diff --git a/backend/artifacts/contracts/DLE.sol/DLE.dbg.json b/backend/artifacts/contracts/DLE.sol/DLE.dbg.json index ae1bbc0..a45b83a 100644 --- a/backend/artifacts/contracts/DLE.sol/DLE.dbg.json +++ b/backend/artifacts/contracts/DLE.sol/DLE.dbg.json @@ -1,4 +1,4 @@ { "_format": "hh-sol-dbg-1", - "buildInfo": "../../build-info/aa0034b410e4fbe1d1ff90369d480540.json" + "buildInfo": "../../build-info/de2a9b4015c1250f0af7fbce121b1da6.json" } diff --git a/backend/cache/solidity-files-cache.json b/backend/cache/solidity-files-cache.json index 874353b..6703a89 100644 --- a/backend/cache/solidity-files-cache.json +++ b/backend/cache/solidity-files-cache.json @@ -2,7 +2,7 @@ "_format": "hh-sol-cache-2", "files": { "/home/alex/Digital_Legal_Entity(DLE)/backend/contracts/DLE.sol": { - "lastModificationDate": 1755366617069, + "lastModificationDate": 1756115917209, "contentHash": "47d6b51ed0025b36c50649b175745512", "sourceName": "contracts/DLE.sol", "solcConfig": { @@ -123,127 +123,6 @@ "ERC20" ] }, - "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/cryptography/ECDSA.sol": { - "lastModificationDate": 1754306764456, - "contentHash": "81de029d56aa803972be03c5d277cb6c", - "sourceName": "@openzeppelin/contracts/utils/cryptography/ECDSA.sol", - "solcConfig": { - "version": "0.8.20", - "settings": { - "optimizer": { - "enabled": true, - "runs": 200 - }, - "viaIR": true, - "evmVersion": "paris", - "outputSelection": { - "*": { - "*": [ - "abi", - "evm.bytecode", - "evm.deployedBytecode", - "evm.methodIdentifiers", - "metadata" - ], - "": [ - "ast" - ] - } - } - } - }, - "imports": [], - "versionPragmas": [ - "^0.8.20" - ], - "artifacts": [ - "ECDSA" - ] - }, - "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/token/ERC20/extensions/ERC20Permit.sol": { - "lastModificationDate": 1754306768254, - "contentHash": "b1a8fc63b83ce00408e0c9ed1230b717", - "sourceName": "@openzeppelin/contracts/token/ERC20/extensions/ERC20Permit.sol", - "solcConfig": { - "version": "0.8.20", - "settings": { - "optimizer": { - "enabled": true, - "runs": 200 - }, - "viaIR": true, - "evmVersion": "paris", - "outputSelection": { - "*": { - "*": [ - "abi", - "evm.bytecode", - "evm.deployedBytecode", - "evm.methodIdentifiers", - "metadata" - ], - "": [ - "ast" - ] - } - } - } - }, - "imports": [ - "./IERC20Permit.sol", - "../ERC20.sol", - "../../../utils/cryptography/ECDSA.sol", - "../../../utils/cryptography/EIP712.sol", - "../../../utils/Nonces.sol" - ], - "versionPragmas": [ - "^0.8.20" - ], - "artifacts": [ - "ERC20Permit" - ] - }, - "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/token/ERC20/extensions/ERC20Votes.sol": { - "lastModificationDate": 1754306768254, - "contentHash": "51c2083b160453420aaa0a046c16d5ca", - "sourceName": "@openzeppelin/contracts/token/ERC20/extensions/ERC20Votes.sol", - "solcConfig": { - "version": "0.8.20", - "settings": { - "optimizer": { - "enabled": true, - "runs": 200 - }, - "viaIR": true, - "evmVersion": "paris", - "outputSelection": { - "*": { - "*": [ - "abi", - "evm.bytecode", - "evm.deployedBytecode", - "evm.methodIdentifiers", - "metadata" - ], - "": [ - "ast" - ] - } - } - } - }, - "imports": [ - "../ERC20.sol", - "../../../governance/utils/Votes.sol", - "../../../utils/structs/Checkpoints.sol" - ], - "versionPragmas": [ - "^0.8.20" - ], - "artifacts": [ - "ERC20Votes" - ] - }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/Context.sol": { "lastModificationDate": 1754306760451, "contentHash": "67bfbc07588eb8683b3fd8f6f909563e", @@ -396,8 +275,129 @@ "IERC20Metadata" ] }, + "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/token/ERC20/extensions/ERC20Permit.sol": { + "lastModificationDate": 1756116057319, + "contentHash": "b1a8fc63b83ce00408e0c9ed1230b717", + "sourceName": "@openzeppelin/contracts/token/ERC20/extensions/ERC20Permit.sol", + "solcConfig": { + "version": "0.8.20", + "settings": { + "optimizer": { + "enabled": true, + "runs": 200 + }, + "viaIR": true, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata" + ], + "": [ + "ast" + ] + } + } + } + }, + "imports": [ + "./IERC20Permit.sol", + "../ERC20.sol", + "../../../utils/cryptography/ECDSA.sol", + "../../../utils/cryptography/EIP712.sol", + "../../../utils/Nonces.sol" + ], + "versionPragmas": [ + "^0.8.20" + ], + "artifacts": [ + "ERC20Permit" + ] + }, + "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/token/ERC20/extensions/ERC20Votes.sol": { + "lastModificationDate": 1756116057319, + "contentHash": "51c2083b160453420aaa0a046c16d5ca", + "sourceName": "@openzeppelin/contracts/token/ERC20/extensions/ERC20Votes.sol", + "solcConfig": { + "version": "0.8.20", + "settings": { + "optimizer": { + "enabled": true, + "runs": 200 + }, + "viaIR": true, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata" + ], + "": [ + "ast" + ] + } + } + } + }, + "imports": [ + "../ERC20.sol", + "../../../governance/utils/Votes.sol", + "../../../utils/structs/Checkpoints.sol" + ], + "versionPragmas": [ + "^0.8.20" + ], + "artifacts": [ + "ERC20Votes" + ] + }, + "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/cryptography/ECDSA.sol": { + "lastModificationDate": 1756116054610, + "contentHash": "81de029d56aa803972be03c5d277cb6c", + "sourceName": "@openzeppelin/contracts/utils/cryptography/ECDSA.sol", + "solcConfig": { + "version": "0.8.20", + "settings": { + "optimizer": { + "enabled": true, + "runs": 200 + }, + "viaIR": true, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata" + ], + "": [ + "ast" + ] + } + } + } + }, + "imports": [], + "versionPragmas": [ + "^0.8.20" + ], + "artifacts": [ + "ECDSA" + ] + }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/Nonces.sol": { - "lastModificationDate": 1754306760451, + "lastModificationDate": 1756116051370, "contentHash": "c32d108058718efb9061b88e83a83f79", "sourceName": "@openzeppelin/contracts/utils/Nonces.sol", "solcConfig": { @@ -434,7 +434,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/cryptography/EIP712.sol": { - "lastModificationDate": 1754306764456, + "lastModificationDate": 1756116054610, "contentHash": "8dbb261c55f358342798c4d1803d4f8e", "sourceName": "@openzeppelin/contracts/utils/cryptography/EIP712.sol", "solcConfig": { @@ -475,7 +475,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol": { - "lastModificationDate": 1754306768254, + "lastModificationDate": 1756116057319, "contentHash": "94ec15baf0d5df863f45b8f351937ec7", "sourceName": "@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol", "solcConfig": { @@ -511,8 +511,45 @@ "IERC20Permit" ] }, + "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/interfaces/IERC5267.sol": { + "lastModificationDate": 1756116051370, + "contentHash": "94364524cb1a39dcbc3d3afff6d8e53e", + "sourceName": "@openzeppelin/contracts/interfaces/IERC5267.sol", + "solcConfig": { + "version": "0.8.20", + "settings": { + "optimizer": { + "enabled": true, + "runs": 200 + }, + "viaIR": true, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata" + ], + "": [ + "ast" + ] + } + } + } + }, + "imports": [], + "versionPragmas": [ + "^0.8.20" + ], + "artifacts": [ + "IERC5267" + ] + }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/ShortStrings.sol": { - "lastModificationDate": 