auth()->user())); + } +} diff --git a/docker-compose.yml b/docker-compose.yml index 9f5d463..95f6e79 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,7 +13,8 @@ services: expose: - "9000" volumes: - - storage_uploads:/var/www/html/storage/app/public + - storage_public:/var/www/html/storage/app/public + - storage_attachments:/var/www/html/storage/app/request-attachments - storage_logs:/var/www/html/storage/logs - sqlite_data:/var/www/html/database/sqlite networks: @@ -36,7 +37,8 @@ services: - .env command: ["php", "artisan", "queue:work", "--sleep=3", "--tries=3", "--max-time=3600"] volumes: - - storage_uploads:/var/www/html/storage/app/public + - storage_public:/var/www/html/storage/app/public + - storage_attachments:/var/www/html/storage/app/request-attachments - storage_logs:/var/www/html/storage/logs - sqlite_data:/var/www/html/database/sqlite networks: @@ -53,16 +55,16 @@ services: container_name: airservice_nginx restart: unless-stopped ports: - - "10.20.0.20:18201:80" + - "10.20.0.25:18084:80" volumes: - - storage_uploads:/var/www/html/public/storage:ro + - storage_public:/var/www/html/public/storage:ro networks: - backend depends_on: app: condition: service_healthy healthcheck: - test: ["CMD-SHELL", "wget -qO- http://127.0.0.1/health || exit 1"] + test: ["CMD-SHELL", "wget -qO- http://127.0.0.1/health | grep -q ok"] interval: 30s timeout: 5s retries: 5 @@ -74,5 +76,6 @@ networks: volumes: sqlite_data: - storage_uploads: + storage_public: + storage_attachments: storage_logs: diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 2ed1083..56b2991 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -4,14 +4,30 @@ set -e if [ "$DB_CONNECTION" = "sqlite" ]; then DB_DIR=$(dirname "$DB_DATABASE") mkdir -p "$DB_DIR" + if [ ! -f "$DB_DATABASE" ]; then touch "$DB_DATABASE" fi + chown -R www-data:www-data "$DB_DIR" + chmod 775 "$DB_DIR" chmod 664 "$DB_DATABASE" fi +mkdir -p \ + /var/www/html/storage/app/public \ + /var/www/html/storage/app/request-attachments \ + /var/www/html/storage/logs \ + /var/www/html/storage/framework/cache \ + /var/www/html/storage/framework/sessions \ + /var/www/html/storage/framework/views \ + /var/www/html/bootstrap/cache + +chown -R www-data:www-data /var/www/html/storage /var/www/html/bootstrap/cache +chmod -R ug+rwX /var/www/html/storage /var/www/html/bootstrap/cache + php artisan migrate --force +php artisan storage:link || true php artisan config:cache php artisan route:cache php artisan view:cache diff --git a/routes/api.php b/routes/api.php index 889937e..736e9fc 100644 --- a/routes/api.php +++ b/routes/api.php @@ -1,6 +1,6 @@ get('/user', function (Request $request) { - return $request->user(); -}); +Route::middleware('auth:sanctum')->get('/user', AuthenticatedUserController::class); diff --git a/routes/web.php b/routes/web.php index f505e7f..2546060 100644 --- a/routes/web.php +++ b/routes/web.php @@ -2,7 +2,9 @@ use App\Http\Controllers\AttachmentController; use App\Http\Controllers\Auth\ForgotPasswordController; +use App\Http\Controllers\Auth\LogoutController; use App\Http\Controllers\Auth\ResetPasswordController; +use App\Http\Controllers\HomeController; use App\Livewire\Auth\LoginPage; use App\Livewire\Dashboard\DashboardPage; use App\Livewire\Directories\DepartmentsPage; @@ -26,19 +28,9 @@ use App\Livewire\Tasks\MyTasksPage; use App\Livewire\Users\UserFormPage; use App\Livewire\Users\UserShowPage; use App\Livewire\Users\UsersIndexPage; -use App\Services\ActivityLogService; -use App\Support\RoleRedirect; -use Illuminate\Http\Request; -use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Route; -Route::get('/', function () { - if (!auth()->check()) { - return redirect()->route('login'); - } - - return redirect()->route(RoleRedirect::routeFor(auth()->user())); -}); +Route::get('/', HomeController::class); Route::middleware('guest')->group(function () { Route::get('/login', LoginPage::class)->name('login'); @@ -48,17 +40,7 @@ Route::middleware('guest')->group(function () { Route::post('/reset-password', [ResetPasswordController::class, 'store'])->name('password.store'); }); -Route::post('/logout', function (Request $request, ActivityLogService $activityLogService) { - if (auth()->check()) { - $activityLogService->log(auth()->user(), auth()->user(), auth()->id(), 'logout', 'Выход из системы', $request->ip()); - } - - Auth::logout(); - $request->session()->invalidate(); - $request->session()->regenerateToken(); - - return redirect()->route('login')->with('success', 'Вы вышли из системы.'); -})->middleware('auth')->name('logout'); +Route::post('/logout', LogoutController::class)->middleware('auth')->name('logout'); Route::middleware(['auth', 'active_user'])->group(function () { Route::get('/profile', ProfilePage::class)->name('profile'); @@ -89,7 +71,7 @@ Route::middleware(['auth', 'active_user'])->group(function () { ->whereNumber('user') ->name('users.show'); - Route::get('/reports', fn () => redirect()->route('reports.general'))->name('reports'); + Route::redirect('/reports', '/reports/general')->name('reports'); Route::get('/reports/general', GeneralReportPage::class)->name('reports.general'); Route::get('/reports/technicians', TechniciansReportPage::class)->name('reports.technicians'); Route::get('/reports/sla', SlaReportPage::class)->name('reports.sla'); @@ -102,7 +84,7 @@ Route::middleware(['auth', 'active_user'])->group(function () { ->whereNumber('user') ->name('users.edit'); - Route::get('/directories', fn () => redirect()->route('directories.departments'))->name('directories'); + Route::redirect('/directories', '/directories/departments')->name('directories'); Route::get('/directories/departments', DepartmentsPage::class)->name('directories.departments'); Route::get('/directories/equipment-categories', EquipmentCategoriesPage::class)->name('directories.equipment-categories'); Route::get('/directories/request-types', RequestTypesPage::class)->name('directories.request-types');