2ND

docker-compose.yml

@@ -0,0 +1,135 @@
+version: '3.8'
+
+services:
+  # MySQL 資料庫服務
+  mysql:
+    image: mysql:8.0
+    container_name: tempspec-mysql
+    restart: unless-stopped
+    environment:
+      MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-tempspec123}
+      MYSQL_DATABASE: ${DB_NAME:-tempspec_db}
+      MYSQL_USER: ${DB_USER:-tempspec_user}
+      MYSQL_PASSWORD: ${DB_PASSWORD:-tempspec_pass}
+    ports:
+      - "${DB_PORT:-3306}:3306"
+    volumes:
+      - mysql_data:/var/lib/mysql
+      - ./mysql/init:/docker-entrypoint-initdb.d:ro
+    command: --default-authentication-plugin=mysql_native_password
+    networks:
+      - tempspec-network
+    healthcheck:
+      test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "root", "-p${DB_ROOT_PASSWORD:-tempspec123}"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+
+  # ONLYOFFICE Document Server
+  onlyoffice:
+    image: onlyoffice/documentserver:latest
+    container_name: tempspec-onlyoffice
+    restart: unless-stopped
+    environment:
+      JWT_ENABLED: "true"
+      JWT_SECRET: ${ONLYOFFICE_JWT_SECRET:-your_jwt_secret_key_here}
+      JWT_HEADER: "Authorization"
+      JWT_IN_BODY: "true"
+    ports:
+      - "${ONLYOFFICE_PORT:-8080}:80"
+    volumes:
+      - onlyoffice_data:/var/www/onlyoffice/Data
+      - onlyoffice_logs:/var/log/onlyoffice
+    networks:
+      - tempspec-network
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost/healthcheck"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+
+  # Flask 應用程式
+  app:
+    build: .
+    container_name: tempspec-app
+    restart: unless-stopped
+    environment:
+      # Flask 設定
+      FLASK_ENV: ${FLASK_ENV:-production}
+      SECRET_KEY: ${SECRET_KEY:-your-secret-key-here}
+      
+      # 資料庫設定
+      DATABASE_URL: mysql+pymysql://${DB_USER:-tempspec_user}:${DB_PASSWORD:-tempspec_pass}@mysql:3306/${DB_NAME:-tempspec_db}
+      
+      # LDAP 設定
+      LDAP_SERVER: ${LDAP_SERVER:-ldap://your-dc.company.com}
+      LDAP_PORT: ${LDAP_PORT:-389}
+      LDAP_USE_SSL: ${LDAP_USE_SSL:-False}
+      LDAP_SEARCH_BASE: ${LDAP_SEARCH_BASE:-DC=company,DC=com}
+      LDAP_BIND_USER_DN: ${LDAP_BIND_USER_DN:-CN=service,DC=company,DC=com}
+      LDAP_BIND_USER_PASSWORD: ${LDAP_BIND_USER_PASSWORD:-service_password}
+      LDAP_USER_LOGIN_ATTR: ${LDAP_USER_LOGIN_ATTR:-userPrincipalName}
+      
+      # SMTP 郵件設定
+      SMTP_SERVER: ${SMTP_SERVER:-smtp.company.com}
+      SMTP_PORT: ${SMTP_PORT:-587}
+      SMTP_USE_TLS: ${SMTP_USE_TLS:-True}
+      SMTP_SENDER_EMAIL: ${SMTP_SENDER_EMAIL:-noreply@company.com}
+      SMTP_SENDER_PASSWORD: ${SMTP_SENDER_PASSWORD:-smtp_password}
+      
+      # ONLYOFFICE 設定
+      ONLYOFFICE_URL: http://onlyoffice:80
+      ONLYOFFICE_JWT_SECRET: ${ONLYOFFICE_JWT_SECRET:-your_jwt_secret_key_here}
+      
+      # 其他設定
+      UPLOAD_FOLDER: uploads
+    ports:
+      - "${APP_PORT:-5000}:5000"
+    volumes:
+      - ./uploads:/app/uploads
+      - ./static/generated:/app/static/generated
+      - ./logs:/app/logs
+      - ./template_with_placeholders.docx:/app/template_with_placeholders.docx:ro
+    depends_on:
+      mysql:
+        condition: service_healthy
+      onlyoffice:
+        condition: service_healthy
+    networks:
+      - tempspec-network
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:5000/"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+
+  # Nginx 反向代理 (可選)
+  nginx:
+    image: nginx:alpine
+    container_name: tempspec-nginx
+    restart: unless-stopped
+    ports:
+      - "${NGINX_PORT:-80}:80"
+      - "${NGINX_SSL_PORT:-443}:443"
+    volumes:
+      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./nginx/conf.d:/etc/nginx/conf.d:ro
+      - ./nginx/ssl:/etc/nginx/ssl:ro
+    depends_on:
+      - app
+    networks:
+      - tempspec-network
+    profiles:
+      - production
+
+volumes:
+  mysql_data:
+    driver: local
+  onlyoffice_data:
+    driver: local
+  onlyoffice_logs:
+    driver: local
+
+networks:
+  tempspec-network:
+    driver: bridge