diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml index dca5bfd..ed99bd3 100644 --- a/.gitea/workflows/ci-cd.yml +++ b/.gitea/workflows/ci-cd.yml @@ -16,10 +16,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v3 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' @@ -41,7 +41,7 @@ jobs: needs: test steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@0.30.0 @@ -63,7 +63,7 @@ jobs: echo "Security scan completed with fallback method" - name: Upload Trivy scan results - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v3 if: always() with: name: trivy-results @@ -76,10 +76,10 @@ jobs: if: github.ref == 'refs/heads/production' steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v2 - name: Build Docker image run: | @@ -91,7 +91,7 @@ jobs: docker save ${{ env.DOCKER_IMAGE }}:latest | gzip > ${{ env.DOCKER_IMAGE }}.tar.gz - name: Upload Docker image artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v3 with: name: docker-image path: ${{ env.DOCKER_IMAGE }}.tar.gz @@ -103,10 +103,10 @@ jobs: if: github.ref == 'refs/heads/production' steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Download Docker image artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v3 with: name: docker-image path: ./ @@ -115,19 +115,43 @@ jobs: run: | gunzip -c ${{ env.DOCKER_IMAGE }}.tar.gz | docker load - - name: Stop existing container + - name: Stop existing services run: | - docker stop ${{ env.CONTAINER_NAME }} || true - docker rm ${{ env.CONTAINER_NAME }} || true + docker-compose -f docker-compose.workflow.yml down || true - - name: Start new container + - name: Verify secrets before deployment run: | - docker run -d \ - --name ${{ env.CONTAINER_NAME }} \ - --restart unless-stopped \ - -p 3000:3000 \ - -e NODE_ENV=production \ - ${{ env.DOCKER_IMAGE }}:latest + echo "🔍 Verifying secrets..." + if [ -z "${{ secrets.NEXT_PUBLIC_BASE_URL }}" ]; then + echo "❌ NEXT_PUBLIC_BASE_URL secret is missing!" + exit 1 + fi + if [ -z "${{ secrets.MY_EMAIL }}" ]; then + echo "❌ MY_EMAIL secret is missing!" + exit 1 + fi + if [ -z "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then + echo "❌ ADMIN_BASIC_AUTH secret is missing!" + exit 1 + fi + echo "✅ All required secrets are present" + + - name: Start services with Docker Compose + run: | + docker-compose -f docker-compose.workflow.yml up -d + env: + NEXT_PUBLIC_BASE_URL: ${{ secrets.NEXT_PUBLIC_BASE_URL }} + MY_EMAIL: ${{ secrets.MY_EMAIL }} + MY_INFO_EMAIL: ${{ secrets.MY_INFO_EMAIL }} + MY_PASSWORD: ${{ secrets.MY_PASSWORD }} + MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }} + ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }} + + - name: Verify container environment + run: | + echo "🔍 Checking container environment variables..." + sleep 10 + docker exec portfolio-app sh -c 'echo "NODE_ENV: $NODE_ENV" && echo "DATABASE_URL: $DATABASE_URL" && echo "REDIS_URL: $REDIS_URL" && echo "NEXT_PUBLIC_BASE_URL: $NEXT_PUBLIC_BASE_URL" && echo "MY_EMAIL: $MY_EMAIL" && echo "ADMIN_BASIC_AUTH: [HIDDEN]"' - name: Wait for container to be ready run: | diff --git a/.gitea/workflows/debug-secrets.yml b/.gitea/workflows/debug-secrets.yml new file mode 100644 index 0000000..d96196a --- /dev/null +++ b/.gitea/workflows/debug-secrets.yml @@ -0,0 +1,126 @@ +name: Debug Secrets + +on: + workflow_dispatch: + push: + branches: [ main ] + +jobs: + debug-secrets: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Debug Environment Variables + run: | + echo "🔍 Checking if secrets are available..." + echo "" + + # Check each secret (without revealing values) + if [ -n "${{ secrets.NEXT_PUBLIC_BASE_URL }}" ]; then + echo "✅ NEXT_PUBLIC_BASE_URL: Set (length: ${#NEXT_PUBLIC_BASE_URL})" + else + echo "❌ NEXT_PUBLIC_BASE_URL: Not set" + fi + + if [ -n "${{ secrets.MY_EMAIL }}" ]; then + echo "✅ MY_EMAIL: Set (length: ${#MY_EMAIL})" + else + echo "❌ MY_EMAIL: Not set" + fi + + if [ -n "${{ secrets.MY_INFO_EMAIL }}" ]; then + echo "✅ MY_INFO_EMAIL: Set (length: ${#MY_INFO_EMAIL})" + else + echo "❌ MY_INFO_EMAIL: Not set" + fi + + if [ -n "${{ secrets.MY_PASSWORD }}" ]; then + echo "✅ MY_PASSWORD: Set (length: ${#MY_PASSWORD})" + else + echo "❌ MY_PASSWORD: Not set" + fi + + if [ -n "${{ secrets.MY_INFO_PASSWORD }}" ]; then + echo "✅ MY_INFO_PASSWORD: Set (length: ${#MY_INFO_PASSWORD})" + else + echo "❌ MY_INFO_PASSWORD: Not set" + fi + + if [ -n "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then + echo "✅ ADMIN_BASIC_AUTH: Set (length: ${#ADMIN_BASIC_AUTH})" + else + echo "❌ ADMIN_BASIC_AUTH: Not set" + fi + + echo "" + echo "📋 Summary:" + echo "Total secrets checked: 6" + echo "Set secrets: $(echo "${{ secrets.NEXT_PUBLIC_BASE_URL }}${{ secrets.MY_EMAIL }}${{ secrets.MY_INFO_EMAIL }}${{ secrets.MY_PASSWORD }}${{ secrets.MY_INFO_PASSWORD }}${{ secrets.ADMIN_BASIC_AUTH }}" | grep -o . | wc -l)" + env: + NEXT_PUBLIC_BASE_URL: ${{ secrets.NEXT_PUBLIC_BASE_URL }} + MY_EMAIL: ${{ secrets.MY_EMAIL }} + MY_INFO_EMAIL: ${{ secrets.MY_INFO_EMAIL }} + MY_PASSWORD: ${{ secrets.MY_PASSWORD }} + MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }} + ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }} + + - name: Test Docker Environment + run: | + echo "🐳 Testing Docker environment with secrets..." + + # Create a test container to verify environment variables + docker run --rm \ + -e NODE_ENV=production \ + -e DATABASE_URL=postgresql://portfolio_user:portfolio_pass@postgres:5432/portfolio_db?schema=public \ + -e REDIS_URL=redis://redis:6379 \ + -e NEXT_PUBLIC_BASE_URL="${{ secrets.NEXT_PUBLIC_BASE_URL }}" \ + -e MY_EMAIL="${{ secrets.MY_EMAIL }}" \ + -e MY_INFO_EMAIL="${{ secrets.MY_INFO_EMAIL }}" \ + -e MY_PASSWORD="${{ secrets.MY_PASSWORD }}" \ + -e MY_INFO_PASSWORD="${{ secrets.MY_INFO_PASSWORD }}" \ + -e ADMIN_BASIC_AUTH="${{ secrets.ADMIN_BASIC_AUTH }}" \ + alpine:latest sh -c ' + echo "Environment variables in container:" + echo "NODE_ENV: $NODE_ENV" + echo "DATABASE_URL: $DATABASE_URL" + echo "REDIS_URL: $REDIS_URL" + echo "NEXT_PUBLIC_BASE_URL: $NEXT_PUBLIC_BASE_URL" + echo "MY_EMAIL: $MY_EMAIL" + echo "MY_INFO_EMAIL: $MY_INFO_EMAIL" + echo "MY_PASSWORD: [HIDDEN - length: ${#MY_PASSWORD}]" + echo "MY_INFO_PASSWORD: [HIDDEN - length: ${#MY_INFO_PASSWORD}]" + echo "ADMIN_BASIC_AUTH: [HIDDEN - length: ${#ADMIN_BASIC_AUTH}]" + ' + + - name: Validate Secret Formats + run: | + echo "🔐 Validating secret formats..." + + # Check NEXT_PUBLIC_BASE_URL format + if [[ "${{ secrets.NEXT_PUBLIC_BASE_URL }}" =~ ^https?:// ]]; then + echo "✅ NEXT_PUBLIC_BASE_URL: Valid URL format" + else + echo "❌ NEXT_PUBLIC_BASE_URL: Invalid URL format (should start with http:// or https://)" + fi + + # Check email formats + if [[ "${{ secrets.MY_EMAIL }}" =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then + echo "✅ MY_EMAIL: Valid email format" + else + echo "❌ MY_EMAIL: Invalid email format" + fi + + if [[ "${{ secrets.MY_INFO_EMAIL }}" =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then + echo "✅ MY_INFO_EMAIL: Valid email format" + else + echo "❌ MY_INFO_EMAIL: Invalid email format" + fi + + # Check ADMIN_BASIC_AUTH format (should be username:password) + if [[ "${{ secrets.ADMIN_BASIC_AUTH }}" =~ ^[^:]+:.+$ ]]; then + echo "✅ ADMIN_BASIC_AUTH: Valid format (username:password)" + else + echo "❌ ADMIN_BASIC_AUTH: Invalid format (should be username:password)" + fi \ No newline at end of file diff --git a/.gitea/workflows/quick-deploy.yml b/.gitea/workflows/quick-deploy.yml index 5cc75a4..bfba90f 100644 --- a/.gitea/workflows/quick-deploy.yml +++ b/.gitea/workflows/quick-deploy.yml @@ -15,10 +15,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v3 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' @@ -33,19 +33,43 @@ jobs: run: | docker build -t ${{ env.DOCKER_IMAGE }}:latest . - - name: Stop existing container + - name: Stop existing services run: | - docker stop ${{ env.CONTAINER_NAME }} || true - docker rm ${{ env.CONTAINER_NAME }} || true + docker-compose -f docker-compose.workflow.yml down || true - - name: Start new container + - name: Verify secrets before deployment run: | - docker run -d \ - --name ${{ env.CONTAINER_NAME }} \ - --restart unless-stopped \ - -p 3000:3000 \ - -e NODE_ENV=production \ - ${{ env.DOCKER_IMAGE }}:latest + echo "🔍 Verifying secrets..." + if [ -z "${{ secrets.NEXT_PUBLIC_BASE_URL }}" ]; then + echo "❌ NEXT_PUBLIC_BASE_URL secret is missing!" + exit 1 + fi + if [ -z "${{ secrets.MY_EMAIL }}" ]; then + echo "❌ MY_EMAIL secret is missing!" + exit 1 + fi + if [ -z "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then + echo "❌ ADMIN_BASIC_AUTH secret is missing!" + exit 1 + fi + echo "✅ All required secrets are present" + + - name: Start services with Docker Compose + run: | + docker-compose -f docker-compose.workflow.yml up -d + env: + NEXT_PUBLIC_BASE_URL: ${{ secrets.NEXT_PUBLIC_BASE_URL }} + MY_EMAIL: ${{ secrets.MY_EMAIL }} + MY_INFO_EMAIL: ${{ secrets.MY_INFO_EMAIL }} + MY_PASSWORD: ${{ secrets.MY_PASSWORD }} + MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }} + ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }} + + - name: Verify container environment + run: | + echo "🔍 Checking container environment variables..." + sleep 10 + docker exec portfolio-app sh -c 'echo "NODE_ENV: $NODE_ENV" && echo "DATABASE_URL: $DATABASE_URL" && echo "REDIS_URL: $REDIS_URL" && echo "NEXT_PUBLIC_BASE_URL: $NEXT_PUBLIC_BASE_URL" && echo "MY_EMAIL: $MY_EMAIL" && echo "ADMIN_BASIC_AUTH: [HIDDEN]"' - name: Health check run: | diff --git a/.gitea/workflows/security-scan.yml b/.gitea/workflows/security-scan.yml index 4c51cb5..a96a525 100644 --- a/.gitea/workflows/security-scan.yml +++ b/.gitea/workflows/security-scan.yml @@ -13,10 +13,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v3 with: node-version: '20' cache: 'npm' @@ -52,7 +52,7 @@ jobs: fi - name: Upload security scan results - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v3 if: always() with: name: security-scan-results @@ -63,16 +63,16 @@ jobs: - name: Security scan summary run: | - echo "## Security Scan Summary" >> $GITHUB_STEP_SUMMARY - echo "### NPM Audit Results" >> $GITHUB_STEP_SUMMARY + echo "## Security Scan Summary" + echo "### NPM Audit Results" if [ -f npm-audit-results.json ]; then - echo "✅ NPM audit completed" >> $GITHUB_STEP_SUMMARY + echo "✅ NPM audit completed" else - echo "❌ NPM audit failed" >> $GITHUB_STEP_SUMMARY + echo "❌ NPM audit failed" fi - echo "### Trivy Results" >> $GITHUB_STEP_SUMMARY + echo "### Trivy Results" if [ -f trivy-results.txt ]; then - echo "✅ Trivy scan completed" >> $GITHUB_STEP_SUMMARY + echo "✅ Trivy scan completed" else - echo "❌ Trivy scan failed" >> $GITHUB_STEP_SUMMARY + echo "❌ Trivy scan failed" fi diff --git a/GITEA-SECRETS-SETUP.md b/GITEA-SECRETS-SETUP.md new file mode 100644 index 0000000..ee69dfb --- /dev/null +++ b/GITEA-SECRETS-SETUP.md @@ -0,0 +1,56 @@ +# Gitea Secrets Setup + +Um die GitHub Actions Workflows korrekt zu verwenden, mĂŒssen die folgenden Secrets in deinem Gitea Repository konfiguriert werden: + +## Secrets konfigurieren + +1. Gehe zu deinem Repository in Gitea +2. Klicke auf **Settings** → **Secrets** +3. FĂŒge die folgenden Secrets hinzu: + +### Erforderliche Secrets: + +| Secret Name | Beschreibung | Beispiel | +|-------------|--------------|----------| +| `NEXT_PUBLIC_BASE_URL` | Die öffentliche URL deiner Website | `https://dk0.dev` | +| `MY_EMAIL` | Haupt-Email-Adresse fĂŒr Kontaktformular | `contact@dk0.dev` | +| `MY_INFO_EMAIL` | Info-Email-Adresse | `info@dk0.dev` | +| `MY_PASSWORD` | Passwort fĂŒr Haupt-Email | `dein_email_passwort` | +| `MY_INFO_PASSWORD` | Passwort fĂŒr Info-Email | `dein_info_email_passwort` | +| `ADMIN_BASIC_AUTH` | Admin-Basic-Auth fĂŒr geschĂŒtzte Bereiche | `admin:dein_sicheres_passwort` | + +## Docker Compose Setup + +Die Workflows verwenden jetzt `docker-compose.workflow.yml` fĂŒr eine vollstĂ€ndige Service-Konfiguration: + +- **PostgreSQL**: Datenbank fĂŒr die Anwendung +- **Redis**: Caching und Session-Management +- **Portfolio App**: Die Hauptanwendung + +## Netzwerk-Konfiguration + +Die Services sind im `portfolio_net` Netzwerk konfiguriert, damit sie miteinander kommunizieren können. + +## Health Checks + +Alle Services haben Health Checks konfiguriert: +- PostgreSQL: `pg_isready` +- Redis: `redis-cli ping` +- Portfolio App: HTTP Health Check auf `/api/health` + +## Troubleshooting + +Falls die Workflows fehlschlagen: + +1. **Secrets prĂŒfen**: Stelle sicher, dass alle Secrets korrekt konfiguriert sind +2. **Netzwerk prĂŒfen**: ÜberprĂŒfe, ob das `portfolio_net` Netzwerk existiert +3. **Ports prĂŒfen**: Stelle sicher, dass Port 3000 frei ist +4. **Logs prĂŒfen**: Schaue in die Container-Logs fĂŒr Fehlermeldungen + +```bash +# Container-Logs anzeigen +docker-compose -f docker-compose.workflow.yml logs + +# Services-Status prĂŒfen +docker-compose -f docker-compose.workflow.yml ps +``` \ No newline at end of file diff --git a/SECRETS-VERIFICATION.md b/SECRETS-VERIFICATION.md new file mode 100644 index 0000000..a022613 --- /dev/null +++ b/SECRETS-VERIFICATION.md @@ -0,0 +1,105 @@ +# Secrets Verification Guide + +## Wie du ĂŒberprĂŒfst, ob Secrets korrekt geladen werden + +### 1. **Debug-Workflow ausfĂŒhren** + +Ich habe einen speziellen Debug-Workflow erstellt (`.gitea/workflows/debug-secrets.yml`): + +1. Gehe zu deinem Repository in Gitea +2. Klicke auf **Actions** → **Debug Secrets** +3. Klicke auf **Run workflow** → **Run workflow** +4. Der Workflow wird dir zeigen: + - ✅ Welche Secrets gesetzt sind + - ❌ Welche Secrets fehlen + - 🔐 Ob die Formate korrekt sind + +### 2. **Secrets in Gitea ĂŒberprĂŒfen** + +**Manuell in Gitea:** +1. Gehe zu **Settings** → **Secrets** +2. ÜberprĂŒfe, ob alle Secrets vorhanden sind: + - `NEXT_PUBLIC_BASE_URL` + - `MY_EMAIL` + - `MY_INFO_EMAIL` + - `MY_PASSWORD` + - `MY_INFO_PASSWORD` + - `ADMIN_BASIC_AUTH` + +### 3. **Workflow-Logs ĂŒberprĂŒfen** + +Nach dem AusfĂŒhren eines Workflows: + +1. Gehe zu **Actions** → **Workflow runs** +2. Klicke auf den neuesten Run +3. Schaue dir die Logs an, besonders: + - "Verify secrets before deployment" + - "Verify container environment" + +### 4. **Container direkt ĂŒberprĂŒfen** + +Falls der Container lĂ€uft, kannst du ihn direkt ĂŒberprĂŒfen: + +```bash +# Container-Environment anzeigen +docker exec portfolio-app env | grep -E "(NEXT_PUBLIC_BASE_URL|MY_EMAIL|ADMIN_BASIC_AUTH)" + +# Container-Logs anzeigen +docker logs portfolio-app + +# Services-Status prĂŒfen +docker-compose -f docker-compose.workflow.yml ps +``` + +### 5. **HĂ€ufige Probleme** + +**❌ Secret nicht gesetzt:** +- Gehe zu Gitea → Settings → Secrets +- FĂŒge das fehlende Secret hinzu + +**❌ Falsches Format:** +- `NEXT_PUBLIC_BASE_URL`: Muss mit `http://` oder `https://` beginnen +- `MY_EMAIL`: Muss eine gĂŒltige Email-Adresse sein +- `ADMIN_BASIC_AUTH`: Muss Format `username:password` haben + +**❌ Container kann nicht starten:** +- ÜberprĂŒfe die Docker-Logs +- Stelle sicher, dass alle Services (PostgreSQL, Redis) laufen + +### 6. **Test-Schritte** + +1. **FĂŒhre den Debug-Workflow aus** +2. **ÜberprĂŒfe die Ausgabe** +3. **Korrigiere fehlende/falsche Secrets** +4. **FĂŒhre einen normalen Workflow aus** +5. **ÜberprĂŒfe die Container-Environment** + +### 7. **Erwartete Ausgabe** + +**Bei korrekten Secrets:** +``` +✅ NEXT_PUBLIC_BASE_URL: Set (length: 15) +✅ MY_EMAIL: Set (length: 20) +✅ MY_INFO_EMAIL: Set (length: 18) +✅ MY_PASSWORD: Set (length: 12) +✅ MY_INFO_PASSWORD: Set (length: 12) +✅ ADMIN_BASIC_AUTH: Set (length: 15) +``` + +**Bei fehlenden Secrets:** +``` +❌ NEXT_PUBLIC_BASE_URL: Not set +❌ MY_EMAIL: Not set +``` + +### 8. **Schnelltest** + +FĂŒhre diesen Befehl aus, um schnell zu testen: + +```bash +# Debug-Workflow manuell ausfĂŒhren +curl -X POST "https://your-gitea-instance.com/api/v1/repos/your-username/portfolio/actions/workflows/debug-secrets.yml/dispatches" \ + -H "Authorization: token YOUR_TOKEN" \ + -H "Content-Type: application/json" \ + -d '{"ref":"main"}' +``` \ No newline at end of file diff --git a/docker-compose.workflow.yml b/docker-compose.workflow.yml new file mode 100644 index 0000000..57e3ddf --- /dev/null +++ b/docker-compose.workflow.yml @@ -0,0 +1,81 @@ +# Docker Compose configuration for GitHub Actions workflows +# This ensures all required services are running before deployment + +services: + portfolio: + image: portfolio-app:latest + container_name: portfolio-app + restart: unless-stopped + ports: + - "3000:3000" + environment: + - NODE_ENV=production + - DATABASE_URL=postgresql://portfolio_user:portfolio_pass@postgres:5432/portfolio_db?schema=public + - REDIS_URL=redis://redis:6379 + - NEXT_PUBLIC_BASE_URL=${NEXT_PUBLIC_BASE_URL} + - MY_EMAIL=${MY_EMAIL} + - MY_INFO_EMAIL=${MY_INFO_EMAIL} + - MY_PASSWORD=${MY_PASSWORD} + - MY_INFO_PASSWORD=${MY_INFO_PASSWORD} + - ADMIN_BASIC_AUTH=${ADMIN_BASIC_AUTH} + volumes: + - portfolio_data:/app/.next/cache + networks: + - portfolio_net + depends_on: + postgres: + condition: service_healthy + redis: + condition: service_healthy + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + + postgres: + image: postgres:16-alpine + container_name: portfolio-postgres + restart: unless-stopped + environment: + - POSTGRES_DB=portfolio_db + - POSTGRES_USER=portfolio_user + - POSTGRES_PASSWORD=portfolio_pass + volumes: + - postgres_data:/var/lib/postgresql/data + networks: + - portfolio_net + healthcheck: + test: ["CMD-SHELL", "pg_isready -U portfolio_user -d portfolio_db"] + interval: 10s + timeout: 5s + retries: 5 + start_period: 30s + + redis: + image: redis:7-alpine + container_name: portfolio-redis + restart: unless-stopped + volumes: + - redis_data:/data + networks: + - portfolio_net + healthcheck: + test: ["CMD", "redis-cli", "ping"] + interval: 10s + timeout: 5s + retries: 5 + start_period: 30s + +volumes: + portfolio_data: + driver: local + postgres_data: + driver: local + redis_data: + driver: local + +networks: + portfolio_net: + driver: bridge \ No newline at end of file