From b5960ba24cddecdec2d0adbfcd4b0bcaada0002a Mon Sep 17 00:00:00 2001
From: admin <peancharoen.pslcp3@gmail.com>
Date: Tue, 31 Mar 2026 23:36:03 +0700
Subject: [PATCH] 690331:2336 Change to use .env

---
 .../04-00-docker-compose/.env.template        |  53 +++++++
 specs/99-archives/docker-compose-app.yml      | 135 ++++++++++++++++++
 2 files changed, 188 insertions(+)
 create mode 100644 specs/04-Infrastructure-OPS/04-00-docker-compose/.env.template
 create mode 100644 specs/99-archives/docker-compose-app.yml

diff --git a/specs/04-Infrastructure-OPS/04-00-docker-compose/.env.template b/specs/04-Infrastructure-OPS/04-00-docker-compose/.env.template
new file mode 100644
index 0000000..6975e0f
--- /dev/null
+++ b/specs/04-Infrastructure-OPS/04-00-docker-compose/.env.template
@@ -0,0 +1,53 @@
+# .env.template (สำหรับ QNAP / Gitea Runner)
+# คัดลอกไฟล์นี้ไปเป็น .env ในโฟลเดอร์เดียวกับ docker-compose-app.yml
+
+# ---------------------------------------------------------
+# 1. Backend Service Configuration
+# ---------------------------------------------------------
+TZ=Asia/Bangkok
+NODE_ENV=production
+PORT=3000
+
+# --- Database (MariaDB) ---
+DB_HOST=mariadb
+DB_PORT=3306
+DB_DATABASE=lcbp3
+DB_USERNAME=center
+DB_PASSWORD=Center#2025
+
+# --- Redis (Cache & Queue) ---
+REDIS_HOST=cache
+REDIS_PORT=6379
+REDIS_PASSWORD=Center2025
+
+# --- Search (Elasticsearch) ---
+ELASTICSEARCH_HOST=search
+ELASTICSEARCH_PORT=9200
+
+# --- Security (JWT) ---
+JWT_SECRET=eebc122aa65adde8c76c6a0847d9649b2b67a06db1504693e6c912e51499b76e
+JWT_EXPIRATION=8h
+JWT_REFRESH_SECRET=a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2
+
+# --- Numbering Logic ---
+NUMBERING_LOCK_TIMEOUT=5000
+NUMBERING_RESERVATION_TTL=300
+
+# --- File Storage ---
+UPLOAD_TEMP_DIR=/app/uploads/temp
+UPLOAD_PERMANENT_DIR=/app/uploads/permanent
+MAX_FILE_SIZE=52428800
+
+# ---------------------------------------------------------
+# 2. Frontend Service Configuration
+# ---------------------------------------------------------
+NEXT_PUBLIC_API_URL=https://backend.np-dms.work/api
+AUTH_URL=https://lcbp3.np-dms.work
+
+# --- NextAuth ---
+AUTH_SECRET=eebc122aa65adde8c76c6a0847d9649b2b67a06db1504693e6c912e51499b76e
+AUTH_TRUST_HOST=true
+
+# --- Shared Context ---
+INTERNAL_API_URL=http://backend:3000/api
+HOSTNAME=0.0.0.0
diff --git a/specs/99-archives/docker-compose-app.yml b/specs/99-archives/docker-compose-app.yml
new file mode 100644
index 0000000..e951b9c
--- /dev/null
+++ b/specs/99-archives/docker-compose-app.yml
@@ -0,0 +1,135 @@
+# File: /share/np-dms/app/docker-compose-app.yml
+# DMS Container v1.8.0: Application Stack (Backend + Frontend)
+# Application name: lcbp3-app
+# ============================================================
+# ⚠️  ใช้งานร่วมกับ services อื่นที่รันอยู่แล้วบน QNAP:
+#     - mariadb (lcbp3-db)
+#     - redis   (lcbp3-redis)
+#     - cache   (services)
+#     - search  (services)
+#     - npm     (lcbp3-npm)
+# ============================================================
+# 🔒 SECURITY: Secrets ใส่ตรงใน environment section เพราะ QNAP Container Station
+#              ไม่รองรับ .env file — Repo ต้องเป็น Private เท่านั้น
+# ============================================================
+
+name: lcbp3
+
+x-restart: &restart_policy
+  restart: unless-stopped
+
+x-logging: &default_logging
+  logging:
+    driver: 'json-file'
+    options:
+      max-size: '10m'
