switch to debian in docker

Reviewed-on: #1

.env.example

@@ -37,13 +37,26 @@ EXPOSE_PORT=8785
 # Baza danych
 # ================================
 
-# Adres SQLAlchemy
+# Wybór silnika bazy
-#
+# Dozwolone:
+# - sqlite
+# - pgsql
+# - mysql
+DB_ENGINE=sqlite
+
+# Baza danych - dane
+DB_HOST=postgres
+DB_PORT=5432
+DB_NAME=ksef
+DB_USER=ksef
+DB_PASSWORD=ksef
+
+# Jeśli ustawisz DATABASE_URL ręcznie, ma priorytet nad DB_ENGINE/DB_*
 # Przykłady:
 # sqlite:///instance/app.db
-# postgresql://user:pass@localhost/dbname
+# postgresql+psycopg://ksef:ksef@postgres:5432/ksef
-DATABASE_URL=sqlite:///instance/app.db
+# mysql+pymysql://ksef:ksef@mysql:3306/ksef
-
+DATABASE_URL=sqlite:///db/sqlite/app.db
 
 # ================================
 # Redis / Cache / Rate limit

.gitignore

@@ -26,3 +26,4 @@ storage/*
 backups/*
 certs/*
 pdf/*
+db/*

Dockerfile

@@ -1,30 +1,32 @@
-FROM python:3.14-alpine
+FROM python:3.14-slim
 
 ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
 
 WORKDIR /app
 
-RUN apk add --no-cache \
+RUN apt-get update && apt-get install -y --no-install-recommends \
-    gcc musl-dev python3-dev \
+    gcc \
-    \
+    build-essential \
+    python3-dev \
     libffi-dev \
-    jpeg-dev \
+    libjpeg62-turbo-dev \
-    zlib-dev \
+    zlib1g-dev \
-    \
+    libcairo2-dev \
-    cairo-dev \
+    libpango1.0-dev \
-    pango-dev \
+    libgdk-pixbuf-2.0-dev \
-    gdk-pixbuf-dev \
+    libglib2.0-dev \
-    glib-dev \
+    libfreetype6-dev \
-    freetype-dev \
+    libfontconfig1-dev \
-    fontconfig-dev \
+    pkg-config \
-    \
+    libpq-dev \
-    pkgconfig
+    default-libmysqlclient-dev \
+    && rm -rf /var/lib/apt/lists/*
 
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
 
 COPY . .
-RUN mkdir -p instance storage/archive storage/pdf storage/backups
+RUN mkdir -p db storage/archive storage/pdf storage/backups
 
 CMD ["gunicorn", "-w", "1", "-k", "gthread", "--threads", "8", "-b", "0.0.0.0:5000", "run:app"]

