Simplify to standalone service on shared nocodb-network, add modem_num field

Strips embedded nocodb/postgres services from compose; switches to shared
nocodb-network. Adds modem_num to NocoDB field list. Fixes session cookie
secure flag. Removes previously-tracked XML template files (covered by .gitignore).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
D Stephenson
2026-06-23 11:38:51 -05:00
parent 056bc1cec3
commit 53501d5a57
2 changed files with 29 additions and 114 deletions
+2 -2
View File
@@ -300,7 +300,7 @@ def _fetch_all_rows(view_id: str) -> list:
NOCODB_FIELDS = [ NOCODB_FIELDS = [
"hostname", "ip_address", "username", "password", "https_port", "hostname", "ip_address", "username", "password", "https_port",
"use_https", "ssh_port", "location", "alias", "dept", "def_pass", "use_https", "ssh_port", "location", "alias", "dept", "def_pass",
"snmp_auth_key", "snmp_priv_key", "fort_key", "vpn_subnets", "snmp_auth_key", "snmp_priv_key", "fort_key", "vpn_subnets", "modem_num",
] ]
@@ -1475,7 +1475,7 @@ async def auth_login(username: str = Form(...), password: str = Form(...)):
resp = RedirectResponse(url="/", status_code=303) resp = RedirectResponse(url="/", status_code=303)
resp.set_cookie( resp.set_cookie(
key=SESSION_COOKIE, value=token, key=SESSION_COOKIE, value=token,
httponly=True, secure=True, samesite="lax", httponly=True, secure=False, samesite="lax",
max_age=SESSION_HOURS * 3600, max_age=SESSION_HOURS * 3600,
) )
return resp return resp
+27 -112
View File
@@ -1,125 +1,40 @@
# ── RV50x Template Manager — Full Stack ────────────────────────────────────
#
# Services:
# rv50x-manager FastAPI web app + Playwright
# nocodb NocoDB UI and API
# postgres PostgreSQL database for NocoDB
#
# Usage:
# Start: docker-compose up -d
# Stop: docker-compose stop
# Destroy: docker-compose down (data volumes preserved)
# Logs: docker-compose logs -f rv50x-manager
#
# Port mapping — change the LEFT number to use a different host port:
# rv50x-manager: http://host-ip:YOUR_PORT
# nocodb: http://host-ip:8090
# postgres: not exposed (internal only)
# ───────────────────────────────────────────────────────────────────────────
services: services:
# ── RV50x Template Manager ────────────────────────────────────────────────
rv50x-manager: rv50x-manager:
build: build:
context: . context: .
dockerfile: Dockerfile dockerfile: Dockerfile
container_name: rv50x-manager container_name: rv50x-manager
restart: "no" # manual start only
ports: ports:
- "8002:8000" # ← change YOUR_PORT to your chosen port - "8002:8000"
volumes: volumes:
# Bind mounts — files are directly accessible on the host at these paths. - ./certs:/certs:ro
# No sudo needed, no docker volume commands needed. - ./template_downloads:/data/template_downloads
- /opt/rv50x-manager/template_downloads:/data/template_downloads - ./template_uploads:/data/template_uploads
- /opt/rv50x-manager/template_uploads:/data/template_uploads - ./xml_templates:/data/xml_templates
- /opt/rv50x-manager/xml_templates:/data/xml_templates - ./rv50x.db:/app/rv50x.db
- /opt/rv50x-manager/certs:/certs:ro # SSL certificates (read-only) - ./at_presets.json:/app/at_presets.json
