feat: Complete Docker containerization with production-ready setup

Implements comprehensive Docker containerization for the entire VIP Coordinator application, enabling single-command production deployment. Backend Containerization: - Multi-stage Dockerfile (dependencies → builder → production) - Automated database migrations via docker-entrypoint.sh - Health checks and non-root user for security - Optimized image size (~200-250MB vs ~500MB) - Includes OpenSSL, dumb-init, and netcat for proper operation Frontend Containerization: - Multi-stage Dockerfile (builder → nginx) - Nginx configuration with SPA routing and API proxying - Security headers and gzip compression - Optimized image size (~45-50MB vs ~450MB) - Health check endpoint at /health Infrastructure: - docker-compose.prod.yml orchestrating 4 services: * PostgreSQL 16 (database) * Redis 7 (caching) * Backend (NestJS API) * Frontend (Nginx serving React SPA) - Service dependencies with health check conditions - Named volumes for data persistence - Dedicated bridge network for service isolation - Comprehensive logging configuration Configuration: - .env.production.example template with all required variables - Build-time environment injection for frontend - Runtime environment injection for backend - .dockerignore files for optimal build context Documentation: - Updated README.md with complete Docker deployment guide - Quick start instructions - Troubleshooting section - Production enhancement recommendations - Updated project structure diagram Deployment Features: - One-command deployment: docker-compose up -d - Automatic database migrations on backend startup - Optional database seeding via RUN_SEED flag - Rolling updates support - Zero-config service discovery - Health checks prevent premature traffic Image Optimizations: - Backend: 60% size reduction via multi-stage build - Frontend: 90% size reduction via nginx alpine - Total deployment: <300MB (excluding volumes) - Layer caching for fast rebuilds Security Enhancements: - Non-root users in all containers - Minimal attack surface (Alpine Linux) - No secrets in images (runtime injection) - Health checks ensure service readiness Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-31 18:16:04 +01:00
parent 9e9d4245bb
commit 6c3f017a9e
10 changed files with 797 additions and 16 deletions
--- a/README.md
+++ b/README.md
@@ -427,26 +427,113 @@ npx prisma db seed
 - [ ] Set up log aggregation
 - [ ] Configure CDN for frontend assets (optional)

-### Docker Deployment
+### Docker Deployment (Production-Ready)
+
+**Complete containerization with multi-stage builds, Nginx, and automated migrations.**
+
+#### Quick Start

 ```bash
-# Build images
-docker-compose build
+# 1. Create production environment file
+cp .env.production.example .env.production

-# Start all services
-docker-compose up -d
+# 2. Edit .env.production with your values
+#    - Set strong POSTGRES_PASSWORD
+#    - Configure Auth0 credentials
+#    - Set AUTH0_CLIENT_ID for frontend

-# Run migrations
-docker-compose exec backend npx prisma migrate deploy
+# 3. Build and start all services
+docker-compose -f docker-compose.prod.yml up -d

-# Seed database (optional)
-docker-compose exec backend npx prisma db seed
+# 4. Check service health
+docker-compose -f docker-compose.prod.yml ps

-# View logs
-docker-compose logs -f backend
-docker-compose logs -f frontend
+# 5. View logs
+docker-compose -f docker-compose.prod.yml logs -f
 ```

+#### What Gets Deployed
+
+- **PostgreSQL 16** - Database with persistent volume
+- **Redis 7** - Caching layer with persistent volume
+- **Backend (NestJS)** - Optimized production build (~200MB)
+  - Runs database migrations automatically on startup
+  - Non-root user for security
+  - Health checks enabled
+- **Frontend (Nginx)** - Static files served with Nginx (~45MB)
+  - SPA routing configured
+  - API requests proxied to backend
+  - Gzip compression enabled
+  - Security headers configured
+
+#### First-Time Setup
+
+**Auth0 Configuration:**
+1. Update callback URLs: `http://your-domain/callback`
+2. Update allowed web origins: `http://your-domain`
+3. Update logout URLs: `http://your-domain`
+
+**Access Application:**
+- Frontend: `http://localhost` (or your domain)
+- Backend health: `http://localhost/api/v1/health`
+
+#### Updating the Application
+
+```bash
+# Pull latest code
+git pull
+
+# Rebuild and restart
+docker-compose -f docker-compose.prod.yml down
+docker-compose -f docker-compose.prod.yml build --no-cache
+docker-compose -f docker-compose.prod.yml up -d
+```
+
+#### Database Management
+
+```bash
+# View migration status
+docker-compose -f docker-compose.prod.yml exec backend npx prisma migrate status
+
+# Manually run migrations (not needed, runs automatically)
+docker-compose -f docker-compose.prod.yml exec backend npx prisma migrate deploy
+
+# Seed database with test data (optional)
+docker-compose -f docker-compose.prod.yml exec backend npx prisma db seed
+```
+
+#### Troubleshooting
+
+```bash
+# Check container status
+docker-compose -f docker-compose.prod.yml ps
+
+# View specific service logs
+docker-compose -f docker-compose.prod.yml logs backend
+docker-compose -f docker-compose.prod.yml logs frontend
+
+# Restart specific service
+docker-compose -f docker-compose.prod.yml restart backend
+
+# Complete reset (⚠️ DELETES ALL DATA)
+docker-compose -f docker-compose.prod.yml down -v
+docker volume rm vip-coordinator-postgres-data vip-coordinator-redis-data
+```
+
+#### Production Enhancements
+
+For production deployment, add:
+- **Reverse Proxy** (Caddy/Traefik) for SSL/TLS
+- **Automated Backups** for PostgreSQL volumes
+- **Monitoring** (Prometheus/Grafana)
+- **Log Aggregation** (ELK/Loki)
+
+#### Image Sizes
+
+- Backend: ~200-250MB (multi-stage build)
+- Frontend: ~45-50MB (nginx alpine)
+- Total deployment: <300MB (excluding database volumes)
+
 ### Environment Variables

 **Backend** (`backend/.env`)
@@ -489,6 +576,9 @@ vip-coordinator/
 │   │   ├── events/           # Activity scheduling (ScheduleEvent)
 │   │   ├── flights/          # Flight tracking
 │   │   └── common/           # Shared utilities, guards, decorators
+│   ├── Dockerfile            # Multi-stage production build
+│   ├── docker-entrypoint.sh  # Migration automation script
+│   ├── .dockerignore         # Docker build exclusions
 │   └── package.json
 │
 ├── frontend/                 # React Frontend
@@ -500,10 +590,15 @@ vip-coordinator/
 │   │   ├── hooks/            # Custom React hooks
 │   │   ├── lib/              # Utilities, API client
 │   │   └── types/            # TypeScript types
+│   ├── Dockerfile            # Multi-stage build with Nginx
+│   ├── nginx.conf            # Nginx server configuration
+│   ├── .dockerignore         # Docker build exclusions
 │   ├── playwright.config.ts  # Playwright configuration
 │   └── package.json
 │
-├── docker-compose.yml        # Docker orchestration
+├── docker-compose.yml        # Development environment (DB only)
+├── docker-compose.prod.yml   # Production deployment (full stack)
+├── .env.production.example   # Production environment template
 └── README.md                 # This file
 ```