feat: add Docker Compose production stack with Traefik + Logto

7-service stack: Traefik (reverse proxy), PostgreSQL (shared), Logto (identity), cameleer-saas (control plane), cameleer3-server (observability), ClickHouse (traces). ForwardAuth middleware for tenant-aware routing to cameleer3-server. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-04 15:09:49 +02:00
parent 42bd116af1
commit ab9ad1ab7f
5 changed files with 180 additions and 5 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,25 @@
+# Cameleer SaaS Environment Variables
+# Copy to .env and fill in values
+
+# Application version
+VERSION=latest
+
+# PostgreSQL
+POSTGRES_USER=cameleer
+POSTGRES_PASSWORD=change_me_in_production
+POSTGRES_DB=cameleer_saas
+
+# Logto Identity Provider
+LOGTO_ENDPOINT=http://logto:3001
+LOGTO_ISSUER_URI=http://logto:3001/oidc
+LOGTO_JWK_SET_URI=http://logto:3001/oidc/jwks
+LOGTO_DB_PASSWORD=change_me_in_production
+LOGTO_M2M_CLIENT_ID=
+LOGTO_M2M_CLIENT_SECRET=
+
+# Ed25519 Keys (mount PEM files)
+CAMELEER_JWT_PRIVATE_KEY_PATH=/etc/cameleer/keys/ed25519.key
+CAMELEER_JWT_PUBLIC_KEY_PATH=/etc/cameleer/keys/ed25519.pub
+
+# Domain (for Traefik TLS)
+DOMAIN=localhost