Merge remote-tracking branch 'origin/master'

# Conflicts:
#	backend/Dockerfile

Author: Pdzly

.env.example

@@ -17,7 +17,7 @@ APP_LOG_LEVEL=INFO
 APP_LOG_FORMAT=text
 
 # Database Configuration
-APP_DATABASE_URL=postgresql+asyncpg://postgres:postgres@localhost:5432/devbin
+APP_DATABASE_URL=postgresql+asyncpg://postgres:postgres@devbin_db:5432/devbin
 
 # Security - HTTPS
 # Set to true to redirect HTTP to HTTPS
@@ -99,6 +99,6 @@ APP_SAVE_IP_ADDRESS=false
 # Example generation: openssl rand -hex 32
 
 # Frontend configurations
-API_BASE_URL=http://devbin:8000
+API_URL=http://devbin:8000
 PORT=3000
-ORIGIN=http://localhost:3000
+ORIGIN=http://localhost:3000 # prevent cross-site post req forbidden from frontend because node can't resolve it's origin

.taskfiles/dev.yml

@@ -5,7 +5,7 @@ tasks:
   up:
     desc: Start all development services
     cmds:
-      - "{{.COMPOSE_DEV}} --profile dev_frontend --profile dev_backend up -d --build"
+      - "{{.COMPOSE_DEV}} --profile dev_frontend --profile dev_backend up --build --watch"
 
   backend:
     desc: Start backend only (with database)

backend/Dockerfile

@@ -14,15 +14,17 @@ FROM ghcr.io/astral-sh/uv:${UV_VERSION} AS uv
 FROM python:3.13.1-slim AS base
 
 # Install security updates and minimal runtime dependencies
-# Create non-root user (UID 10001 is common convention)
 RUN apt-get update && \
     apt-get upgrade -y && \
     apt-get install -y --no-install-recommends \
-        ca-certificates \
-        curl && \
-    rm -rf /var/lib/apt/lists/* && \
-    groupadd -g 10001 appuser && \
-    useradd -u 10001 -g appuser -m -s /bin/bash appuser
+    ca-certificates \
+    curl && \
+    rm -rf /var/lib/apt/lists/*
+
+# Create non-root user and initialize /app with correct permissions
+RUN groupadd -g 10001 appuser && \
+    useradd -u 10001 -g appuser -m -s /bin/bash appuser && \
+    mkdir /app && chown appuser:appuser /app
 
 WORKDIR /app
 
@@ -31,69 +33,56 @@ WORKDIR /app
 # ============================================
 FROM base AS builder
 
-# Install build dependencies (only needed during build)
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \
-        gcc \
-        g++ \
-        libpq-dev && \
+    gcc \
+    g++ \
+    libpq-dev && \
     rm -rf /var/lib/apt/lists/*
 
-# Copy uv from uv stage (pinned version for reproducibility)
 COPY --from=uv /uv /uvx /usr/local/bin/
 
-# Copy dependency files first for optimal layer caching
-# Changes to source code won't invalidate this layer
+# Copy dependencies
 COPY pyproject.toml uv.lock ./
 
-# Install dependencies with BuildKit cache mount for faster rebuilds
-# --frozen: Use exact versions from uv.lock (reproducible builds)
-# --no-dev: Exclude development dependencies
-# --extra production: Include any production related dependencies (redis, aiocache etc...)
+# Install dependencies
 RUN --mount=type=cache,target=/root/.cache/uv \
-    uv sync --frozen --no-default-groups --extra production --extra migrations
+    uv sync --frozen --no-default-groups --extra production --extra migrations  --no-install-project
 
 # ============================================
 # Stage 3: Runtime - Production Image
 # ============================================
 FROM base AS runtime
 
-# Copy uv from builder stage (ensures version consistency)
+# Copy uv and the pre-built venv
 COPY --from=builder /usr/local/bin/uv /usr/local/bin/uvx /usr/local/bin/
-
-# Copy installed dependencies from builder stage
-# This excludes build tools (gcc, g++, libpq-dev)
 COPY --from=builder /app/.venv /app/.venv
 
-# Copy application code
+# Copy application code with correct ownership
 COPY --chown=appuser:appuser . .
 
