Hacker-Software/opencrm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added docker setup

Browse Source
This commit is contained in:
duffyduck
2026-02-08 19:59:49 +01:00
parent 468907c9c3
commit 09e87c951b
10 changed files with 501 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docker/.env.example
+26
View File
@@ -0,0 +1,26 @@
# OpenCRM Docker Environment
# ============================
# Copy this file to .env and adjust the values
# Domain (for Caddy SSL certificate)
# Use your actual domain, e.g., crm.example.com
DOMAIN=localhost
# Database
DB_ROOT_PASSWORD=change-this-root-password
DB_NAME=opencrm
DB_USER=opencrm
DB_PASSWORD=change-this-password
# JWT Authentication
# Generate with: openssl rand -base64 32
JWT_SECRET=change-this-to-a-secure-random-string
JWT_EXPIRES_IN=7d
# Encryption Key (for portal credentials)
# Generate with: openssl rand -hex 32
ENCRYPTION_KEY=change-this-to-a-32-byte-hex-key
# First Install: Set to "true" to seed database on first startup
# After first successful start, set back to "false"
RUN_SEED=true
docker/Caddyfile
+34
View File
@@ -0,0 +1,34 @@
# OpenCRM Caddyfile
# ===================
# Replace {$DOMAIN} with your actual domain or use environment variable
# For local development without SSL, use localhost:80
{$DOMAIN:localhost} {
# Reverse proxy to OpenCRM app
reverse_proxy app:3001
# Logging
log {
output stdout
format console
}
# Security headers
header {
# Clickjacking protection
X-Frame-Options "SAMEORIGIN"
# XSS protection
X-Content-Type-Options "nosniff"
X-XSS-Protection "1; mode=block"
# Referrer policy
Referrer-Policy "strict-origin-when-cross-origin"
}
# Gzip compression
encode gzip
# Handle file uploads (increase body limit)
request_body {
max_size 50MB
}
}
docker/Dockerfile
+97
View File
@@ -0,0 +1,97 @@
# ===================================
# Stage 1: Build Frontend
# ===================================
FROM node:20-alpine AS frontend-builder
WORKDIR /app/frontend
# Copy package files
COPY frontend/package*.json ./
# Install dependencies
RUN npm ci
# Copy frontend source
COPY frontend/ ./
# Build frontend
RUN npm run build
# ===================================
# Stage 2: Build Backend
# ===================================
FROM node:20-alpine AS backend-builder
WORKDIR /app/backend
# Install OpenSSL for Prisma
RUN apk add --no-cache openssl
# Copy package files
COPY backend/package*.json ./
# Install dependencies (including dev for build)
RUN npm ci
# Copy backend source
COPY backend/ ./
# Generate Prisma client
RUN npx prisma generate
# Build TypeScript
RUN npm run build
# ===================================
# Stage 3: Production Runtime
# ===================================
FROM node:20-alpine AS production
WORKDIR /app
# Install OpenSSL for Prisma runtime and netcat for DB health check
RUN apk add --no-cache openssl netcat-openbsd
# Create non-root user
RUN addgroup -g 1001 -S nodejs && \
adduser -S opencrm -u 1001 -G nodejs
# Copy backend package files
COPY backend/package*.json ./
# Install production dependencies + tsx for seed script
RUN npm ci --omit=dev && npm install tsx
# Copy Prisma schema and generate client
COPY backend/prisma ./prisma
RUN npx prisma generate
# Copy built backend
COPY --from=backend-builder /app/backend/dist ./dist
# Copy built frontend to public directory
COPY --from=frontend-builder /app/frontend/dist ./public
# Copy seed file for factory reset
COPY backend/prisma/seed.ts ./prisma/
# Copy entrypoint script
COPY docker/entrypoint.sh ./entrypoint.sh
# Create directories for uploads and backups
RUN mkdir -p uploads backups && \
chmod +x entrypoint.sh && \
chown -R opencrm:nodejs /app
# Switch to non-root user
USER opencrm
# Expose port
EXPOSE 3001
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:3001/api/health || exit 1
# Start the application with entrypoint
ENTRYPOINT ["./entrypoint.sh"]
docker/README.md
+139
View File
@@ -0,0 +1,139 @@
# OpenCRM Docker Deployment
## Schnellstart
1. **Umgebungsvariablen konfigurieren:**
```bash
cd docker
cp .env.example .env
nano .env # Sichere Werte setzen
```
2. **Container starten (erster Start mit RUN_SEED=true):**
```bash
docker compose up -d
```
Beim ersten Start wird automatisch:
- Auf die Datenbank gewartet
- Migrationen ausgeführt
- Seed-Daten geladen (wenn `RUN_SEED=true`)
3. **Nach erfolgreicher Installation:**
```bash
# RUN_SEED in .env auf false setzen
sed -i 's/RUN_SEED=true/RUN_SEED=false/' .env
```
4. **Anwendung aufrufen:**
- Mit Domain: `https://your-domain.com`
- Lokal: `http://localhost`
5. **Login:**
