security: remove .env from tracking (contains secrets)

2026-05-11 18:15:21 +03:00
parent 295c3a9d6d
commit 64696b334c
26 changed files with 1840 additions and 128 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,29 @@
+services:
+  api:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: cryptowallet-api
+    restart: unless-stopped
+    ports:
+      - "3001:3001"
+    env_file:
+      - .env
+    environment:
+      API_PORT: "3001"
+    # Внешняя БД (72.56.9.76) — postgres-сервис не нужен.
+    # DB-creds + master-key читаются из Vault через AppRole.
+    volumes:
+      # Audit-log: mnemonic reveal / wallet create / send — для compliance/forensics
+      - ./logs:/app/logs
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost:3001/api/health"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 15s
+    logging:
+      driver: json-file
+      options:
+        max-size: "20m"
+        max-file: "5"