Improve Docker Swarm deployment for production use

gandalf_automationrequested to merge
improve-swarm-deployment into develop

Summary

Production-ready Docker Swarm deployment fixes discovered during deployment testing.

Changes

docker-compose.yml:

  • Remove name property (unsupported by docker stack deploy)
  • Use host mode for ports (required for WireGuard/VPN interfaces)
  • Set HOSTNAME=0.0.0.0 via command (Docker overrides env var with container ID)
  • Adjust healthcheck intervals (30s interval, 60s start period)

deploy-swarm.sh:

  • Auto-initialize Swarm with localhost-only binding (127.0.0.1)
  • Force service update after deploy to prevent config caching issues

.env.wallet.example:

  • Remove OIDC config (wallet has no OIDC routes, only blog acts as provider)
  • Remove chat integration (minimizes attack surface for active key operations)

LinkSanitizer.ts:

  • Comment out broken debug log that spams without showing values
Edited by gandalf_automation

Merge request reports