- E-Mail: `admin@admin.com`
- Passwort: `admin`
## Architektur
```
┌─────────────┐
│ Caddy │
│ (SSL/TLS) │
│ :80/:443 │
└──────┬──────┘
┌──────▼──────┐
│ OpenCRM │
│ (Node.js) │
│ :3001 │
└──────┬──────┘
┌──────▼──────┐
│ MariaDB │
│ :3306 │
└─────────────┘
```
## Befehle
### Container verwalten
```bash
# Starten
docker compose up -d
# Stoppen
docker compose down
# Logs anzeigen
docker compose logs -f app
# Neustart
docker compose restart app
```
### Datenbank
```bash
# Migration ausführen
docker compose exec app npx prisma migrate deploy
# Seed-Daten laden
docker compose exec app npx tsx prisma/seed.ts
# Prisma Studio (Datenbank-UI)
docker compose exec app npx prisma studio
```
### Backup & Restore
```bash
# Backup-Verzeichnis ist unter /app/backups gemountet
# Backups werden über die Anwendung erstellt/wiederhergestellt
```
### Update
```bash
# Image neu bauen und Container aktualisieren
docker compose build --no-cache
docker compose up -d
# Migrationen werden automatisch beim Start ausgeführt
```
## Volumes
| Volume | Beschreibung |
|--------|--------------|
| `mariadb_data` | Datenbank-Dateien |
| `uploads_data` | Hochgeladene Dokumente |
| `backups_data` | Backup-Dateien |
| `caddy_data` | SSL-Zertifikate |
| `caddy_config` | Caddy-Konfiguration |
## SSL-Zertifikat
Caddy holt automatisch ein Let's Encrypt Zertifikat wenn:
- Die Domain in `.env` korrekt gesetzt ist
- Port 80 und 443 von außen erreichbar sind
- DNS auf den Server zeigt
Für lokale Entwicklung mit `DOMAIN=localhost` wird ein selbstsigniertes Zertifikat verwendet.
## Troubleshooting
### Container startet nicht
```bash
docker compose logs app
```
### Datenbank-Verbindung fehlgeschlagen
```bash
# Warten bis MariaDB bereit ist
docker compose logs db
```
### SSL-Zertifikat Probleme
```bash
docker compose logs caddy
# Caddy-Daten zurücksetzen
docker compose down
docker volume rm opencrm_caddy_data opencrm_caddy_config
docker compose up -d
```
docker/docker-compose.yml
+88
View File
@@ -0,0 +1,88 @@
version: '3.8'
services:
# ===================================
# MariaDB Database
# ===================================
db:
image: mariadb:10.11
container_name: opencrm-db
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-rootpassword}
MYSQL_DATABASE: ${DB_NAME:-opencrm}
MYSQL_USER: ${DB_USER:-opencrm}
MYSQL_PASSWORD: ${DB_PASSWORD:-opencrm123}
volumes:
- mariadb_data:/var/lib/mysql
networks:
- opencrm-network
healthcheck:
test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
start_period: 10s
interval: 10s
timeout: 5s
retries: 3
# ===================================
# OpenCRM Application
# ===================================
app:
build:
context: ..
dockerfile: docker/Dockerfile
container_name: opencrm-app
restart: unless-stopped
environment:
NODE_ENV: production
PORT: 3001
DATABASE_URL: mysql://${DB_USER:-opencrm}:${DB_PASSWORD:-opencrm123}@db:3306/${DB_NAME:-opencrm}
JWT_SECRET: ${JWT_SECRET:?JWT_SECRET is required}
JWT_EXPIRES_IN: ${JWT_EXPIRES_IN:-7d}
ENCRYPTION_KEY: ${ENCRYPTION_KEY:?ENCRYPTION_KEY is required}
RUN_SEED: ${RUN_SEED:-false}
volumes:
- uploads_data:/app/uploads
- backups_data:/app/backups
networks:
- opencrm-network
depends_on:
db:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3001/api/health"]
start_period: 60s
interval: 30s
timeout: 10s
retries: 3
# ===================================
# Caddy Reverse Proxy (with auto SSL)
# ===================================
caddy:
image: caddy:2-alpine
container_name: opencrm-caddy
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- caddy_data:/data
- caddy_config:/config
networks:
- opencrm-network
depends_on:
app:
condition: service_healthy
networks:
opencrm-network:
driver: bridge
volumes:
mariadb_data:
uploads_data:
backups_data:
caddy_data:
caddy_config:
docker/entrypoint.sh
+34
View File
@@ -0,0 +1,34 @@
#!/bin/sh
set -e
echo "=== OpenCRM Startup ==="
# Wait for database to be ready
echo "Waiting for database connection..."
MAX_RETRIES=30
RETRY_COUNT=0
while ! nc -z db 3306 2>/dev/null; do
RETRY_COUNT=$((RETRY_COUNT + 1))
if [ $RETRY_COUNT -ge $MAX_RETRIES ]; then
echo "Error: Database not available after $MAX_RETRIES attempts"
exit 1
fi
echo " Attempt $RETRY_COUNT/$MAX_RETRIES - waiting..."
sleep 2
done
echo "Database is ready!"
# Run migrations
echo "Running database migrations..."
npx prisma migrate deploy
# Seed database if RUN_SEED is set (first install)
if [ "$RUN_SEED" = "true" ]; then
echo "Seeding database..."
npx tsx prisma/seed.ts
fi
# Start the application
echo "Starting OpenCRM server..."
exec node dist/index.js