npm - @brunosps00/dev-workflow - Versions diffs - 0.7.0 → 0.8.1 - Mend

@brunosps00/dev-workflow 0.7.0 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (50) hide show

package/scaffold/skills/docker-compose-recipes/services/minio.yml ADDED Viewed

@@ -0,0 +1,30 @@
+# MinIO — S3-compatible object storage (dev replacement for AWS S3)
+# Env vars: MINIO_ROOT_USER, MINIO_ROOT_PASSWORD, MINIO_API_PORT (default 9000), MINIO_UI_PORT (default 9001)
+# Application-side: AWS_ENDPOINT_URL=http://minio:9000; AWS_ACCESS_KEY_ID=${MINIO_ROOT_USER}; AWS_SECRET_ACCESS_KEY=${MINIO_ROOT_PASSWORD}
+minio:
+  image: minio/minio:latest
+  restart: unless-stopped
+  command: server /data --console-address ":9001"
+  environment:
+    MINIO_ROOT_USER: ${MINIO_ROOT_USER:-minio}
+    MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD:-minio12345}
+  ports:
+    - "${MINIO_API_PORT:-9000}:9000"
+    - "${MINIO_UI_PORT:-9001}:9001"
+  volumes:
+    - minio_data:/data
+  healthcheck:
+    test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
+    interval: 10s
+    timeout: 5s
+    retries: 5
+    start_period: 5s
+# volumes:
+#   minio_data: {}
+#
+# Prod notes:
+# - In prod, replace with real S3 (or another managed object store). MinIO is great in dev,
+#   acceptable in prod only if you understand the operational requirements (HA, erasure coding, replication).
+# - Always rotate MINIO_ROOT_PASSWORD; default credentials must NOT survive past local dev.

package/scaffold/skills/docker-compose-recipes/services/mysql.yml ADDED Viewed

@@ -0,0 +1,30 @@
+# MySQL 8 — relational DB
+# Env vars referenced: MYSQL_ROOT_PASSWORD, MYSQL_USER, MYSQL_PASSWORD, MYSQL_DATABASE, MYSQL_PORT (default 3306)
+# Application-side: DATABASE_URL=mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@mysql:3306/${MYSQL_DATABASE}
+mysql:
+  image: mysql:8.4
+  restart: unless-stopped
+  command: --default-authentication-plugin=mysql_native_password
+  environment:
+    MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-root}
+    MYSQL_USER: ${MYSQL_USER:-app}
+    MYSQL_PASSWORD: ${MYSQL_PASSWORD:-app}
+    MYSQL_DATABASE: ${MYSQL_DATABASE:-app}
+  ports:
+    - "${MYSQL_PORT:-3306}:3306"
+  volumes:
+    - mysql_data:/var/lib/mysql
+  healthcheck:
+    test: ["CMD-SHELL", "mysqladmin ping -h localhost -u${MYSQL_USER:-app} -p${MYSQL_PASSWORD:-app}"]
+    interval: 5s
+    timeout: 3s
+    retries: 10
+    start_period: 15s
+# volumes:
+#   mysql_data: {}
+#
+# Prod notes:
+# - Use secrets for MYSQL_ROOT_PASSWORD and MYSQL_PASSWORD; drop public port.
+# - Consider Percona or MariaDB as drop-in alternatives if licensing is a concern.

package/scaffold/skills/docker-compose-recipes/services/postgres.yml ADDED Viewed

@@ -0,0 +1,30 @@
+# Postgres 16 — relational DB
+# Env vars referenced: POSTGRES_USER, POSTGRES_PASSWORD, POSTGRES_DB, POSTGRES_PORT (default 5432)
+# Application-side: derive DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}
+postgres:
+  image: postgres:16-alpine
+  restart: unless-stopped
+  environment:
+    POSTGRES_USER: ${POSTGRES_USER:-app}
+    POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-app}
+    POSTGRES_DB: ${POSTGRES_DB:-app}
+  ports:
+    - "${POSTGRES_PORT:-5432}:5432"
+  volumes:
+    - postgres_data:/var/lib/postgresql/data
+  healthcheck:
+    test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-app} -d ${POSTGRES_DB:-app}"]
+    interval: 5s
+    timeout: 3s
+    retries: 10
+    start_period: 5s
+# volumes block to merge:
+# volumes:
+#   postgres_data: {}
+#
+# Prod notes:
+# - Move POSTGRES_PASSWORD to a secret (file_env or external secrets manager).
+# - Drop the public port mapping; expose only via internal network or a bastion.
+# - Pin to a specific patch version in production manifests (e.g., postgres:16.4-alpine).

