chore: add automated database backup service and tighten backend security
All checks were successful
Build and Deploy / build-and-push (push) Successful in 1m56s
All checks were successful
Build and Deploy / build-and-push (push) Successful in 1m56s
- Added `databack/mysql-backup` service to the production docker-compose Swarm stack, scheduling a daily 02:55 AM cron backup of the database with a 3-day local retention policy. - Fixed a critical race condition in the backend JWT authentication middleware where an invalid token returning 401 could crash the response flow if the route executed before the defensive checks caught it. - Added strict undefined defensive checks to the `getUserById` endpoint and RBAC middleware to gracefully reject requests that somehow bypass the token parser. - Updated `GEMINI.md` technical documentation to fully match the real codebase logic. - Fixed UX rule to prevent `manager` role from seeing Funnels or Origins tabs in the sidebar. - Blocked `agent` role from modifying their own 'fullName' string in the Profile UI.
This commit is contained in:
Cauê Faleiros
@@ -1,4 +1,4 @@
|
||||
version: '3.8'
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
@@ -43,6 +43,23 @@ services:
|
||||
networks:
|
||||
- fasto-net
|
||||
|
||||
backup-mysql:
|
||||
image: databack/mysql-backup
|
||||
environment:
|
||||
DB_SERVER: db
|
||||
DB_USER: root
|
||||
DB_PASS: ${DB_PASSWORD:-root_password}
|
||||
DB_DUMP_CRON: "55 2 * * *" # Roda todo dia exatamente às 02:55 da manhã
|
||||
DB_CLEANUP_TIME: 4320 # Apaga os locais mais velhos que 3 dias
|
||||
volumes:
|
||||
- /root/backups_db:/db
|
||||
networks:
|
||||
- fasto-net
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- node.role == manager
|
||||
|
||||
volumes:
|
||||
db_data:
|
||||
|
||||
|
||||
Reference in New Issue
Block a user