- /opt/rv50x-manager/rv50x.db:/app/rv50x.db # job history (SQLite)
- /opt/rv50x-manager/at_presets.json:/app/at_presets.json # AT presets
environment: environment:
# ── NocoDB connection ────────────────────────────────────────────── - NOCODB_URL=http://nocodb:8080
# To use the built-in NocoDB from this stack, set NOCODB_URL to: - NOCODB_TOKEN=eWU_ilelaCtNy1JzC7vf41DokkqFOovcLHM0zVml
# http://nocodb:8080 - NOCODB_BASE_ID=pdq96x915xt4a0m
# To use an external NocoDB instance, set it to that URL instead. - NOCODB_TABLE_ID=mkewnr53ahqvnt9
NOCODB_URL: ${NOCODB_URL} - NOCODB_VIEW_ID=vwl7qvxo1xclvawz
NOCODB_TOKEN: ${NOCODB_TOKEN} - NOCODB_VIEW_ID_ELECTRIC=
NOCODB_BASE_ID: ${NOCODB_BASE_ID} - NOCODB_VIEW_ID_GW=
NOCODB_TABLE_ID: ${NOCODB_TABLE_ID} - PAGE_TIMEOUT=90000
NOCODB_VIEW_ID: ${NOCODB_VIEW_ID} - DOWNLOAD_TIMEOUT=120000
NOCODB_VIEW_ID_ELECTRIC: ${NOCODB_VIEW_ID_ELECTRIC:-} - UPLOAD_TIMEOUT=120000
NOCODB_VIEW_ID_GW: ${NOCODB_VIEW_ID_GW:-} - MAX_RETRIES=3
# ── SSL certificate paths (inside the container) ─────────────────── - APP_USERNAME=admin
SSL_CERT: /certs/cert.pem - APP_PASSWORD=Arrakis-10191
SSL_KEY: /certs/key.pem - SESSION_SECRET=someraandomlongstring123
# ── Tunable timeouts (optional) ──────────────────────────────────── - SESSION_HOURS=8
PAGE_TIMEOUT: ${PAGE_TIMEOUT:-90000} restart: unless-stopped
DOWNLOAD_TIMEOUT: ${DOWNLOAD_TIMEOUT:-120000}
UPLOAD_TIMEOUT: ${UPLOAD_TIMEOUT:-120000}
MAX_RETRIES: ${MAX_RETRIES:-3}
APP_USERNAME: ${APP_USERNAME}
APP_PASSWORD: ${APP_PASSWORD}
SESSION_SECRET: ${SESSION_SECRET}
SESSION_HOURS: ${SESSION_HOURS:-8}
depends_on:
nocodb:
condition: service_healthy
networks: networks:
- rv50x-net - nocodb-network
# ── NocoDB ───────────────────────────────────────────────────────────────
nocodb:
image: nocodb/nocodb:latest
container_name: rv50x-nocodb
restart: "no" # manual start only
ports:
- "8090:8080" # NocoDB UI on host port 8090
environment:
NC_DB: "pg://postgres:5432?u=nocodb&p=${POSTGRES_PASSWORD}&d=nocodb"
NC_AUTH_JWT_SECRET: ${NC_JWT_SECRET}
volumes:
- nocodb_data:/usr/app/data
depends_on:
postgres:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/api/v1/health"]
interval: 10s
timeout: 5s
retries: 10
start_period: 30s
networks: networks:
- rv50x-net nocodb-network:
external: true
# ── PostgreSQL ─────────────────────────────────────────────────────────── name: nocodb-network
postgres:
image: postgres:16-alpine
container_name: rv50x-postgres
restart: "no" # manual start only
environment:
POSTGRES_USER: nocodb
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: nocodb
volumes:
- postgres_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U nocodb"]
interval: 5s
timeout: 3s
retries: 10
networks:
- rv50x-net
# Postgres is intentionally NOT exposed on a host port.
# Only NocoDB can reach it via the internal network.
# ── Named volumes — only postgres and nocodb use named volumes ───────────────
# template_downloads, template_uploads, and xml_templates use bind mounts
# above so files are directly accessible in /opt/rv50x-manager/ on the host.
volumes:
postgres_data:
nocodb_data:
# ── Internal network ────────────────────────────────────────────────────────
networks:
rv50x-net:
driver: bridge