|
|
||
|---|---|---|
| .gitea/workflows | ||
| finance | ||
| gradle/wrapper | ||
| infrastructure | ||
| init-scripts | ||
| libs | ||
| referral | ||
| src/main | ||
| .dockerignore | ||
| .env | ||
| .gitattributes | ||
| .gitignore | ||
| build.gradle | ||
| docker-compose.yaml | ||
| Dockerfile | ||
| gradlew | ||
| gradlew.bat | ||
| MIGRATION.md | ||
| README.md | ||
| settings.gradle | ||
| wait-for-it.sh | ||
Создаем сеть: docker network create app-network
Войти в БД: docker exec -it postgres psql -U ncp_db -d no_copy_
Выполнить команду: \du
Должен быть один пользователь: List of roles Role name | Attributes -----------+------------------------------------------------------------ ncp_db | Superuser, Create role, Create DB, Replication, Bypass RLS
суперпользователь БД: postgres/postgres пользователь бд для бэка ncp_db / ncpDbApp
Подключение к БД для приложения,если volume не существует :
Создаться автоматически.
Если уже существует volume :
docker exec -it postgres psql -U postgres -d postgres
CREATE USER ncp_db WITH PASSWORD 'ncpDbApp';
GRANT ALL PRIVILEGES ON DATABASE no_copy_ TO ncp_db;
\du
\q
psql -U postgres -d no_copy_
-- база
GRANT CONNECT ON DATABASE no_copy_ TO ncp_db;
-- схема
GRANT USAGE ON SCHEMA public TO ncp_db;
-- существующие таблицы
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO ncp_db;
-- существующие sequence (очень важно для id)
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO ncp_db;
-- будущие таблицы
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO ncp_db;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO ncp_db;
Зайти в контейнер: docker exec -it {name} bash
Создать для сущности FileEntity sequence для икремента индетификатора
CREATE SEQUENCE IF NOT EXISTS file_support_id_seq START 1;
ALTER TABLE file_entities ALTER COLUMN support_id SET DEFAULT nextval('file_support_id_seq');
Раздать всем лимиты,у кого их нет
INSERT INTO protect_check (user_id, check_limit, count_checked, last_check_at, version) SELECT id as user_id, 10 as check_limit, 0 as count_checked, NULL as last_check_at, 0 as version FROM users WHERE id NOT IN (SELECT user_id FROM protect_check);
Обновлять констрейнты для file_entities
ALTER TABLE file_entities DROP CONSTRAINT file_entities_status_check;
ALTER TABLE file_entities
ADD CONSTRAINT file_entities_status_check
CHECK (status IN (
'ACTIVE',
'DELETED',
'PROCESSING',
'VIOLATION',
'CHECKED',
'ERROR',
'TEMP'
));
Записи для лимитов поиска
INSERT INTO protect_check (user_id, limit_check, count_checked, last_check_at, version) SELECT u.id, 100, -- limit_check = 100 0, -- count_checked = 0 NULL, -- last_check_at = NULL 0 -- version = 0 FROM users u WHERE NOT EXISTS ( SELECT 1 FROM protect_check pc WHERE pc.user_id = u.id );
Скрипты рефералки
INSERT INTO referrals (user_id, referral_link, inviter_id, level_id, total_income, is_active, created_at, hold_balance) SELECT u.id as user_id, CONCAT('ref-', u.id, '-', LOWER(SUBSTRING(MD5(RANDOM()::text) FROM 1 FOR 8))) as referral_link, NULL as inviter_id, 'bronze' as level_id, 0 as total_income, false as is_active, NOW() as created_at, 0 as hold_balance FROM users u LEFT JOIN referrals r ON u.id = r.user_id WHERE u.company_id IS NULL AND r.user_id IS NULL ORDER BY u.id;
INSERT INTO referral_levels (id, name, min_invitees, reward_percentage) VALUES ('bronze', 'BRONZE', 0, 15), ('silver', 'SILVER', 6, 18), ('gold', 'GOLD', 16, 22), ('platinum', 'PLATINUM', 50, 25);
Скрипт,для нумерации для уже сохданных файлов WITH max_id AS ( SELECT COALESCE(MAX(support_id), 0) as max_val FROM file_entities ), -- Нумеруем только NULL записи, начиная с max_val + 1 numbered AS ( SELECT f.id, (SELECT max_val FROM max_id) + ROW_NUMBER() OVER (ORDER BY f.created_at, f.id) as new_support_id FROM file_entities f WHERE f.support_id IS NULL ) UPDATE file_entities SET support_id = numbered.new_support_id FROM numbered WHERE file_entities.id = numbered.id;
НАСТРОЙКА NGINX
server { listen 80; listen [::]:80; server_name admin.not-copy.сom;
location /api/ {
proxy_pass http://localhost:3003;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://localhost:2995;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server { listen 80; listen [::]:80; server_name workspace.not-copy.сom;
location /api/ {
proxy_pass http://localhost:3003;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://localhost:2998;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server { listen 80; listen [::]:80; server_name lp.not-copy.сom;
location /api/ {
proxy_pass http://localhost:3003;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://localhost:2993;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server { listen 80; listen [::]:80; server_name dev-admin.not-copy.сom;
location /api/ {
proxy_pass http://localhost:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://localhost:2996;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server { listen 80; listen [::]:80; server_name dev-workspace.not-copy.сom;
location /api/ {
proxy_pass http://localhost:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://localhost:3002;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server { listen 80; listen [::]:80; server_name dev-lp.not-copy.сom;
location /api/ {
proxy_pass http://localhost:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://localhost:2994;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Проверяем конфиг
ls -la /etc/nginx/sites-available/ ls -la /etc/nginx/sites-enabled/
Создание конфига
sudo nano /etc/nginx/sites-available/not-copy
Создание симлинк
sudo ln -s /etc/nginx/sites-available/not-copy /etc/nginx/sites-enabled/
Чек
sudo nginx -t
Рестарт
sudo systemctl reload nginx