scaffold: project skeleton, schema, healthz/readyz, CI

Initial project structure for neuronetz-gateway per scope-docs/SPEC.md: - Python 3.12 / FastAPI / SQLAlchemy 2.0 (async) / Redis / Postgres stack managed by uv. Multi-stage non-root Dockerfile, prod + dev compose files (ollama service is NEVER published in either), Caddyfile + systemd unit, justfile, GitHub Actions CI (ruff, mypy --strict, pytest, bandit, pip-audit). - Pydantic-Settings config covering every env var from SPEC §7, including the MODEL_DISCOVERY_* keys for the dynamic-discovery feature (§4.6). - Alembic 0001_initial creates the full gateway schema (8 tables, 3 enums, notify_key_revoked() trigger), incl. allow_all_models on tenant_limits and key_limits for the per-tenant auto-grant toggle. - Working /healthz, /readyz (fail-closed when deps unreachable), and a Prometheus /metrics stub. Sanitizing error handlers that attach X-Request-ID to every response and never leak upstream internals. - SPEC + AGENT_PROMPT included under scope-docs/ (source of truth).
2026-05-26 20:50:35 +02:00
commit d79f17b3bb
32 changed files with 3610 additions and 0 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,63 @@
+# neuronetz-gateway — environment configuration (SPEC §7).
+#
+# Copy to `.env` and adjust. `.env` is gitignored and MUST NOT be committed.
+# All values here are SAFE EXAMPLES — change every secret before any real deploy.
+
+# ──────────────────────────── Service ────────────────────────────
+GATEWAY_BIND_HOST=0.0.0.0
+GATEWAY_BIND_PORT=8080
+GATEWAY_LOG_LEVEL=INFO
+GATEWAY_LOG_FORMAT=json                  # json|console
+GATEWAY_REQUEST_ID_HEADER=X-Request-ID
+GATEWAY_TRUSTED_PROXIES=127.0.0.1,caddy  # for X-Forwarded-For
+
+# ──────────────────────────── Upstream ───────────────────────────
+OLLAMA_BASE_URL=http://ollama:11434
+OLLAMA_CONNECT_TIMEOUT_S=5
+OLLAMA_READ_TIMEOUT_S=600
+OLLAMA_MAX_CONNECTIONS=64
+
+# ──────────────────────── Model discovery (§4.6) ─────────────────
+MODEL_DISCOVERY_REFRESH_S=60
+MODEL_DISCOVERY_CACHE_TTL_S=120
+
+# ──────────────────────────── Database ───────────────────────────
+# Compose builds DATABASE_URL from the POSTGRES_* parts below, but the gateway
+# also accepts a full DATABASE_URL directly.
+DATABASE_URL=postgresql+asyncpg://gateway:changeme@postgres:5432/neuronetz
+DATABASE_POOL_SIZE=10
+DATABASE_POOL_OVERFLOW=20
+
+# Postgres container credentials (consumed by docker-compose).
+POSTGRES_USER=gateway
+POSTGRES_PASSWORD=changeme
+POSTGRES_DB=neuronetz
+
+# ──────────────────────────── Redis ──────────────────────────────
+REDIS_URL=redis://redis:6379/0
+REDIS_KEY_CACHE_TTL_S=60
+
+# ────────────────── Limits (defaults; DB overrides) ──────────────
+DEFAULT_RPM=60
+DEFAULT_TPM=100000
+DEFAULT_CONCURRENT=8
+MAX_REQUEST_BODY_BYTES=262144
+MAX_NUM_PREDICT=4096
+
+# ──────────────────────────── Security ───────────────────────────
+ARGON2_TIME_COST=3
+ARGON2_MEMORY_COST_KIB=65536
+ARGON2_PARALLELISM=4
+AUTH_FAILURE_RATE_LIMIT_PER_IP_PER_MIN=20
+
+# ──────────────────────────── Audit ──────────────────────────────
+AUDIT_BUFFER_SIZE=1000
+PROMPT_LOG_DEFAULT_RETENTION_DAYS=30
+AUDIT_LOG_DEFAULT_RETENTION_DAYS=365
+
+# ──────────────── Playground / API docs (prod-safe: OFF) ─────────
+# Serve the playground HTML (owned by the docs agent) at /playground.
+PLAYGROUND_ENABLED=false
+PLAYGROUND_FILE=/app/playground/index.html
+# Enable FastAPI's /docs + /openapi.json (default off in production).
+DOCS_ENABLED=false