From 5a6314613a3544836a8090b67d1b2cc84acf9668 Mon Sep 17 00:00:00 2001
From: valitovgaziz <valitovgaziz@yandex.ru>
Date: Fri, 30 Jan 2026 04:49:52 +0500
Subject: [PATCH] 	modified:   main_dc/docker-compose.yml 	modified:  
 main_dc/yalarba/api_yal/Dockerfile add service into docker-compose.yml,
 upgrade the Dcoekrfile for api_yal

---
 main_dc/docker-compose.yml         | 33 +++++++++++++++++++++++++++++
 main_dc/yalarba/api_yal/Dockerfile | 34 ++++++++++++++++++++++++++----
 2 files changed, 63 insertions(+), 4 deletions(-)

diff --git a/main_dc/docker-compose.yml b/main_dc/docker-compose.yml
index c71f73d..ef1099b 100644
--- a/main_dc/docker-compose.yml
+++ b/main_dc/docker-compose.yml
@@ -65,6 +65,8 @@ services:
         condition: service_healthy
       analytics:
         condition: service_healthy
+      api_yal:
+        condition: service_healthy
     healthcheck:
       test: ["CMD-SHELL", "curl -f http://localhost/health || exit 1"]
       interval: 30s
@@ -268,6 +270,37 @@ services:
       timeout: 10s
       retries: 3
 
+# REST API app on Golang для api_yal сервиса
+  api_yal:
+    build:
+      context: ./api_yal  # Укажите правильный путь к вашему проекту
+      dockerfile: Dockerfile
+    ports:
+      - "8787:8787"
+    container_name: api_yal
+    restart: unless-stopped
+    environment:
+      APP_PORT: 8787
+      LOG_LEVEL: info
+    networks:
+      - web-network
+      - app-network
+    healthcheck:
+      test:
+        [
+          "CMD",
+          "wget",
+          "--no-verbose",
+          "--tries=1",
+          "--spider",
+          "http://localhost:8787/auth",
+        ]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 40s
+
+
 volumes:
   certbot_data:   # volume для данных Certbot
   certbot_www:    # volume для данных Certbot
diff --git a/main_dc/yalarba/api_yal/Dockerfile b/main_dc/yalarba/api_yal/Dockerfile
index ab2f7e0..823267b 100644
--- a/main_dc/yalarba/api_yal/Dockerfile
+++ b/main_dc/yalarba/api_yal/Dockerfile
@@ -1,9 +1,9 @@
-FROM golang:1.25.1-alpine
+FROM golang:1.25.1-alpine AS builder
 
 WORKDIR /app
 
 # Устанавливаем зависимости для компиляции
-RUN apk add --no-cache gcc musl-dev
+RUN apk add --no-cache gcc musl-dev git ca-certificates tzdata
 
 # Копируем go.mod и go.sum
 COPY go.mod go.sum ./
@@ -13,8 +13,34 @@ RUN go mod download
 COPY . .
 
 # Компилируем БЕЗ CGO (указываем путь к main.go)
-RUN CGO_ENABLED=0 GOOS=linux go build -o bin/main ./cmd/main.go
+RUN CGO_ENABLED=0 GOOS=linux go build -o /app/bin/api_yal ./cmd/main.go
 
+# Финальный образ
+FROM alpine:latest AS runner
+
+WORKDIR /app
+
+# Устанавливаем зависимости для runtime
+RUN apk add --no-cache ca-certificates tzdata curl
+
+# Создаем непривилегированного пользователя
+RUN addgroup -g 1001 -S api && \
+    adduser -u 1001 -S api -G api
+
+# Копируем бинарник из builder
+COPY --from=builder /app/bin/api_yal /app/api_yal
+
+# Копируем конфигурационные файлы (если есть)
+COPY --from=builder /app/configs /app/configs
+
+# Настраиваем права доступа
+RUN chown -R api:api /app
+
+# Переключаемся на непривилегированного пользователя
+USER api
+
+# Открываем порт
 EXPOSE 8787
 
-CMD ["./bin/main"]
\ No newline at end of file
+# Команда для запуска
+CMD ["/app/api_yal"]
\ No newline at end of file