1754306760451, + "lastModificationDate": 1756116051370, "contentHash": "94e7feaf138d08fb736e43ca0be9bf26", "sourceName": "@openzeppelin/contracts/utils/ShortStrings.sol", "solcConfig": { @@ -550,45 +587,8 @@ "ShortStrings" ] }, - "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/interfaces/IERC5267.sol": { - "lastModificationDate": 1754306760460, - "contentHash": "94364524cb1a39dcbc3d3afff6d8e53e", - "sourceName": "@openzeppelin/contracts/interfaces/IERC5267.sol", - "solcConfig": { - "version": "0.8.20", - "settings": { - "optimizer": { - "enabled": true, - "runs": 200 - }, - "viaIR": true, - "evmVersion": "paris", - "outputSelection": { - "*": { - "*": [ - "abi", - "evm.bytecode", - "evm.deployedBytecode", - "evm.methodIdentifiers", - "metadata" - ], - "": [ - "ast" - ] - } - } - } - }, - "imports": [], - "versionPragmas": [ - "^0.8.20" - ], - "artifacts": [ - "IERC5267" - ] - }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol": { - "lastModificationDate": 1754306764465, + "lastModificationDate": 1756116054610, "contentHash": "86fd93657e4e27ff76c38699e9b9fcef", "sourceName": "@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol", "solcConfig": { @@ -627,7 +627,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/StorageSlot.sol": { - "lastModificationDate": 1754306760451, + "lastModificationDate": 1756116051379, "contentHash": "e656d64c4ce918f3d13030b91c935134", "sourceName": "@openzeppelin/contracts/utils/StorageSlot.sol", "solcConfig": { @@ -664,7 +664,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/Strings.sol": { - "lastModificationDate": 1754306760451, + "lastModificationDate": 1756116051379, "contentHash": "a55fef2557b35bac18a1880d3c2e6740", "sourceName": "@openzeppelin/contracts/utils/Strings.sol", "solcConfig": { @@ -705,7 +705,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/math/Math.sol": { - "lastModificationDate": 1754306764456, + "lastModificationDate": 1756116054610, "contentHash": "2b2665ae9bdb1af440658741a77fe213", "sourceName": "@openzeppelin/contracts/utils/math/Math.sol", "solcConfig": { @@ -745,7 +745,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/math/SafeCast.sol": { - "lastModificationDate": 1754306764456, + "lastModificationDate": 1756116054610, "contentHash": "2adca1150f58fc6f3d1f0a0f22ee7cca", "sourceName": "@openzeppelin/contracts/utils/math/SafeCast.sol", "solcConfig": { @@ -782,7 +782,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/math/SignedMath.sol": { - "lastModificationDate": 1754306764456, + "lastModificationDate": 1756116054610, "contentHash": "ae3528afb8bdb0a7dcfba5b115ee8074", "sourceName": "@openzeppelin/contracts/utils/math/SignedMath.sol", "solcConfig": { @@ -821,7 +821,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/Panic.sol": { - "lastModificationDate": 1754306760451, + "lastModificationDate": 1756116051370, "contentHash": "2133dc13536b4a6a98131e431fac59e1", "sourceName": "@openzeppelin/contracts/utils/Panic.sol", "solcConfig": { @@ -858,7 +858,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/governance/utils/Votes.sol": { - "lastModificationDate": 1754306764456, + "lastModificationDate": 1756116054601, "contentHash": "95aceafdc639babdd22576e5e3774d64", "sourceName": "@openzeppelin/contracts/governance/utils/Votes.sol", "solcConfig": { @@ -904,7 +904,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/structs/Checkpoints.sol": { - "lastModificationDate": 1754306764456, + "lastModificationDate": 1756116054610, "contentHash": "657c6dfea3bae1af948de6113ba01cea", "sourceName": "@openzeppelin/contracts/utils/structs/Checkpoints.sol", "solcConfig": { @@ -943,7 +943,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/interfaces/IERC5805.sol": { - "lastModificationDate": 1754306760460, + "lastModificationDate": 1756116051370, "contentHash": "65ba9f89b1057e2192e341b286d4e261", "sourceName": "@openzeppelin/contracts/interfaces/IERC5805.sol", "solcConfig": { @@ -983,7 +983,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/utils/types/Time.sol": { - "lastModificationDate": 1754306764456, + "lastModificationDate": 1756116054610, "contentHash": "d83e7814a059fc1287fd765f424ce004", "sourceName": "@openzeppelin/contracts/utils/types/Time.sol", "solcConfig": { @@ -1023,7 +1023,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/governance/utils/IVotes.sol": { - "lastModificationDate": 1754306764456, + "lastModificationDate": 1756116054601, "contentHash": "905ffceb29869fee4b5a649abe7e2927", "sourceName": "@openzeppelin/contracts/governance/utils/IVotes.sol", "solcConfig": { @@ -1060,7 +1060,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/node_modules/@openzeppelin/contracts/interfaces/IERC6372.sol": { - "lastModificationDate": 1754306760460, + "lastModificationDate": 1756116051370, "contentHash": "414cd6acf090e4009cf016ff62ecbd88", "sourceName": "@openzeppelin/contracts/interfaces/IERC6372.sol", "solcConfig": { @@ -1097,7 +1097,7 @@ ] }, "/home/alex/Digital_Legal_Entity(DLE)/backend/contracts/FactoryDeployer.sol": { - "lastModificationDate": 1754685617489, + "lastModificationDate": 1756115917209, "contentHash": "6161bbb21af830bc05d6acd8682d9678", "sourceName": "contracts/FactoryDeployer.sol", "solcConfig": { diff --git a/backend/services/auth-service.js b/backend/services/auth-service.js index d451d1d..ffe07c5 100644 --- a/backend/services/auth-service.js +++ b/backend/services/auth-service.js @@ -20,6 +20,7 @@ const verificationService = require('./verification-service'); // Использ const identityService = require('./identity-service'); // <-- ДОБАВЛЕН ИМПОРТ const authTokenService = require('./authTokenService'); const rpcProviderService = require('./rpcProviderService'); +const tokenBalanceService = require('./tokenBalanceService'); const { getLinkedWallet } = require('./wallet-service'); const { checkAdminRole } = require('./admin-role'); const { broadcastContactsUpdate } = require('../wsHub'); @@ -914,64 +915,7 @@ class AuthService { * @returns {Promise} - массив объектов с балансами */ async getUserTokenBalances(address) { - if (!address) return []; - - // Получаем ключ шифрования - const fs = require('fs'); - const path = require('path'); - let encryptionKey = 'default-key'; - - try { - const keyPath = path.join(__dirname, '../ssl/keys/full_db_encryption.key'); - if (fs.existsSync(keyPath)) { - encryptionKey = fs.readFileSync(keyPath, 'utf8').trim(); - } - } catch (keyError) { - console.error('Error reading encryption key:', keyError); - } - - // Получаем токены и RPC с расшифровкой - const tokensResult = await db.getQuery()( - 'SELECT id, min_balance, created_at, updated_at, decrypt_text(name_encrypted, $1) as name, decrypt_text(address_encrypted, $1) as address, decrypt_text(network_encrypted, $1) as network FROM auth_tokens', - [encryptionKey] - ); - const tokens = tokensResult.rows; - - const rpcProvidersResult = await db.getQuery()( - 'SELECT id, chain_id, created_at, updated_at, decrypt_text(network_id_encrypted, $1) as network_id, decrypt_text(rpc_url_encrypted, $1) as rpc_url FROM rpc_providers', - [encryptionKey] - ); - const rpcProviders = rpcProvidersResult.rows; - const rpcMap = {}; - for (const rpc of rpcProviders) { - rpcMap[rpc.network_id] = rpc.rpc_url; - } - const