mirror of
https://github.com/NoFxAiOS/nofx.git
synced 2026-06-06 05:51:19 +08:00
99361cb085
- config: require JWT_SECRET >=32 bytes and reject the historical default fallback; MustInit aborts startup under an insecure config - api: CORS now uses CORS_ALLOWED_ORIGINS allowlist with safe localhost defaults instead of returning Access-Control-Allow-Origin: * - api: /api/reset-password and /api/reset-account stay public so recovery still works, but require an explicit confirm phrase in the body to block accidental and drive-by triggers - api: drop adoptOrphanRecords so wiping the account no longer hands the next registrant the previous owner's wallet keys and exchange API credentials - api: getTraderFromQuery now does a soft ownership check; equity-history is restricted to traders with show_in_competition=true and GetOrderFills joins on trader_id - telegram: bot api_request tool uses a default-deny method+path allowlist so prompt injection cannot reach password, exchange key, AI provider or wallet endpoints - ci: drop @master / @main on trivy-action and trufflehog; pin to released versions with a TODO to move to SHA + Dependabot - web: reset flows send the required confirm phrase; "Forgot account" copy (en/zh/id) warns that wallet and exchange keys will be lost - docker-compose: keep ./.env mount for onboarding wallet persistence with an inline note on the tradeoff, drop the host-exposed pprof port
60 lines
1.8 KiB
YAML
60 lines
1.8 KiB
YAML
services:
|
|
# Backend service (API and core logic)
|
|
nofx:
|
|
build:
|
|
context: .
|
|
dockerfile: ./docker/Dockerfile.backend
|
|
container_name: nofx-trading
|
|
restart: unless-stopped
|
|
stop_grace_period: 30s # Allow the app 30 seconds for graceful shutdown
|
|
ports:
|
|
- "${NOFX_BACKEND_PORT:-8080}:8080"
|
|
# pprof profiling is bound to host loopback only; uncomment for local debug.
|
|
# - "127.0.0.1:6060:6060"
|
|
volumes:
|
|
# NOTE: .env is bind-mounted so the beginner-onboarding flow
|
|
# (persistBeginnerWalletEnv) can write CLAW402_WALLET_* back to the host
|
|
# file. Without this mount the wallet is regenerated on every container
|
|
# restart. For threat models where the .env file should not be reachable
|
|
# via container RCE, deploy via env vars only and remove this mount.
|
|
- ./.env:/app/.env
|
|
- ./data:/app/data
|
|
- /etc/localtime:/etc/localtime:ro
|
|
env_file:
|
|
- .env
|
|
environment:
|
|
- TZ=${TZ:-Asia/Shanghai}
|
|
- AI_MAX_TOKENS=8000
|
|
networks:
|
|
- nofx-network
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/api/health"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 60s
|
|
|
|
# Frontend service (static serving and proxy)
|
|
nofx-frontend:
|
|
build:
|
|
context: .
|
|
dockerfile: ./docker/Dockerfile.frontend
|
|
container_name: nofx-frontend
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${NOFX_FRONTEND_PORT:-3000}:80"
|
|
networks:
|
|
- nofx-network
|
|
depends_on:
|
|
- nofx
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1/health"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 5s
|
|
|
|
networks:
|
|
nofx-network:
|
|
driver: bridge
|