bytelyst/learning_ai_notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(deploy): backend Docker corp-proxy support + local compose override

Browse Source 
Two changes that make 'docker compose up' actually work on this host
(and on any corporate network with TLS interception of npmjs.org):

1. backend/Dockerfile gains the same NODE_TLS_REJECT_UNAUTHORIZED=0 +
   NPM_CONFIG_STRICT_SSL=false envs and 'npm config set strict-ssl false'
   step that web/Dockerfile already had. Without this, the 'npm install
   -g pnpm@10.6.5' step failed with UNABLE_TO_GET_ISSUER_CERT_LOCALLY
   on corp networks. Build-time-only; production runtime image is
   unaffected.

2. docker-compose.override.yml (new) is picked up automatically by
   'docker compose up' and:
   - remaps the web container's host port from 3000 to 3050 (port 3000
     on this host is held by Grafana). Uses 'ports: !override' so the
     base port mapping is replaced rather than appended.
   - points the backend at the sibling platform-service (4003),
     extraction-service (4005), and mcp-server (4007) running on the
     host network via host.docker.internal.
   - sets DB_PROVIDER=memory and a 32+ char JWT_SECRET so the backend
     starts in dev mode without Cosmos credentials.

Verified live on this host:
  docker compose up -d → both notelett-backend (healthy) and
  notelett-web running.
  curl http://localhost:4016/health → {status:ok,service:notelett-backend}
  curl http://localhost:3050/dashboard → HTTP 200, '<title>NoteLett</title>'
This commit is contained in:
saravanakumardb1 2026-05-23 01:04:18 -07:00
parent 7103660c95
commit e5221afb87
2 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
backend/Dockerfile
View File

@ -1,7 +1,14 @@
FROM node:22-slim AS builder FROM node:22-slim AS builder
WORKDIR /app/backend WORKDIR /app/backend
RUN npm install -g pnpm@10.6.5 # Corporate proxies often perform TLS interception; npm/pnpm registry
# fetches need strict-ssl disabled for the build step (same pattern as
# web/Dockerfile). These flags apply only inside the build container.
ENV NODE_TLS_REJECT_UNAUTHORIZED=0
ENV NPM_CONFIG_STRICT_SSL=false
RUN npm config set strict-ssl false \
&& npm install -g pnpm@10.6.5
COPY .npmrc.docker ./.npmrc COPY .npmrc.docker ./.npmrc
COPY .docker-deps/ ../.docker-deps/ COPY .docker-deps/ ../.docker-deps/

38
docker-compose.override.yml Normal file
View File

@ -0,0 +1,38 @@
# Local override for `docker compose up` on this host.
#
# Why this exists:
# docker-compose.yml maps the web container to host port 3000, but
# port 3000 on this host is already occupied (Grafana). This file
# remaps web to host port 3050 and backend stays on 4016. The backend
# is configured to point at the sibling platform/extraction/mcp
# services already running on the host network.
#
# Bring up:
# docker compose up -d
# URLs:
# Web: http://localhost:3050
# Backend: http://localhost:4016
# Health: http://localhost:4016/health
# Bring down:
# docker compose down
services:
backend:
extra_hosts:
- "host.docker.internal:host-gateway"
environment:
CORS_ORIGIN: "http://localhost:3050"
PLATFORM_SERVICE_URL: "http://host.docker.internal:4003"
EXTRACTION_SERVICE_URL: "http://host.docker.internal:4005"
MCP_SERVER_URL: "http://host.docker.internal:4007"
DB_PROVIDER: memory
JWT_SECRET: "dev-secret-change-me-at-least-32-characters-long"
web:
ports: !override
- "3050:3045"
environment:
NEXT_PUBLIC_NOTES_API_URL: "http://localhost:4016/api"
NEXT_PUBLIC_PLATFORM_SERVICE_URL: "http://localhost:4003/api"
NEXT_PUBLIC_EXTRACTION_SERVICE_URL: "http://localhost:4005"
NEXT_PUBLIC_MCP_SERVER_URL: "http://localhost:4007/api"