package/scaffold/skills/docker-compose-recipes/services/rabbitmq.yml ADDED Viewed

@@ -0,0 +1,29 @@
+# RabbitMQ 3 (management) — message broker + UI
+# Env vars: RABBITMQ_USER, RABBITMQ_PASSWORD, RABBITMQ_PORT (default 5672), RABBITMQ_UI_PORT (default 15672)
+# Application-side: AMQP_URL=amqp://${RABBITMQ_USER}:${RABBITMQ_PASSWORD}@rabbitmq:5672/
+rabbitmq:
+  image: rabbitmq:3-management-alpine
+  restart: unless-stopped
+  environment:
+    RABBITMQ_DEFAULT_USER: ${RABBITMQ_USER:-app}
+    RABBITMQ_DEFAULT_PASS: ${RABBITMQ_PASSWORD:-app}
+  ports:
+    - "${RABBITMQ_PORT:-5672}:5672"
+    - "${RABBITMQ_UI_PORT:-15672}:15672"
+  volumes:
+    - rabbitmq_data:/var/lib/rabbitmq
+  healthcheck:
+    test: ["CMD", "rabbitmq-diagnostics", "ping"]
+    interval: 10s
+    timeout: 5s
+    retries: 10
+    start_period: 30s
+# volumes:
+#   rabbitmq_data: {}
+#
+# Prod notes:
+# - Drop the management UI port (15672) or put it behind a reverse proxy with auth.
+# - Use rabbitmq:3-alpine (no management) in prod; manage via the cluster API.
+# - Mount a custom rabbitmq.conf for clustering, queue limits, and TLS.

package/scaffold/skills/docker-compose-recipes/services/redis.yml ADDED Viewed

@@ -0,0 +1,25 @@
+# Redis 7 — cache, pub/sub, BullMQ backend
+# Env vars: REDIS_PORT (default 6379), REDIS_PASSWORD (optional in dev)
+# Application-side: REDIS_URL=redis://redis:6379  or  redis://:${REDIS_PASSWORD}@redis:6379
+redis:
+  image: redis:7-alpine
+  restart: unless-stopped
+  command: ${REDIS_PASSWORD:+redis-server --requirepass ${REDIS_PASSWORD}}
+  ports:
+    - "${REDIS_PORT:-6379}:6379"
+  volumes:
+    - redis_data:/data
+  healthcheck:
+    test: ["CMD", "redis-cli", "ping"]
+    interval: 5s
+    timeout: 3s
+    retries: 10
+    start_period: 3s
+# volumes:
+#   redis_data: {}
+#
+# Prod notes:
+# - Always set REDIS_PASSWORD in prod. Drop public port; expose only on internal network.
+# - For persistence in prod, mount a Redis config file with appendonly yes and tune save points.

package/scaffold/skills/docker-compose-recipes/services/smtp4dev.yml ADDED Viewed

