Добавляет sidecar glitchtip-auth-forwarder который tails Caddy access log, фильтрует 401 события и шлёт их в GlitchTip через Sentry SDK. - ops/glitchtip-auth-forwarder/forwarder.py: tail + throttle + atomic offset - Caddy JSON schema верифицирован по реальному логу: status верхнеуровневое, request.headers["User-Agent"] — list, client_ip vs remote_ip - Monitor UAs (GlitchTip uptime, SentryUptimeBot) фильтруются как individual events - Storm throttle: >10/60s → один digest event типа basic_auth_storm - docker-compose.prod.yml: caddy_logs volume в caddy + новый service + auth_forwarder_state - docs/runbooks/basic_auth_management.md: runbook с GlitchTip секцией
20 lines
661 B
Text
20 lines
661 B
Text
# Variables read by docker-compose.yml at the project root.
|
|
# Copy to .env (chmod 600) and fill with real values.
|
|
# Generate a strong password with: openssl rand -base64 24 | tr -d '/+' | head -c 24
|
|
|
|
POSTGRES_DB=gendesign
|
|
POSTGRES_USER=gendesign
|
|
POSTGRES_PASSWORD=changeme
|
|
|
|
# For docker-compose.prod.yml only:
|
|
# YC_REGISTRY_ID=
|
|
# IMAGE_TAG=latest
|
|
# NEXT_PUBLIC_API_BASE_URL=https://your-domain.example.ru
|
|
|
|
# GlitchTip (errors.gendsgn.ru)
|
|
GLITCHTIP_DB_PASS=
|
|
GLITCHTIP_SECRET=
|
|
# DSN из GlitchTip UI → Project Settings → Client Keys.
|
|
# Используется backend Sentry SDK + glitchtip-auth-forwarder sidecar.
|
|
GLITCHTIP_DSN=
|
|
NEXT_PUBLIC_GLITCHTIP_DSN=
|