+      max-file: '5'
+
+networks:
+  lcbp3:
+    external: true
+
+services:
+  # ----------------------------------------------------------------
+  # 1. Backend API (NestJS)
+  # Service Name: backend (ตามที่ NPM อ้างอิง → backend:3000)
+  # ----------------------------------------------------------------
+  backend:
+    <<: [*restart_policy, *default_logging]
+    image: lcbp3-backend:latest
+    container_name: backend
+    stdin_open: true
+    tty: true
+    deploy:
+      resources:
+        limits:
+          cpus: '2.0'
+          memory: 1536M
+        reservations:
+          cpus: '0.5'
+          memory: 512M
+    environment:
+      TZ: 'Asia/Bangkok'
+      NODE_ENV: 'production'
+      # --- Database ---
+      DB_HOST: 'mariadb'
+      DB_PORT: '3306'
+      DB_DATABASE: 'lcbp3'
+      DB_USERNAME: 'center'
+      DB_PASSWORD: 'Center#2025'
+      # --- Redis ---
+      REDIS_HOST: 'cache'
+      REDIS_PORT: '6379'
+      REDIS_PASSWORD: 'Center2025'
+      # --- Elasticsearch ---
+      ELASTICSEARCH_HOST: 'search'
+      ELASTICSEARCH_PORT: '9200'
+      # --- JWT ---
+      JWT_SECRET: 'eebc122aa65adde8c76c6a0847d9649b2b67a06db1504693e6c912e51499b76e'
+      JWT_EXPIRATION: '8h'
+      JWT_REFRESH_SECRET: 'a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2'
+      # --- Numbering ---
+      NUMBERING_LOCK_TIMEOUT: '5000'
+      NUMBERING_RESERVATION_TTL: '300'
+      # --- File Upload ---
+      UPLOAD_TEMP_DIR: '/app/uploads/temp'
+      UPLOAD_PERMANENT_DIR: '/app/uploads/permanent'
+      PORT: '3000'
+      MAX_FILE_SIZE: '52428800'
+    networks:
+      - lcbp3
+    volumes:
+      # Two-Phase Storage: จัดเก็บไฟล์นอก container
+      - '/share/np-dms-as/data/uploads/temp:/app/uploads/temp'
+      - '/share/np-dms-as/data/uploads/permanent:/app/uploads/permanent'
+      - '/share/np-dms/data/logs/backend:/app/logs'
+      # Mount legacy staging folder to match n8n's output path
+      - '/share/np-dms-as/Legacy:/home/node/.n8n-files/staging_ai:ro'
+    healthcheck:
+      test: ['CMD', 'curl', '-f', 'http://localhost:3000/health']
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
+
+  # ----------------------------------------------------------------
+  # 2. Frontend Web App (Next.js)
+  # Service Name: frontend (ตามที่ NPM อ้างอิง → frontend:3000)
+  # ----------------------------------------------------------------
+  frontend:
+    <<: [*restart_policy, *default_logging]
+    image: lcbp3-frontend:latest
+    container_name: frontend
+    stdin_open: true
+    tty: true
+    deploy:
+      resources:
+        limits:
+          cpus: '2.0'
+          memory: 2G
+        reservations:
+          cpus: '0.25'
+          memory: 512M
+    environment:
+      TZ: 'Asia/Bangkok'
+      NODE_ENV: 'production'
+      HOSTNAME: '0.0.0.0'
+      PORT: '3000'
+      # --- API Backend URL ---
+      NEXT_PUBLIC_API_URL: 'https://backend.np-dms.work/api'
+      # --- NextAuth ---
+      AUTH_SECRET: 'eebc122aa65adde8c76c6a0847d9649b2b67a06db1504693e6c912e51499b76e'
+      AUTH_URL: 'https://lcbp3.np-dms.work'
+      AUTH_TRUST_HOST: 'true'
+      INTERNAL_API_URL: 'http://backend:3000/api'
+    networks:
+      - lcbp3
+    healthcheck:
+      test: ['CMD', 'curl', '-f', 'http://localhost:3000/']
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
+    depends_on:
+      backend:
+        condition: service_healthy