README.md

@@ -88,8 +88,6 @@ APP_DOMAIN=ksef.local:8785 ./deploy_docker.sh
 
 ## Konta
 
-Nie ma już wymogu seedów do logowania. Użyj CLI:
-
 ```bash
 flask --app run.py create-company
 flask --app run.py create-user

app/__init__.py

@@ -1,11 +1,12 @@
-from dotenv import load_dotenv
+import time
 from pathlib import Path
+
+from dotenv import load_dotenv
 from flask import Flask, render_template, request, url_for
 from flask_login import current_user
-from werkzeug.middleware.proxy_fix import ProxyFix
-from dotenv import load_dotenv
 from sqlalchemy import inspect, text
-from sqlalchemy.exc import SQLAlchemyError
+from sqlalchemy.exc import OperationalError, SQLAlchemyError
+from werkzeug.middleware.proxy_fix import ProxyFix
 from config import Config
 from redis.exceptions import RedisError
 from app.cli import register_cli
@@ -30,7 +31,25 @@ def _ensure_column(table_name: str, column_name: str, ddl: str):
         db.session.commit()
 
 
+
+def _wait_for_database(app, attempts: int = 30, delay: float = 1.0) -> bool:
+    for attempt in range(1, attempts + 1):
+        try:
+            with db.engine.connect() as conn:
+                conn.execute(text('SELECT 1'))
+            if attempt > 1:
+                app.logger.info('Database became available after %s attempt(s).', attempt)
+            return True
+        except OperationalError:
+            app.logger.warning('Database not ready yet (%s/%s). Waiting...', attempt, attempts)
+            time.sleep(delay)
+    return False
+
 def _bootstrap_database(app):
+    if not _wait_for_database(app):
+        app.logger.error('Database is still unavailable after waiting. Skipping bootstrap.')
+        return
+
     try:
         db.create_all()
         patches = [

app/dashboard/routes.py

@@ -137,7 +137,8 @@ def index():
 @bp.route('/switch-company/<int:company_id>')
 @login_required
 def switch_company(company_id):
-    CompanyService.set_active_company(company_id)
+    if not CompanyService.switch_company(company_id):
+        abort(403)
     return redirect(url_for('dashboard.index'))
 
 

app/services/company_service.py

@@ -54,3 +54,7 @@ class CompanyService:
                 session['current_company_id'] = company.id
             except RuntimeError:
                 pass
+
+    @staticmethod
+    def set_active_company(company_id, user=None):
+        return CompanyService.switch_company(company_id, user=user)

app/services/system_data_service.py

@@ -8,6 +8,7 @@ from pathlib import Path
 import psutil
 from flask import current_app
 from sqlalchemy import inspect
+from sqlalchemy.engine import make_url
 
 from app.extensions import db
 from app.models.audit_log import AuditLog
@@ -199,19 +200,52 @@ class SystemDataService:
                 continue
             count = db.session.execute(db.select(db.func.count()).select_from(table)).scalar() or 0
             table_rows.append({'table': table_name, 'rows': int(count)})
+
         uri = current_app.config.get('SQLALCHEMY_DATABASE_URI', '')
         sqlite_path = None
         sqlite_size = None
+        db_driver = None
+        db_host = None
+        db_port = None
+        db_name = None
+        db_user = None
+
+        try:
+            url = make_url(uri)
+            db_driver = url.drivername
+            db_host = url.host
+            db_port = url.port
+            db_name = url.database
+            db_user = url.username
+        except Exception:
+            pass
+
         if uri.startswith('sqlite:///') and not uri.endswith(':memory:'):
             sqlite_path = uri.replace('sqlite:///', '', 1)
             try:
                 sqlite_size = self._human_size(Path(sqlite_path).stat().st_size)
             except FileNotFoundError:
                 sqlite_size = 'brak pliku'
+
+        if engine.name == 'sqlite':
+            db_label = 'SQLite'
+        elif engine.name == 'postgresql':
+            db_label = 'PostgreSQL'
+        elif engine.name == 'mysql':
+            db_label = 'MySQL'
+        else:
+            db_label = engine.name
+
         table_rows_sorted = sorted(table_rows, key=lambda item: (-item['rows'], item['table']))
         return {
             'engine': engine.name,
+            'engine_label': db_label,
+            'driver': db_driver,
             'uri': self._mask_uri(uri),
+            'host': db_host,
+            'port': db_port,
+            'database': db_name,
+            'username': db_user,
             'tables_count': len(table_rows),
             'sqlite_path': sqlite_path,
             'sqlite_size': sqlite_size,

app/static/css/app.css

@@ -1,71 +1,425 @@
