commit 7aa439d7a76250084f84bddcf6d634882bf25c50
Author: urbnywrt <jacora.apb@gmail.com>
Date:   Thu May 14 23:22:13 2026 +0300

    feat: add Docker infrastructure scaffold
    
    Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..e26ac6b
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,7 @@
+MIHOMO_API=http://mihomo:9090
+MIHOMO_SECRET=changeme
+MIHOMO_CONFIG_DIR=/data/mihomo
+DATABASE_URL=sqlite+aiosqlite:////data/db/app.db
+ADMIN_USER=admin
+ADMIN_PASSWORD=changeme
+HOST_DOMAIN=
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..921819d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+.env
+data/db/
diff --git a/Caddyfile b/Caddyfile
new file mode 100644
index 0000000..08f6230
--- /dev/null
+++ b/Caddyfile
@@ -0,0 +1,13 @@
+{$SITE_ADDRESS} {
+    @admin {
+        path /
+        path /configs/*
+        path /subscriptions/*
+    }
+
+    basicauth @admin {
+        {$ADMIN_USER} {$ADMIN_PASSWORD_HASH}
+    }
+
+    reverse_proxy app:8000
+}
diff --git a/caddy/entrypoint.sh b/caddy/entrypoint.sh
new file mode 100755
index 0000000..039d3d7
--- /dev/null
+++ b/caddy/entrypoint.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+set -e
+
+HASH=$(caddy hash-password --plaintext "${ADMIN_PASSWORD:-changeme}")
+export ADMIN_PASSWORD_HASH="$HASH"
+
+if [ -n "${HOST_DOMAIN:-}" ]; then
+    export SITE_ADDRESS="$HOST_DOMAIN"
+else
+    export SITE_ADDRESS=":80"
+fi
+
+exec caddy run --config /etc/caddy/Caddyfile --adapter caddyfile
diff --git a/data/mihomo/config.yaml b/data/mihomo/config.yaml
new file mode 100644
index 0000000..3536712
--- /dev/null
+++ b/data/mihomo/config.yaml
@@ -0,0 +1,3 @@
+external-controller: 0.0.0.0:9090
+mixed-port: 7890
+allow-lan: false
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..f4f6567
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,54 @@
+networks:
+  proxy_net:
+    driver: bridge
+
+volumes:
+  caddy_data:
+  caddy_config:
+
+services:
+  mihomo:
+    image: ghcr.io/metacubex/mihomo:latest
+    volumes:
+      - ./data/mihomo:/root/.config/mihomo
+    networks:
+      - proxy_net
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "wget", "-q", "-O-", "http://localhost:9090/version"]
+      interval: 5s
+      timeout: 3s
+      retries: 12
+      start_period: 5s
+
+  app:
+    build: ./app
+    env_file: .env
+    volumes:
+      - ./data/mihomo:/data/mihomo
+      - ./data/db:/data/db
+    networks:
+      - proxy_net
+    restart: unless-stopped
+    depends_on:
+      mihomo:
+        condition: service_healthy
+
+  caddy:
+    image: caddy:2-alpine
+    ports:
+      - "80:80"
+      - "443:443"
+      - "443:443/udp"
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - ./caddy/entrypoint.sh:/entrypoint.sh:ro
+      - caddy_data:/data
+      - caddy_config:/config
+    entrypoint: ["/bin/sh", "/entrypoint.sh"]
+    env_file: .env
+    networks:
+      - proxy_net
+    restart: unless-stopped
+    depends_on:
+      - app