goodgo-platform

admin/goodgo-platform

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ho Ngoc Hai	e5f7acf7da	feat: production infra — nginx configs, deploy script, security hardening Some checks failed CI / Lint → Typecheck → Test → Build (22) (push) Failing after 58s Details Deploy / Build Web Image (push) Failing after 14s Details Deploy / Rollback Production (push) Has been skipped Details CI / E2E Tests (push) Has been skipped Details Deploy / Build API Image (push) Failing after 3m8s Details Deploy / Build AI Services Image (push) Failing after 10s Details E2E Tests / Playwright E2E (push) Failing after 1m21s Details Deploy / Deploy to Staging (push) Has been skipped Details Deploy / Smoke Test Staging (push) Has been skipped Details Deploy / Deploy to Production (push) Has been skipped Details Deploy / Smoke Test Production (push) Has been skipped Details Deploy / Rollback Staging (push) Has been skipped Details - Add Nginx reverse-proxy configs for api.goodgo.vn and platform.goodgo.vn with SSL, gzip, rate limiting, security headers, and WebSocket support - Add Cloudflare DNS setup script for A/AAAA/CNAME records - Add server-setup.sh for Ubuntu provisioning (Docker, fail2ban, UFW, swap, unattended-upgrades) - Add deploy-production.sh for manual production deployments - Add env.production.example with all required environment variables - Bind container ports to 127.0.0.1 in docker-compose.prod.yml (security: prevent direct access bypassing Nginx) - Fix deploy workflow: add -T flag to exec, sync Nginx configs, copy pgbouncer and backup configs to server Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com>	2026-04-13 14:11:25 +07:00
Ho Ngoc Hai	05abbc5250	feat(infra): add PgBouncer connection pooling for production PostgreSQL Introduces PgBouncer as a connection pooler between the API service and PostgreSQL in docker-compose.prod.yml, reducing connection overhead and improving concurrency under production load. - Add PgBouncer service (edoburu/pgbouncer:1.23.1-p2) with transaction pool mode, max_client_conn=200, default_pool_size=20 - Route API DATABASE_URL through PgBouncer (port 6432), keep direct connection (DATABASE_URL_DIRECT) for Prisma migrations/introspection - Create infra/pgbouncer/ config: pgbouncer.ini, userlist template, and entrypoint script with runtime env-var substitution - Update prisma.config.ts to prefer DATABASE_URL_DIRECT for migrations - Add K6 load test (e2e/load/pgbouncer-pool-test.js) with ramp-up to 200 VUs, pool exhaustion detection, and p95 < 2s threshold - Add PgBouncer env vars to .env.example Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-04-10 20:15:21 +07:00

Author

SHA1

Message

Date

Ho Ngoc Hai

e5f7acf7da

feat: production infra — nginx configs, deploy script, security hardening

CI / Lint → Typecheck → Test → Build (22) (push) Failing after 58s

Details

Deploy / Build Web Image (push) Failing after 14s

Details

Deploy / Rollback Production (push) Has been skipped

Details

CI / E2E Tests (push) Has been skipped

Details

Deploy / Build API Image (push) Failing after 3m8s

Details

Deploy / Build AI Services Image (push) Failing after 10s

Details

E2E Tests / Playwright E2E (push) Failing after 1m21s

Details

Deploy / Deploy to Staging (push) Has been skipped

Details

Deploy / Smoke Test Staging (push) Has been skipped

Details

Deploy / Deploy to Production (push) Has been skipped

Details

Deploy / Smoke Test Production (push) Has been skipped

Details

Deploy / Rollback Staging (push) Has been skipped

Details

- Add Nginx reverse-proxy configs for api.goodgo.vn and platform.goodgo.vn
  with SSL, gzip, rate limiting, security headers, and WebSocket support
- Add Cloudflare DNS setup script for A/AAAA/CNAME records
- Add server-setup.sh for Ubuntu provisioning (Docker, fail2ban, UFW,
  swap, unattended-upgrades)
- Add deploy-production.sh for manual production deployments
- Add env.production.example with all required environment variables
- Bind container ports to 127.0.0.1 in docker-compose.prod.yml
  (security: prevent direct access bypassing Nginx)
- Fix deploy workflow: add -T flag to exec, sync Nginx configs,
  copy pgbouncer and backup configs to server

Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com>

2026-04-13 14:11:25 +07:00

Ho Ngoc Hai

05abbc5250

feat(infra): add PgBouncer connection pooling for production PostgreSQL

Introduces PgBouncer as a connection pooler between the API service and
PostgreSQL in docker-compose.prod.yml, reducing connection overhead and
improving concurrency under production load.

- Add PgBouncer service (edoburu/pgbouncer:1.23.1-p2) with transaction
  pool mode, max_client_conn=200, default_pool_size=20
- Route API DATABASE_URL through PgBouncer (port 6432), keep direct
  connection (DATABASE_URL_DIRECT) for Prisma migrations/introspection
- Create infra/pgbouncer/ config: pgbouncer.ini, userlist template,
  and entrypoint script with runtime env-var substitution
- Update prisma.config.ts to prefer DATABASE_URL_DIRECT for migrations
- Add K6 load test (e2e/load/pgbouncer-pool-test.js) with ramp-up to
  200 VUs, pool exhaustion detection, and p95 < 2s threshold
- Add PgBouncer env vars to .env.example

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-04-10 20:15:21 +07:00

2 Commits