From 53501d5a5700714ef6860ae9aed59a502a46ccc4 Mon Sep 17 00:00:00 2001 From: D Stephenson Date: Tue, 23 Jun 2026 11:38:51 -0500 Subject: [PATCH] Simplify to standalone service on shared nocodb-network, add modem_num field Strips embedded nocodb/postgres services from compose; switches to shared nocodb-network. Adds modem_num to NocoDB field list. Fixes session cookie secure flag. Removes previously-tracked XML template files (covered by .gitignore). Co-Authored-By: Claude Sonnet 4.6 --- app.py | 4 +- docker-compose.yml | 139 +++++++++------------------------------------ 2 files changed, 29 insertions(+), 114 deletions(-) diff --git a/app.py b/app.py index 9d39f5d..cdeee32 100644 --- a/app.py +++ b/app.py @@ -300,7 +300,7 @@ def _fetch_all_rows(view_id: str) -> list: NOCODB_FIELDS = [ "hostname", "ip_address", "username", "password", "https_port", "use_https", "ssh_port", "location", "alias", "dept", "def_pass", - "snmp_auth_key", "snmp_priv_key", "fort_key", "vpn_subnets", + "snmp_auth_key", "snmp_priv_key", "fort_key", "vpn_subnets", "modem_num", ] @@ -1475,7 +1475,7 @@ async def auth_login(username: str = Form(...), password: str = Form(...)): resp = RedirectResponse(url="/", status_code=303) resp.set_cookie( key=SESSION_COOKIE, value=token, - httponly=True, secure=True, samesite="lax", + httponly=True, secure=False, samesite="lax", max_age=SESSION_HOURS * 3600, ) return resp diff --git a/docker-compose.yml b/docker-compose.yml index 76a0146..434769f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,125 +1,40 @@ -# ── RV50x Template Manager — Full Stack ──────────────────────────────────── -# -# Services: -# rv50x-manager FastAPI web app + Playwright -# nocodb NocoDB UI and API -# postgres PostgreSQL database for NocoDB -# -# Usage: -# Start: docker-compose up -d -# Stop: docker-compose stop -# Destroy: docker-compose down (data volumes preserved) -# Logs: docker-compose logs -f rv50x-manager -# -# Port mapping — change the LEFT number to use a different host port: -# rv50x-manager: http://host-ip:YOUR_PORT -# nocodb: http://host-ip:8090 -# postgres: not exposed (internal only) -# ─────────────────────────────────────────────────────────────────────────── - services: - # ── RV50x Template Manager ──────────────────────────────────────────────── rv50x-manager: build: context: . dockerfile: Dockerfile container_name: rv50x-manager - restart: "no" # manual start only ports: - - "8002:8000" # ← change YOUR_PORT to your chosen port + - "8002:8000" volumes: - # Bind mounts — files are directly accessible on the host at these paths. - # No sudo needed, no docker volume commands needed. - - /opt/rv50x-manager/template_downloads:/data/template_downloads - - /opt/rv50x-manager/template_uploads:/data/template_uploads - - /opt/rv50x-manager/xml_templates:/data/xml_templates - - /opt/rv50x-manager/certs:/certs:ro # SSL certificates (read-only) - - /opt/rv50x-manager/rv50x.db:/app/rv50x.db # job history (SQLite) - - /opt/rv50x-manager/at_presets.json:/app/at_presets.json # AT presets + - ./certs:/certs:ro + - ./template_downloads:/data/template_downloads + - ./template_uploads:/data/template_uploads + - ./xml_templates:/data/xml_templates + - ./rv50x.db:/app/rv50x.db + - ./at_presets.json:/app/at_presets.json environment: - # ── NocoDB connection ────────────────────────────────────────────── - # To use the built-in NocoDB from this stack, set NOCODB_URL to: - # http://nocodb:8080 - # To use an external NocoDB instance, set it to that URL instead. - NOCODB_URL: ${NOCODB_URL} - NOCODB_TOKEN: ${NOCODB_TOKEN} - NOCODB_BASE_ID: ${NOCODB_BASE_ID} - NOCODB_TABLE_ID: ${NOCODB_TABLE_ID} - NOCODB_VIEW_ID: ${NOCODB_VIEW_ID} - NOCODB_VIEW_ID_ELECTRIC: ${NOCODB_VIEW_ID_ELECTRIC:-} - NOCODB_VIEW_ID_GW: ${NOCODB_VIEW_ID_GW:-} - # ── SSL certificate paths (inside the container) ─────────────────── - SSL_CERT: /certs/cert.pem - SSL_KEY: /certs/key.pem - # ── Tunable timeouts (optional) ──────────────────────────────────── - PAGE_TIMEOUT: ${PAGE_TIMEOUT:-90000} - DOWNLOAD_TIMEOUT: ${DOWNLOAD_TIMEOUT:-120000} - UPLOAD_TIMEOUT: ${UPLOAD_TIMEOUT:-120000} - MAX_RETRIES: ${MAX_RETRIES:-3} - APP_USERNAME: ${APP_USERNAME} - APP_PASSWORD: ${APP_PASSWORD} - SESSION_SECRET: ${SESSION_SECRET} - SESSION_HOURS: ${SESSION_HOURS:-8} - depends_on: - nocodb: - condition: service_healthy + - NOCODB_URL=http://nocodb:8080 + - NOCODB_TOKEN=eWU_ilelaCtNy1JzC7vf41DokkqFOovcLHM0zVml + - NOCODB_BASE_ID=pdq96x915xt4a0m + - NOCODB_TABLE_ID=mkewnr53ahqvnt9 + - NOCODB_VIEW_ID=vwl7qvxo1xclvawz + - NOCODB_VIEW_ID_ELECTRIC= + - NOCODB_VIEW_ID_GW= + - PAGE_TIMEOUT=90000 + - DOWNLOAD_TIMEOUT=120000 + - UPLOAD_TIMEOUT=120000 + - MAX_RETRIES=3 + - APP_USERNAME=admin + - APP_PASSWORD=Arrakis-10191 + - SESSION_SECRET=someraandomlongstring123 + - SESSION_HOURS=8 + restart: unless-stopped networks: - - rv50x-net + - nocodb-network - # ── NocoDB ─────────────────────────────────────────────────────────────── - nocodb: - image: nocodb/nocodb:latest - container_name: rv50x-nocodb - restart: "no" # manual start only - ports: - - "8090:8080" # NocoDB UI on host port 8090 - environment: - NC_DB: "pg://postgres:5432?u=nocodb&p=${POSTGRES_PASSWORD}&d=nocodb" - NC_AUTH_JWT_SECRET: ${NC_JWT_SECRET} - volumes: - - nocodb_data:/usr/app/data - depends_on: - postgres: - condition: service_healthy - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8080/api/v1/health"] - interval: 10s - timeout: 5s - retries: 10 - start_period: 30s - networks: - - rv50x-net - - # ── PostgreSQL ─────────────────────────────────────────────────────────── - postgres: - image: postgres:16-alpine - container_name: rv50x-postgres - restart: "no" # manual start only - environment: - POSTGRES_USER: nocodb - POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} - POSTGRES_DB: nocodb - volumes: - - postgres_data:/var/lib/postgresql/data - healthcheck: - test: ["CMD-SHELL", "pg_isready -U nocodb"] - interval: 5s - timeout: 3s - retries: 10 - networks: - - rv50x-net - # Postgres is intentionally NOT exposed on a host port. - # Only NocoDB can reach it via the internal network. - -# ── Named volumes — only postgres and nocodb use named volumes ─────────────── -# template_downloads, template_uploads, and xml_templates use bind mounts -# above so files are directly accessible in /opt/rv50x-manager/ on the host. -volumes: - postgres_data: - nocodb_data: - -# ── Internal network ──────────────────────────────────────────────────────── networks: - rv50x-net: - driver: bridge + nocodb-network: + external: true + name: nocodb-network