-# Copy Docker-specific alembic config
+# Overwrite config
 COPY --chown=appuser:appuser alembic.docker.ini alembic.ini
 
-# Create files directory with proper ownership
+# Create files directory
 RUN mkdir -p /app/files && chown appuser:appuser /app/files
 
-# Switch to non-root user for security
+# Switch to non-root user
 USER appuser
 
 # Environment variables
 ENV APP_PORT=8000 \
     APP_RELOAD=false \
     PATH="/app/.venv/bin:$PATH" \
     PYTHONUNBUFFERED=1 \
-    PYTHONDONTWRITEBYTECODE=1
+    PYTHONDONTWRITEBYTECODE=1 \
+    UV_PROJECT_ENVIRONMENT="/app/.venv"
 
 # Expose application port
 EXPOSE 8000
 
-# Health check using existing /health endpoint
-# --interval=30s: Check every 30 seconds
-# --timeout=5s: Mark unhealthy if no response in 5s
-# --start-period=10s: Grace period for app startup
-# --retries=3: Require 3 consecutive failures before marking unhealthy
 HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
     CMD curl -f http://localhost:${APP_PORT:-8000}/health || exit 1
 
-# Use exec form for proper signal handling (graceful shutdown)
-CMD ["uv", "run", "main.py"]
+# FIX: Added --no-project to prevent uv from trying to write .egg-info
+CMD ["uv", "run", "--no-project", "python", "main.py"]

backend/app/services/__init__.py

@@ -0,0 +1,3 @@
+__all__ = [
+    "containers",
+]

docker-compose.prod.yml

@@ -20,7 +20,7 @@ services:
       devbin_db:
         condition: service_healthy
     healthcheck:
-      test: [ "CMD", "curl", "-f", "http://localhost:${APP_PORT:-8000}/health" ]
+      test: ["CMD", "curl", "-f", "http://localhost:${APP_PORT:-8000}/health"]
       interval: 15s
       timeout: 5s
       start_period: 3s
@@ -35,7 +35,7 @@ services:
     volumes:
       - postgres_data:/var/lib/postgresql/data
     healthcheck:
-      test: [ "CMD-SHELL", "pg_isready -U postgres -d postgres" ]
+      test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"]
       interval: 10s
       timeout: 5s
       retries: 5

docker-compose.yml

@@ -8,7 +8,17 @@ services:
       - "3000:3000"
     env_file:
       - .env
-    profiles: [ "dev_frontend" ]
+    profiles: ["dev_frontend"]
+    develop:
+      watch:
+        - path: ./src
+          target: /src
+          action: sync
+        - path: ./package.json
+          action: rebuild
+    networks:
+      - devbin_network
+
   devbin:
     env_file:
       - .env
@@ -21,13 +31,16 @@ services:
     depends_on:
       devbin_db:
         condition: service_healthy
-    profiles: [ "dev_backend" ]
+    profiles: ["dev_backend"]
     healthcheck:
-      test: [ "CMD", "curl", "-f", "http://localhost:${APP_PORT:-8000}/health" ]
+      test: ["CMD", "curl", "-f", "http://localhost:${APP_PORT:-8000}/health"]
       interval: 15s
       timeout: 5s
       start_period: 3s
       retries: 3
+    networks:
+      - devbin_network
+
   devbin_db:
     env_file:
       - .env
@@ -37,10 +50,16 @@ services:
     volumes:
       - postgres_data:/var/lib/postgresql/data
     healthcheck:
-      test: [ "CMD-SHELL", "pg_isready -U postgres -d postgres" ]
+      test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"]
       interval: 10s
       timeout: 5s
       retries: 5
+    networks:
+      - devbin_network
 
 volumes:
   postgres_data:
+
+networks:
+  devbin_network:
+    driver: bridge

docs/configuration.md

@@ -121,6 +121,6 @@ Generate a secure token: `openssl rand -hex 32`
 
 | Variable | Description | Default |
 |----------|-------------|---------|
-| `API_BASE_URL` | Backend API URL | `http://devbin:8000` |
+| `API_URL` | Backend API URL | `http://devbin:8000` |
 | `PORT` | Frontend port | `3000` |
 | `ORIGIN` | Frontend origin | `http://localhost:3000` |

frontend/.env.example

@@ -1,2 +1,3 @@
 # Backend API config
 API_URL=http://localhost:8000
+ORIGIN=http://localhost:3000 # prevent cross-site post req forbidden from frontend because node can't resolve it's origin

frontend/.gitignore

@@ -12,6 +12,7 @@ node_modules
 # OS
 .DS_Store
 Thumbs.db
+*.log
 
 # Env
 .env
@@ -21,4 +22,4 @@ Thumbs.db
 
 # Vite
 vite.config.js.timestamp-*
-vite.config.ts.timestamp-*
+vite.config.ts.timestamp-*

frontend/openapi-ts.config.ts

@@ -0,0 +1,11 @@
+import "dotenv/config";
+import { defineConfig } from "@hey-api/openapi-ts";
+
+if (!process.env.API_URL) {
+  throw new Error("Please define API_URL in your .env");
+}
+
+export default defineConfig({
+  input: `${process.env.API_URL}/openapi.json`,
+  output: "src/client",
+});