feat: rebuild fiscal clone architecture and harden coolify deployment

2026-02-23 21:10:39 -05:00
parent cae7cbb98f
commit 04e5caf4e1
61 changed files with 3826 additions and 2923 deletions
--- a/backend/docker-compose.yml
+++ b/backend/docker-compose.yml
@@ -1,43 +1,64 @@
 services:
+  postgres:
+    image: postgres:16-alpine
+    restart: unless-stopped
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER:-postgres}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
+      POSTGRES_DB: ${POSTGRES_DB:-fiscal}
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ['CMD-SHELL', 'pg_isready -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-fiscal}']
+      interval: 5s
+      timeout: 5s
+      retries: 10
+
  backend:
    build:
      context: .
      dockerfile: Dockerfile
    restart: unless-stopped
+    command: ['sh', '-c', 'bun run src/db/migrate.ts && bun run src/index.ts']
    environment:
-      - DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}
-      - PORT=3001
+      DATABASE_URL: ${DATABASE_URL:-postgres://postgres:postgres@postgres:5432/fiscal}
+      PORT: ${PORT:-3001}
+      FRONTEND_URL: ${FRONTEND_URL:-http://localhost:3000}
+      BETTER_AUTH_SECRET: ${BETTER_AUTH_SECRET:-local-dev-better-auth-secret-change-me}
+      BETTER_AUTH_BASE_URL: ${BETTER_AUTH_BASE_URL:-http://localhost:3001}
+      SEC_USER_AGENT: ${SEC_USER_AGENT:-Fiscal Clone <support@example.com>}
+      OPENCLAW_BASE_URL: ${OPENCLAW_BASE_URL:-}
+      OPENCLAW_API_KEY: ${OPENCLAW_API_KEY:-}
+      OPENCLAW_MODEL: ${OPENCLAW_MODEL:-zeroclaw}
+      TASK_HEARTBEAT_SECONDS: ${TASK_HEARTBEAT_SECONDS:-15}
+      TASK_STALE_SECONDS: ${TASK_STALE_SECONDS:-120}
+      TASK_MAX_ATTEMPTS: ${TASK_MAX_ATTEMPTS:-3}
    depends_on:
      postgres:
        condition: service_healthy
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:3001/api/health"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-    networks:
-      - fiscal

-  postgres:
-    image: postgres:16-alpine
+  worker:
+    build:
+      context: .
+      dockerfile: Dockerfile
    restart: unless-stopped
+    command: ['sh', '-c', 'bun run src/db/migrate.ts && bun run src/worker.ts']
    environment:
-      - POSTGRES_USER=${POSTGRES_USER}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-      - POSTGRES_DB=${POSTGRES_DB}
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
-      interval: 5s
-      timeout: 5s
-      retries: 10
-    networks:
-      - fiscal
+      DATABASE_URL: ${DATABASE_URL:-postgres://postgres:postgres@postgres:5432/fiscal}
+      PORT: ${PORT:-3001}
+      FRONTEND_URL: ${FRONTEND_URL:-http://localhost:3000}
+      BETTER_AUTH_SECRET: ${BETTER_AUTH_SECRET:-local-dev-better-auth-secret-change-me}
+      BETTER_AUTH_BASE_URL: ${BETTER_AUTH_BASE_URL:-http://localhost:3001}
+      SEC_USER_AGENT: ${SEC_USER_AGENT:-Fiscal Clone <support@example.com>}
+      OPENCLAW_BASE_URL: ${OPENCLAW_BASE_URL:-}
+      OPENCLAW_API_KEY: ${OPENCLAW_API_KEY:-}
+      OPENCLAW_MODEL: ${OPENCLAW_MODEL:-zeroclaw}
+      TASK_HEARTBEAT_SECONDS: ${TASK_HEARTBEAT_SECONDS:-15}
+      TASK_STALE_SECONDS: ${TASK_STALE_SECONDS:-120}
+      TASK_MAX_ATTEMPTS: ${TASK_MAX_ATTEMPTS:-3}
+    depends_on:
+      postgres:
+        condition: service_healthy

 volumes:
  postgres_data:
-
-networks:
-  fiscal:
-    external: true