ERC20_ABI = ['function balanceOf(address owner) view returns (uint256)']; - const results = []; - for (const token of tokens) { - const rpcUrl = rpcMap[token.network]; - if (!rpcUrl) continue; - const provider = new ethers.JsonRpcProvider(rpcUrl); - const tokenContract = new ethers.Contract(token.address, ERC20_ABI, provider); - let balance = '0'; - try { - const rawBalance = await tokenContract.balanceOf(address); - balance = ethers.formatUnits(rawBalance, 18); - if (!balance || isNaN(Number(balance))) balance = '0'; - } catch (e) { - logger.error(`[getUserTokenBalances] Ошибка получения баланса для ${token.name} (${token.address}) в сети ${token.network}:`, e); - balance = '0'; - } - results.push({ - network: token.network, - tokenAddress: token.address, - tokenName: token.name, - symbol: token.symbol || '', - balance, - minBalance: token.min_balance, - }); - } - return results; + return tokenBalanceService.getUserTokenBalances(address); } /** diff --git a/backend/services/tokenBalanceService.js b/backend/services/tokenBalanceService.js new file mode 100644 index 0000000..bbbfdf8 --- /dev/null +++ b/backend/services/tokenBalanceService.js @@ -0,0 +1,78 @@ +/** + * Сервис получения балансов токенов пользователя из БД и RPC + */ + +const { ethers } = require('ethers'); +const db = require('../db'); +const logger = require('../utils/logger'); + +async function getUserTokenBalances(address) { + if (!address) return []; + + // Получаем ключ шифрования + const fs = require('fs'); + const path = require('path'); + let encryptionKey = 'default-key'; + + try { + const keyPath = path.join(__dirname, '../ssl/keys/full_db_encryption.key'); + if (fs.existsSync(keyPath)) { + encryptionKey = fs.readFileSync(keyPath, 'utf8').trim(); + } + } catch (keyError) { + console.error('Error reading encryption key:', keyError); + } + + // Получаем токены и RPC с расшифровкой + const tokensResult = await db.getQuery()( + 'SELECT id, min_balance, created_at, updated_at, decrypt_text(name_encrypted, $1) as name, decrypt_text(address_encrypted, $1) as address, decrypt_text(network_encrypted, $1) as network FROM auth_tokens', + [encryptionKey] + ); + const tokens = tokensResult.rows; + + const rpcProvidersResult = await db.getQuery()( + 'SELECT id, chain_id, created_at, updated_at, decrypt_text(network_id_encrypted, $1) as network_id, decrypt_text(rpc_url_encrypted, $1) as rpc_url FROM rpc_providers', + [encryptionKey] + ); + const rpcProviders = rpcProvidersResult.rows; + const rpcMap = {}; + for (const rpc of rpcProviders) { + rpcMap[rpc.network_id] = rpc.rpc_url; + } + + const ERC20_ABI = ['function balanceOf(address owner) view returns (uint256)']; + const results = []; + + for (const token of tokens) { + const rpcUrl = rpcMap[token.network]; + if (!rpcUrl) continue; + const provider = new ethers.JsonRpcProvider(rpcUrl); + const tokenContract = new ethers.Contract(token.address, ERC20_ABI, provider); + let balance = '0'; + try { + const rawBalance = await tokenContract.balanceOf(address); + balance = ethers.formatUnits(rawBalance, 18); + if (!balance || isNaN(Number(balance))) balance = '0'; + } catch (e) { + logger.error( + `[tokenBalanceService] Ошибка получения баланса для ${token.name} (${token.address}) в сети ${token.network}:`, + e + ); + balance = '0'; + } + results.push({ + network: token.network, + tokenAddress: token.address, + tokenName: token.name, + symbol: token.symbol || '', + balance, + minBalance: token.min_balance, + }); + } + + return results; +} + +module.exports = { getUserTokenBalances }; + + diff --git a/backend/wsHub.js b/backend/wsHub.js index a91e876..1ba0adb 100644 --- a/backend/wsHub.js +++ b/backend/wsHub.js @@ -11,7 +11,7 @@ */ const WebSocket = require('ws'); -const authService = require('./services/auth-service'); +const tokenBalanceService = require('./services/tokenBalanceService'); let wss = null; // Храним клиентов по userId для персонализированных уведомлений @@ -477,9 +477,9 @@ module.exports = { async function handleTokenBalancesRequest(ws, address, userId) { try { console.log(`[WebSocket] Запрос балансов для адреса: ${address}`); - - // Получаем балансы через authService - const balances = await authService.getUserTokenBalances(address); + + // Получаем балансы через отдельный сервис без зависимостей от wsHub + const balances = await tokenBalanceService.getUserTokenBalances(address); // Отправляем ответ клиенту ws.send(JSON.stringify({ diff --git a/docker-compose.yml b/docker-compose.yml index 1a8c30d..d6799c6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -45,18 +45,19 @@ services: deploy: resources: limits: - cpus: '4.0' - memory: 16G + cpus: '2.0' + memory: 8G reservations: - cpus: '3.0' - memory: 12G + cpus: '1.0' + memory: 4G environment: - OLLAMA_HOST=0.0.0.0 - OLLAMA_ORIGINS=* - OLLAMA_NUM_PARALLEL=1 - - OLLAMA_NUM_GPU=1 - - OLLAMA_KEEP_ALIVE=1 + - OLLAMA_NUM_GPU=0 + - OLLAMA_KEEP_ALIVE=-1 - OLLAMA_MODEL_TIMEOUT=0 + - OLLAMA_MAX_LOADED_MODELS=1 healthcheck: test: ["CMD", "ollama", "list"] interval: 30s diff --git a/frontend/nginx-tunnel.conf b/frontend/nginx-tunnel.conf index 53cd257..7419e14 100644 --- a/frontend/nginx-tunnel.conf +++ b/frontend/nginx-tunnel.conf @@ -1,7 +1,7 @@ # Финальная безопасная конфигурация nginx # Включаем WAF конфигурацию -# include /etc/nginx/conf.d/waf.conf; +include /etc/nginx/conf.d/waf.conf; # Ограничение запросов (5 r/s на IP, с небольшим burst) limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s; @@ -27,21 +27,21 @@ server { index index.html; # Блокировка по WAF правилам - # if ($bad_ip = 1) { - # return 403; - # } + if ($bad_ip = 1) { + return 403; + } - # if ($bad_bot = 1) { - # return 403; - # } + if ($bad_bot = 1) { + return 403; + } - # if ($bad_request = 1) { - # return 404; - # } + if ($bad_request = 1) { + return 404; + } - # if ($bad_domain = 1) { - # return 404; - # } + if ($bad_domain = 1) { + return 404; + } # Блокировка агрессивных сканеров if ($http_user_agent ~* (sqlmap|nikto|dirb|gobuster|wfuzz|burp|zap|nessus|openvas)) { diff --git a/frontend/nginx.Dockerfile b/frontend/nginx.Dockerfile index 71c267c..99ec9c3 100644 --- a/frontend/nginx.Dockerfile +++ b/frontend/nginx.Dockerfile @@ -1,4 +1,4 @@ FROM nginx:alpine COPY dist/ /usr/share/nginx/html/ COPY nginx-tunnel.conf /etc/nginx/conf.d/default.conf -# COPY nginx-waf.conf /etc/nginx/conf.d/waf.conf \ No newline at end of file +COPY nginx-waf.conf /etc/nginx/conf.d/waf.conf \ No newline at end of file diff --git a/scripts/internal/db/db_init_helper.sh b/scripts/internal/db/db_init_helper.sh index ddff56c..27a44b8 100755 --- a/scripts/internal/db/db_init_helper.sh +++ b/scripts/internal/db/db_init_helper.sh @@ -1,16 +1,5 @@ #!/bin/bash -/** - * Copyright (c) 2024-2025 Тарабанов Александр Викторович - * All rights reserved. - * - * This software is proprietary and confidential. - * Unauthorized copying, modification, or distribution is prohibited. - * - * For licensing inquiries: info@hb3-accelerator.com - * Website: https://hb3-accelerator.com - * GitHub: https://github.com/VC-HB3-Accelerator - */ if ! docker exec dapp-postgres pg_isready -U dapp_user -d dapp_db > /dev/null 2>&1; then exit 1