feat: Add production configuration to disable internal protocol servers

- Created .env.production with OPCUA_ENABLED=false and MODBUS_ENABLED=false - Created docker-compose.production.yml that uses production environment file - Updated deployment script to use production docker-compose file when available - This prevents connection issues when protocol servers are not available
2025-11-01 16:02:26 +00:00 · 2025-11-01 16:02:26 +00:00 · 308972c265
parent 80bb919a56
commit 308972c265
3 changed files with 140 additions and 2 deletions
--- a/.env.production
+++ b/.env.production
@ -0,0 +1,38 @@
+# Production Environment Configuration
+# Disable internal protocol servers - use external SCADA servers instead
+
+# Database configuration
+DB_HOST=calejo-postgres
+DB_PORT=5432
+DB_NAME=calejo_production
+DB_USER=calejo_user
+DB_PASSWORD=production_password
+
+# Disable internal protocol servers
+OPCUA_ENABLED=false
+MODBUS_ENABLED=false
+
+# REST API configuration
+REST_API_ENABLED=true
+REST_API_HOST=0.0.0.0
+REST_API_PORT=8080
+
+# Health monitoring
+HEALTH_MONITOR_PORT=9090
+
+# Logging
+LOG_LEVEL=INFO
+LOG_FORMAT=json
+ENVIRONMENT=production
+
+# Security
+API_KEY=production_api_key_secure
+JWT_SECRET_KEY=production_jwt_secret_key_secure
+
+# Auto-discovery
+AUTO_DISCOVERY_ENABLED=true
+AUTO_DISCOVERY_REFRESH_MINUTES=60
+
+# Optimization
+OPTIMIZATION_MONITORING_ENABLED=true
+OPTIMIZATION_REFRESH_SECONDS=30
--- a/deploy/ssh/deploy-remote.sh
+++ b/deploy/ssh/deploy-remote.sh
@ -331,8 +331,12 @@ build_and_start_services() {
    # Build services
    execute_remote "cd $TARGET_DIR && sudo docker-compose build" "Building Docker images"
    
-    # Start services
-    execute_remote "cd $TARGET_DIR && sudo docker-compose up -d" "Starting services"
+    # Start services - use production compose file if available
+    if [[ "$ENVIRONMENT" == "production" ]] && execute_remote "cd $TARGET_DIR && test -f docker-compose.production.yml" "Checking for production compose file" 2>/dev/null; then
+        execute_remote "cd $TARGET_DIR && sudo docker-compose -f docker-compose.production.yml up -d" "Starting services with production configuration"
+    else
+        execute_remote "cd $TARGET_DIR && sudo docker-compose up -d" "Starting services"
+    fi
    
    # Wait for services to be ready
    print_status "Waiting for services to start..."
--- a/docker-compose.production.yml
+++ b/docker-compose.production.yml
@ -0,0 +1,96 @@
+version: '3.8'
+
+services:
+  calejo-control-adapter:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: calejo-control-adapter
+    ports:
+      - "8080:8080"  # REST API
+      # OPC UA and Modbus ports are not exposed in production
+      # as we use external SCADA servers
+      - "9090:9090"  # Prometheus metrics
+    env_file:
+      - .env.production
+    depends_on:
+      - postgres
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
+    volumes:
+      - ./logs:/app/logs
+      - ./config:/app/config
+    networks:
+      - calejo-network
+
+  postgres:
+    image: postgres:15
+    container_name: calejo-postgres
+    environment:
+      - POSTGRES_DB=calejo_production
+      - POSTGRES_USER=calejo_user
+      - POSTGRES_PASSWORD=production_password
+    ports:
+      - "5432:5432"
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+      - ./database/init.sql:/docker-entrypoint-initdb.d/init.sql
+    restart: unless-stopped
+    networks:
+      - calejo-network
+
+  prometheus:
+    image: prom/prometheus:latest
+    container_name: calejo-prometheus
+    ports:
+      - "9091:9090"
+    volumes:
+      - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
+      - ./monitoring/web.yml:/etc/prometheus/web.yml
+      - ./monitoring/alert_rules.yml:/etc/prometheus/alert_rules.yml
+      - prometheus_data:/prometheus
+    command:
+      - '--config.file=/etc/prometheus/prometheus.yml'
+      - '--web.config.file=/etc/prometheus/web.yml'
+      - '--storage.tsdb.path=/prometheus'
+      - '--web.console.libraries=/etc/prometheus/console_libraries'
+      - '--web.console.templates=/etc/prometheus/consoles'
+      - '--storage.tsdb.retention.time=200h'
+      - '--web.enable-lifecycle'
+    restart: unless-stopped
+    networks:
+      - calejo-network
+
+  grafana:
+    image: grafana/grafana:latest
+    container_name: calejo-grafana
+    ports:
+      - "3000:3000"
+    environment:
+      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD:-admin}
+      - GF_USERS_ALLOW_SIGN_UP=false
+    volumes:
+      - grafana_data:/var/lib/grafana
+      - ./monitoring/grafana/dashboards:/var/lib/grafana/dashboards
+      - ./monitoring/grafana/datasources:/etc/grafana/provisioning/datasources
+      - ./monitoring/grafana/dashboard.yml:/etc/grafana/provisioning/dashboards/dashboard.yml
+      - ./monitoring/grafana/dashboards:/etc/grafana/provisioning/dashboards
+    restart: unless-stopped
+    depends_on:
+      - prometheus
+    networks:
+      - calejo-network
+
+volumes:
+  postgres_data:
+  prometheus_data:
+  grafana_data:
+
+networks:
+  calejo-network:
+    driver: bridge