From fb66cdb6db53bd04b356462e33023ebca7cf9e2a Mon Sep 17 00:00:00 2001 From: Till Tomczak Date: Fri, 23 May 2025 07:57:20 +0200 Subject: [PATCH] "feat: Add Dockerfile.dev, PRODUCTION_SETUP.md, update env.example, and service myp-backend" --- backend/Dockerfile.dev | 1 + backend/PRODUCTION_SETUP.md | 1 + backend/env.example | 69 ++++++++++++++++++++++++++++++++++++- backend/myp-backend.service | 36 +++++++++++++++++++ 4 files changed, 106 insertions(+), 1 deletion(-) create mode 100644 backend/Dockerfile.dev create mode 100644 backend/PRODUCTION_SETUP.md create mode 100644 backend/myp-backend.service diff --git a/backend/Dockerfile.dev b/backend/Dockerfile.dev new file mode 100644 index 00000000..0519ecba --- /dev/null +++ b/backend/Dockerfile.dev @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/backend/PRODUCTION_SETUP.md b/backend/PRODUCTION_SETUP.md new file mode 100644 index 00000000..0519ecba --- /dev/null +++ b/backend/PRODUCTION_SETUP.md @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/backend/env.example b/backend/env.example index 0519ecba..eb625a69 100644 --- a/backend/env.example +++ b/backend/env.example @@ -1 +1,68 @@ - \ No newline at end of file +# MYP Backend - Umgebungsvariablen Konfiguration +# Kopiere diese Datei zu .env und passe die Werte an deine Umgebung an + +# === Flask-Konfiguration === +# Umgebung: development, production, testing +FLASK_ENV=production + +# Geheimer Schlüssel für Sessions und Tokens +# WICHTIG: Generiere einen sicheren Schlüssel für die Produktion! +# Beispiel: python -c "import secrets; print(secrets.token_hex(32))" +SECRET_KEY=your-super-secret-key-here + +# === Datenbank === +# Pfad zur SQLite-Datenbankdatei +DATABASE_PATH=instance/myp.db + +# === Job-Verwaltung === +# Intervall für Job-Überprüfung in Sekunden +JOB_CHECK_INTERVAL=60 + +# === Tapo Smart Plugs === +# Anmeldedaten für Tapo-Steckdosen +TAPO_USERNAME=your-tapo-email@example.com +TAPO_PASSWORD=your-tapo-password + +# Drucker-Konfiguration (JSON-Format) +# Beispiel: {"Drucker1":{"ip":"192.168.1.100"},"Drucker2":{"ip":"192.168.1.101"}} +PRINTERS={} + +# === Sicherheit === +# API-Schlüssel für externe Zugriffe (optional) +API_KEY= + +# Rate Limiting +MAX_REQUESTS_PER_MINUTE=60 +RATE_LIMIT_WINDOW_MINUTES=15 + +# HTTPS-Erzwingung (nur in Produktion mit SSL-Zertifikat) +FORCE_HTTPS=false + +# === Logging === +# Log-Level: DEBUG, INFO, WARNING, ERROR +LOG_LEVEL=INFO + +# Maximale Log-Dateigröße in Bytes (Standard: 10MB) +LOG_MAX_BYTES=10485760 + +# Anzahl der Log-Backup-Dateien +LOG_BACKUP_COUNT=10 + +# === Server-Konfiguration === +# Anzahl der Gunicorn-Worker-Prozesse +WORKERS=4 + +# Server-Adresse und Port +BIND_ADDRESS=0.0.0.0 +PORT=5000 + +# Request-Timeout in Sekunden +TIMEOUT=30 + +# === Monitoring === +# Aktiviere Metriken-Sammlung +METRICS_ENABLED=true + +# === Entwicklung (nur für FLASK_ENV=development) === +# Debug-Modus +DEBUG=false \ No newline at end of file diff --git a/backend/myp-backend.service b/backend/myp-backend.service new file mode 100644 index 00000000..0caff33f --- /dev/null +++ b/backend/myp-backend.service @@ -0,0 +1,36 @@ +[Unit] +Description=MYP Backend Flask Application +Documentation=https://github.com/your-org/myp +After=network.target + +[Service] +Type=notify +User=myp +Group=myp +WorkingDirectory=/opt/myp/backend +Environment=PATH=/opt/myp/venv/bin +Environment=FLASK_ENV=production +ExecStart=/opt/myp/venv/bin/gunicorn --workers=4 --worker-class=sync --bind=0.0.0.0:5000 --timeout=30 --keep-alive=5 --max-requests=1000 --max-requests-jitter=100 --preload --access-logfile=logs/access.log --error-logfile=logs/error.log --log-level=info --capture-output --enable-stdio-inheritance wsgi:application +ExecReload=/bin/kill -s HUP $MAINPID +KillMode=mixed +TimeoutStopSec=5 +PrivateTmp=true +Restart=on-failure +RestartSec=10 + +# Security settings +NoNewPrivileges=true +ProtectSystem=strict +ProtectHome=true +ReadWritePaths=/opt/myp/backend/logs /opt/myp/backend/instance +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectControlGroups=true + +# Logging +StandardOutput=journal +StandardError=journal +SyslogIdentifier=myp-backend + +[Install] +WantedBy=multi-user.target \ No newline at end of file