akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
Files
a41cfaae10a2e9425c2b70be41366641014e6baa
Charon/.docker/compose
History
GitHub Actions 978f698570 fix(security): remove hardcoded encryption keys from docker compose files 
Replace hardcoded CHARON_ENCRYPTION_KEY with environment variable
substitution using Docker Compose required variable syntax.

docker-compose.playwright.yml: use ${CHARON_ENCRYPTION_KEY:?...}
docker-compose.e2e.yml: use ${CHARON_ENCRYPTION_KEY:?...}
e2e-tests.yml: add ephemeral key generation per CI run
.env.test.example: document the requirement prominently
Security: The old key exists in git history and must never be used
in production. Each CI run now generates a unique ephemeral key.

Refs: OWASP A02:2021 - Cryptographic Failures
2026-01-25 03:50:12 +00:00
..
docker-compose.dev.yml
chore: add CHARON_ENCRYPTION_KEY to all Docker Compose files and README
2026-01-08 23:22:00 +00:00
docker-compose.e2e.cerberus-disabled.override.yml
chore: update skipped tests plan with Cerberus verification results
2026-01-24 22:22:40 +00:00
docker-compose.e2e.yml
fix(security): remove hardcoded encryption keys from docker compose files
2026-01-25 03:50:12 +00:00
docker-compose.local.yml
fix(docker): use curl-compatible flags in healthcheck commands
2026-01-24 23:15:09 +00:00
docker-compose.playwright.yml
fix(security): remove hardcoded encryption keys from docker compose files
2026-01-25 03:50:12 +00:00
docker-compose.remote.yml
chore: reorganize repository structure
2025-12-21 04:57:31 +00:00
docker-compose.yml
fix(docker): use curl-compatible flags in healthcheck commands
2026-01-24 23:15:09 +00:00
README.md
chore: reorganize repository structure
2025-12-21 04:57:31 +00:00

README.md

Docker Compose Files

This directory contains all Docker Compose configuration variants for Charon.

File Descriptions

File Purpose
docker-compose.yml Main production compose configuration. Base services and production settings.
docker-compose.dev.yml Development overrides. Enables hot-reload, debug logging, and development tools.
docker-compose.local.yml Local development configuration. Standalone setup for local testing.
docker-compose.remote.yml Remote deployment configuration. Settings for deploying to remote servers.
docker-compose.override.yml Personal local overrides. Gitignored - use for machine-specific settings.

Usage Patterns

Production Deployment

docker compose -f .docker/compose/docker-compose.yml up -d

Development Mode

docker compose -f .docker/compose/docker-compose.yml \
               -f .docker/compose/docker-compose.dev.yml up -d

Local Testing

docker compose -f .docker/compose/docker-compose.local.yml up -d

With Personal Overrides

Create your own docker-compose.override.yml in this directory for personal configurations (port mappings, volume paths, etc.). This file is gitignored.

docker compose -f .docker/compose/docker-compose.yml \
               -f .docker/compose/docker-compose.override.yml up -d

Notes

  • Always use the -f flag to specify compose file paths from the project root
  • The override file is automatically ignored by git - do not commit personal settings
  • See project tasks in VS Code for convenient pre-configured commands
Reference in New Issue View Git Blame Copy Permalink