stakost/mikrotik-bot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update to production Vault with service names
All checks were successful
Build and Deploy MikroTik Bot / build-and-deploy (push) Successful in 27s
Details

Browse Source
This commit is contained in:
stakost 2025-06-01 14:30:09 +03:00
parent 25d910cef7
commit 3018c3ee15
3 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docker-compose.portainer.yml
View File

@ -12,10 +12,16 @@ services:
- VAULT_SECRET_ID=6b3ecc3c-9436-7f04-022f-8b1ce0ac09ee - VAULT_SECRET_ID=6b3ecc3c-9436-7f04-022f-8b1ce0ac09ee
- VAULT_SECRET_PATH=secret/data/mikrotik-bot - VAULT_SECRET_PATH=secret/data/mikrotik-bot
- DATABASE_PATH=/app/data/bot.db - DATABASE_PATH=/app/data/bot.db
# Fallback environment variables (если Vault недоступен)
- BOT_TOKEN=1269908167:AAGaP1-joabDy87Hy6NyuS_KOjr75jrp4bI
- ROUTER_HOST=10.10.10.1
- ROUTER_USER=admin
- ROUTER_PASSWORD=4040Slonov
- ALLOWED_USER_IDS= # Оставляем пустым для открытого доступа (временно)
volumes: volumes:
- mikrotik_bot_data:/app/data - mikrotik_bot_data:/app/data
ports: ports:
- "8001:8000" # Health check endpoint - "8008:8000" # Health check endpoint
networks: networks:
- bot-network - bot-network
labels: labels:

20
docker-compose.production.yml
View File

@ -2,21 +2,22 @@ version: '3.8'
services: services:
mikrotik-bot: mikrotik-bot:
image: 10.10.30.121:5000/mikrotik-bot:latest image: registry:5000/mikrotik-bot:latest
container_name: mikrotik-bot-production container_name: mikrotik-bot-production
restart: unless-stopped restart: unless-stopped
environment: environment:
# Vault AppRole credentials (безопасно) # Production Vault AppRole credentials
- VAULT_ADDR=http://10.10.30.121:8200 - VAULT_ADDR=http://vault:8200
- VAULT_ROLE_ID=ba8d3d21-263e-4d92-8ffe-ef803017cef5 - VAULT_ROLE_ID=b8248e4d-d22a-1f7e-37f0-b2e0c36679cd
- VAULT_SECRET_ID=6b3ecc3c-9436-7f04-022f-8b1ce0ac09ee - VAULT_SECRET_ID=5c6982ea-cdb1-94ce-0261-685852f36531
- VAULT_SECRET_PATH=secret/data/mikrotik-bot - VAULT_SECRET_PATH=kv/data/mikrotik-bot
- DATABASE_PATH=/app/data/bot.db - DATABASE_PATH=/app/data/bot.db
volumes: volumes:
- mikrotik_bot_data:/app/data - mikrotik_bot_data:/app/data
ports: ports:
- "8000:8000" # Health check endpoint - "8008:8000" # Health check endpoint
networks: networks:
- proxmox-services
- bot-network - bot-network
depends_on: depends_on:
- watchtower - watchtower
@ -31,14 +32,17 @@ services:
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
environment: environment:
- WATCHTOWER_POLL_INTERVAL=60 # Проверять каждые 60 секунд - WATCHTOWER_POLL_INTERVAL=60
- WATCHTOWER_LABEL_ENABLE=true - WATCHTOWER_LABEL_ENABLE=true
- WATCHTOWER_CLEANUP=true - WATCHTOWER_CLEANUP=true
command: --interval 60 --label-enable --cleanup command: --interval 60 --label-enable --cleanup
networks: networks:
- proxmox-services
- bot-network - bot-network
networks: networks:
proxmox-services:
external: true
bot-network: bot-network:
driver: bridge driver: bridge

2
vault_client.py
View File

@ -11,7 +11,7 @@ class VaultClient:
self.vault_addr = os.environ.get('VAULT_ADDR', 'http://localhost:8200') self.vault_addr = os.environ.get('VAULT_ADDR', 'http://localhost:8200')
self.role_id = os.environ.get('VAULT_ROLE_ID') self.role_id = os.environ.get('VAULT_ROLE_ID')
self.secret_id = os.environ.get('VAULT_SECRET_ID') self.secret_id = os.environ.get('VAULT_SECRET_ID')
self.secret_path = os.environ.get('VAULT_SECRET_PATH', 'secret/data/mikrotik-bot') self.secret_path = os.environ.get('VAULT_SECRET_PATH', 'kv/data/mikrotik-bot')
self.token = None self.token = None
def authenticate(self) -> bool: def authenticate(self) -> bool: