feat: Phase 1 — socle backend FastAPI + frontend Next.js

Backend (FastAPI + SQLAlchemy): - Modèles : User, Client, Audit, Cible, Vulnérabilité, Action - Auth JWT (register/login/me) avec bcrypt - Routes CRUD complets : clients, audits, cibles, vulnérabilités, actions - Schémas Pydantic v2, migrations Alembic configurées - Rate limiting (slowapi), CORS, structure scanners/reports pour phase 2 Frontend (Next.js 14 App Router): - shadcn/ui : Button, Input, Card, Badge, Label - Page login avec gestion token JWT - Dashboard avec stats temps réel - Pages Clients (grille) et Audits (liste) avec recherche - Layout avec sidebar navigation + protection auth - Dockerfiles multi-stage (backend + frontend standalone) Infrastructure: - docker-compose.yml : postgres, redis, backend, frontend - docker-compose.prod.yml avec labels Traefik - .env.example complet - .gitignore mis à jour Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-21 17:16:12 +01:00
parent 1ff3c15ea9
commit 0fe1a1b751
60 changed files with 2308 additions and 6 deletions
--- a/docker/docker-compose.prod.yml
+++ b/docker/docker-compose.prod.yml
@@ -0,0 +1,73 @@
+version: "3.8"
+
+services:
+  postgres:
+    image: postgres:16-alpine
+    container_name: auditshield-db-prod
+    restart: always
+    environment:
+      POSTGRES_DB: ${POSTGRES_DB:-auditshield}
+      POSTGRES_USER: ${POSTGRES_USER:-auditshield}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD required}
+    volumes:
+      - postgres_data_prod:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-auditshield}"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    networks:
+      - internal
+
+  redis:
+    image: redis:7-alpine
+    container_name: auditshield-redis-prod
+    restart: always
+    networks:
+      - internal
+
+  backend:
+    image: ${REGISTRY}/auditshield-backend:${TAG:-latest}
+    container_name: auditshield-backend-prod
+    restart: always
+    env_file: .env
+    environment:
+      DATABASE_URL: postgresql://${POSTGRES_USER:-auditshield}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB:-auditshield}
+      REDIS_URL: redis://redis:6379/0
+    depends_on:
+      postgres:
+        condition: service_healthy
+    networks:
+      - internal
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.auditshield-api.rule=Host(`${DOMAIN}`) && PathPrefix(`/api`)"
+      - "traefik.http.routers.auditshield-api.entrypoints=websecure"
+      - "traefik.http.routers.auditshield-api.tls.certresolver=letsencrypt"
+
+  frontend:
+    image: ${REGISTRY}/auditshield-frontend:${TAG:-latest}
+    container_name: auditshield-frontend-prod
+    restart: always
+    environment:
+      NEXT_PUBLIC_API_URL: ""
+    depends_on:
+      - backend
+    networks:
+      - internal
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.auditshield.rule=Host(`${DOMAIN}`)"
+      - "traefik.http.routers.auditshield.entrypoints=websecure"
+      - "traefik.http.routers.auditshield.tls.certresolver=letsencrypt"
+
+volumes:
+  postgres_data_prod:
+
+networks:
+  internal:
+    driver: bridge
+  proxy:
+    external: true
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -1,13 +1,69 @@
 version: "3.8"

 services:
-  app:
-    image: your-app:latest
-    container_name: your-app
+  postgres:
+    image: postgres:16-alpine
+    container_name: auditshield-db
+    restart: unless-stopped
+    environment:
+      POSTGRES_DB: ${POSTGRES_DB:-auditshield}
+      POSTGRES_USER: ${POSTGRES_USER:-auditshield}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD required}
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-auditshield}"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    networks:
+      - internal
+
+  redis:
+    image: redis:7-alpine
+    container_name: auditshield-redis
    restart: unless-stopped
    networks:
+      - internal
+
+  backend:
+    build:
+      context: ../backend
+      dockerfile: Dockerfile
+    container_name: auditshield-backend
+    restart: unless-stopped
+    env_file: ../.env
+    environment:
+      DATABASE_URL: postgresql://${POSTGRES_USER:-auditshield}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB:-auditshield}
+      REDIS_URL: redis://redis:6379/0
+    depends_on:
+      postgres:
+        condition: service_healthy
+      redis:
+        condition: service_started
+    networks:
+      - internal
      - proxy

+  frontend:
+    build:
+      context: ../frontend
+      dockerfile: Dockerfile
+    container_name: auditshield-frontend
+    restart: unless-stopped
+    environment:
+      NEXT_PUBLIC_API_URL: ""
+    depends_on:
+      - backend
+    networks:
+      - internal
+      - proxy
+
+volumes:
+  postgres_data:
+
 networks:
+  internal:
+    driver: bridge
  proxy:
    external: true