2026-03-19 06:58:08 +08:00
|
|
|
services:
|
|
|
|
|
app:
|
2026-03-29 03:23:13 +08:00
|
|
|
image: mauriceboe/trek:latest
|
2026-03-28 23:41:06 +08:00
|
|
|
container_name: trek
|
feat: notifications, audit logging, and admin improvements
- Add centralized notification service with webhook (Discord/Slack) and
email (SMTP) support, triggered for trip invites, booking changes,
collab messages, and trip reminders
- Webhook sends one message per event (group channel); email sends
individually per trip member, excluding the actor
- Discord invite notifications now include the invited user's name
- Add LOG_LEVEL env var (info/debug) controlling console and file output
- INFO logs show user email, action, and IP for audit events; errors
for HTTP requests
- DEBUG logs show every request with full body/query (passwords redacted),
audit details, notification params, and webhook payloads
- Add persistent trek.log file logging with 10MB rotation (5 files)
in /app/data/logs/
- Color-coded log levels in Docker console output
- Timestamps without timezone name (user sets TZ via Docker)
- Add Test Webhook and Save buttons to admin notification settings
- Move notification event toggles to admin panel
- Add daily trip reminder scheduler (9 AM, timezone-aware)
- Wire up booking create/update/delete and collab message notifications
- Add i18n keys for notification UI across all 13 languages
Made-with: Cursor
2026-03-31 20:01:33 +08:00
|
|
|
read_only: true
|
|
|
|
|
security_opt:
|
|
|
|
|
- no-new-privileges:true
|
|
|
|
|
cap_drop:
|
|
|
|
|
- ALL
|
|
|
|
|
cap_add:
|
|
|
|
|
- CHOWN
|
|
|
|
|
- SETUID
|
|
|
|
|
- SETGID
|
|
|
|
|
tmpfs:
|
|
|
|
|
- /tmp:noexec,nosuid,size=64m
|
2026-03-19 06:58:08 +08:00
|
|
|
ports:
|
|
|
|
|
- "3000:3000"
|
|
|
|
|
environment:
|
|
|
|
|
- NODE_ENV=production
|
|
|
|
|
- PORT=3000
|
2026-03-31 21:45:20 +08:00
|
|
|
# Auto-generated if not set; persist across restarts for stable sessions
|
|
|
|
|
- JWT_SECRET=${JWT_SECRET:-}
|
|
|
|
|
# Timezone for logs, reminders and scheduled tasks (e.g. Europe/Berlin)
|
2026-03-30 17:24:02 +08:00
|
|
|
- TZ=${TZ:-UTC}
|
2026-03-31 21:45:20 +08:00
|
|
|
# info = concise user actions; debug = verbose admin-level details
|
feat: notifications, audit logging, and admin improvements
- Add centralized notification service with webhook (Discord/Slack) and
email (SMTP) support, triggered for trip invites, booking changes,
collab messages, and trip reminders
- Webhook sends one message per event (group channel); email sends
individually per trip member, excluding the actor
- Discord invite notifications now include the invited user's name
- Add LOG_LEVEL env var (info/debug) controlling console and file output
- INFO logs show user email, action, and IP for audit events; errors
for HTTP requests
- DEBUG logs show every request with full body/query (passwords redacted),
audit details, notification params, and webhook payloads
- Add persistent trek.log file logging with 10MB rotation (5 files)
in /app/data/logs/
- Color-coded log levels in Docker console output
- Timestamps without timezone name (user sets TZ via Docker)
- Add Test Webhook and Save buttons to admin notification settings
- Move notification event toggles to admin panel
- Add daily trip reminder scheduler (9 AM, timezone-aware)
- Wire up booking create/update/delete and collab message notifications
- Add i18n keys for notification UI across all 13 languages
Made-with: Cursor
2026-03-31 20:01:33 +08:00
|
|
|
- LOG_LEVEL=${LOG_LEVEL:-info}
|
2026-03-31 21:45:20 +08:00
|
|
|
# Comma-separated origins for CORS and email notification links
|
|
|
|
|
- ALLOWED_ORIGINS=${ALLOWED_ORIGINS:-}
|
|
|
|
|
# Redirect HTTP to HTTPS when behind a TLS-terminating proxy
|
|
|
|
|
# - FORCE_HTTPS=true
|
|
|
|
|
# Number of trusted proxies (for X-Forwarded-For / real client IP)
|
|
|
|
|
# - TRUST_PROXY=1
|
|
|
|
|
|
|
|
|
|
## ── OIDC / SSO ──────────────────────────────────────────────
|
|
|
|
|
# OpenID Connect provider URL
|
|
|
|
|
# - OIDC_ISSUER=https://auth.example.com
|
|
|
|
|
# - OIDC_CLIENT_ID=trek
|
|
|
|
|
# - OIDC_CLIENT_SECRET=supersecret
|
|
|
|
|
# Label shown on the SSO login button
|
|
|
|
|
# - OIDC_DISPLAY_NAME=SSO
|
|
|
|
|
# Set true to disable local password auth entirely (SSO only)
|
|
|
|
|
# - OIDC_ONLY=false
|
|
|
|
|
|
|
|
|
|
## ── Demo mode (resets data hourly) ──────────────────────────
|
|
|
|
|
# - DEMO_MODE=false
|
2026-03-19 06:58:08 +08:00
|
|
|
volumes:
|
|
|
|
|
- ./data:/app/data
|
|
|
|
|
- ./uploads:/app/uploads
|
|
|
|
|
restart: unless-stopped
|
|
|
|
|
healthcheck:
|
2026-03-25 07:14:53 +08:00
|
|
|
test: ["CMD", "wget", "-qO-", "http://localhost:3000/api/health"]
|
2026-03-19 06:58:08 +08:00
|
|
|
interval: 30s
|
|
|
|
|
timeout: 10s
|
|
|
|
|
retries: 3
|
|
|
|
|
start_period: 15s
|