@@ -0,0 +1,27 @@
+# smtp4dev — Windows-friendly SMTP capture, .NET-based
+# Env vars: SMTP4DEV_SMTP_PORT (default 2525), SMTP4DEV_UI_PORT (default 5000)
+# Application-side SMTP config:
+#   SMTP_HOST=smtp4dev ; SMTP_PORT=25 (internal) ; SMTP_USER= ; SMTP_PASSWORD= ; SMTP_SECURE=false
+smtp4dev:
+  image: rnwood/smtp4dev:v3
+  restart: unless-stopped
+  ports:
+    - "${SMTP4DEV_SMTP_PORT:-2525}:25"
+    - "${SMTP4DEV_UI_PORT:-5000}:80"
+  environment:
+    ServerOptions__HostName: smtp4dev
+  volumes:
+    - smtp4dev_data:/smtp4dev
+  healthcheck:
+    test: ["CMD", "wget", "--quiet", "--spider", "http://localhost:80"]
+    interval: 10s
+    timeout: 3s
+    retries: 5
+    start_period: 5s
+# volumes:
+#   smtp4dev_data: {}
+#
+# Prod notes:
+# - DEV ONLY. Do not ship to prod.

package/scaffold/skills/docker-compose-recipes/services/traefik.yml ADDED Viewed

@@ -0,0 +1,42 @@
+# Traefik 3 — reverse proxy + dev TLS via mkcert
+# Env vars: TRAEFIK_HTTP_PORT (default 80), TRAEFIK_HTTPS_PORT (default 443), TRAEFIK_DASHBOARD_PORT (default 8080)
+# Use Docker labels on other services to route traffic, e.g.:
+#   labels:
+#     - "traefik.enable=true"
+#     - "traefik.http.routers.web.rule=Host(`web.localhost`)"
+#     - "traefik.http.services.web.loadbalancer.server.port=3000"
+traefik:
+  image: traefik:v3.1
+  restart: unless-stopped
+  command:
+    - "--api.insecure=true"
+    - "--providers.docker=true"
+    - "--providers.docker.exposedbydefault=false"
+    - "--entrypoints.web.address=:80"
+    - "--entrypoints.websecure.address=:443"
+  ports:
+    - "${TRAEFIK_HTTP_PORT:-80}:80"
+    - "${TRAEFIK_HTTPS_PORT:-443}:443"
+    - "${TRAEFIK_DASHBOARD_PORT:-8080}:8080"
+  volumes:
+    - /var/run/docker.sock:/var/run/docker.sock:ro
+    - traefik_certs:/certs
+  healthcheck:
+    test: ["CMD", "wget", "--quiet", "--spider", "http://localhost:8080/ping"]
+    interval: 10s
+    timeout: 3s
+    retries: 5
+    start_period: 5s
+# volumes:
+#   traefik_certs: {}
+#
+# Dev TLS notes:
+# - Run `mkcert -install && mkcert localhost '*.localhost'` once on the host, mount the certs
+#   into traefik_certs, and configure tls.options for HTTPS routes.
+#
+# Prod notes:
+# - REMOVE --api.insecure=true. Bind the dashboard to a private network or behind basic auth.
+# - Replace Docker provider with file/Kubernetes provider for prod orchestration.
+# - Use ACME/Let's Encrypt resolver for prod TLS (configure --certificatesresolvers.le.acme.*).

package/scaffold/skills/docker-compose-recipes/services/typesense.yml ADDED Viewed

@@ -0,0 +1,25 @@
+# Typesense — alternative to Meilisearch, focus on typo tolerance and ranking
+# Env vars: TYPESENSE_API_KEY, TYPESENSE_PORT (default 8108)
+# Application-side: TYPESENSE_HOST=typesense; TYPESENSE_PORT=8108; TYPESENSE_API_KEY=${TYPESENSE_API_KEY}
+typesense:
+  image: typesense/typesense:0.27.1
+  restart: unless-stopped
+  command: --data-dir /data --api-key=${TYPESENSE_API_KEY:-typesense-dev-key} --enable-cors
+  ports:
+    - "${TYPESENSE_PORT:-8108}:8108"
+  volumes:
+    - typesense_data:/data
+  healthcheck:
+    test: ["CMD", "curl", "-f", "http://localhost:8108/health"]
+    interval: 10s
+    timeout: 3s
+    retries: 5
+    start_period: 5s
+# volumes:
+#   typesense_data: {}
+#
+# Prod notes:
+# - Generate a strong TYPESENSE_API_KEY; rotate periodically.
+# - For HA, run a 3-node cluster (see Typesense docs for clustering).