-body { min-height: 100vh; background: var(--bs-tertiary-bg); }
+*, *::after, *::before {
-pre { white-space: pre-wrap; }
+    box-sizing: border-box;
-html, body { overflow-x: hidden; }
+}
-.app-shell { min-height: 100vh; align-items: stretch; }
+
-.sidebar { width: 292px; min-width: 292px; max-width: 292px; flex: 0 0 292px; min-height: 100vh; position: sticky; top: 0; overflow-y: auto; overflow-x: hidden; }
+body {
-.main-column { flex: 1 1 auto; min-width: 0; width: calc(100% - 292px); }
+    min-height: 100vh;
-.main-column > .p-4, .main-column section.p-4 { width: 100%; max-width: 100%; }
+    background: var(--bs-tertiary-bg);
-.page-topbar { backdrop-filter: blur(6px); }
+}
-.page-content-wrap { background: linear-gradient(180deg, rgba(13,110,253,.03), transparent 180px); }
+
-.brand-icon { display: inline-flex; align-items: center; justify-content: center; width: 42px; height: 42px; border-radius: 14px; background: linear-gradient(135deg, #0d6efd, #6ea8fe); color: #fff; }
+pre {
-.menu-section-label { font-size: .75rem; text-transform: uppercase; letter-spacing: .08em; color: var(--bs-secondary-color); margin-bottom: .5rem; margin-top: 1rem; }
+    white-space: pre-wrap;
-.nav-link { border-radius: .85rem; color: inherit; padding: .7rem .85rem; font-weight: 500; display: flex; align-items: center; white-space: nowrap; overflow: hidden; text-overflow: ellipsis; }
+}
-.nav-link i { width: 1.2rem; text-align: center; flex: 0 0 1.2rem; }
+
-.nav-link:hover { background: rgba(13,110,253,.08); }
+html, body {
-.nav-link-accent { background: rgba(13,110,253,.08); border: 1px solid rgba(13,110,253,.14); }
+    overflow-x: hidden;
-.nav-link-highlight { background: rgba(25,135,84,.08); border: 1px solid rgba(25,135,84,.14); }
+}
-.top-chip { padding: .35rem .65rem; border-radius: 999px; background: rgba(127,127,127,.08); }
+
-.readonly-pill { display: inline-flex; align-items: center; padding: .4rem .75rem; border-radius: 999px; background: rgba(255,193,7,.16); color: var(--bs-emphasis-color); border: 1px solid rgba(255,193,7,.35); font-size: .875rem; }
+.app-shell {
-.readonly-pill-compact { font-size: .8rem; padding: .35rem .6rem; }
+    min-height: 100vh;
-.page-title { font-size: 1.15rem; }
+    align-items: stretch;
-.card { border: 0; box-shadow: 0 .35rem 1rem rgba(15, 23, 42, .08); border-radius: 1rem; }
+}
-.card-header { font-weight: 600; background: color-mix(in srgb, var(--bs-body-bg) 80%, var(--bs-primary-bg-subtle)); border-bottom: 1px solid var(--bs-border-color); border-top-left-radius: 1rem !important; border-top-right-radius: 1rem !important; }
+
-.table thead th { font-size: .85rem; color: var(--bs-secondary-color); }
+.sidebar {
-.page-section-header { padding: 1.25rem; border-radius: 1.1rem; background: var(--bs-body-bg); box-shadow: 0 .35rem 1rem rgba(15, 23, 42, .08); }
+    width: 292px;
-.section-eyebrow { letter-spacing: .08em; }
+    min-width: 292px;
-.section-toolbar .btn, .page-section-header .btn { border-radius: .8rem; }
+    max-width: 292px;
-.surface-muted { background: color-mix(in srgb, var(--bs-tertiary-bg) 85%, white); border-radius: 1rem; }
+    flex: 0 0 292px;
-.settings-tab .nav-link { justify-content: flex-start; }
+    min-height: 100vh;
-.settings-tab .nav-link.active { background: var(--bs-primary); color: #fff; }
+    position: sticky;
-.stat-card { min-height: 120px; border: 0; }
+    top: 0;
-.stat-blue { background: linear-gradient(135deg, #0d6efd, #4aa3ff); }
+    overflow-y: auto;
-.stat-green { background: linear-gradient(135deg, #198754, #44c28a); }
+    overflow-x: hidden;
-.stat-purple { background: linear-gradient(135deg, #6f42c1, #9a6bff); }
+}
-.stat-orange { background: linear-gradient(135deg, #fd7e14, #ffad5c); }
+
-.stat-dark { background: linear-gradient(135deg, #343a40, #586069); }
+.main-column {
-.compact-card-body { padding: .95rem 1.1rem; }
+    flex: 1 1 auto;
-.text-wrap-balanced { max-width: 46rem; }
+    min-width: 0;
-.nfz-badge { font-size: .78rem; }
+    width: calc(100% - 292px);
-[data-bs-theme="dark"] .nav-link:hover { background: rgba(255,255,255,.08); }
+}
-[data-bs-theme="dark"] .top-chip { background: rgba(255,255,255,.06); }
+
-[data-bs-theme="dark"] .page-content-wrap { background: linear-gradient(180deg, rgba(13,110,253,.08), transparent 200px); }
+.main-column>.p-4, .main-column section.p-4 {
-@media (max-width: 991px) { .app-shell { flex-direction: column; } .sidebar { width: 100%; min-width: 100%; max-width: 100%; flex-basis: auto; min-height: auto; position: static; } .main-column { width: 100%; } }
+    width: 100%;
-.invoice-detail-layout { display: grid; grid-template-columns: minmax(0, 1fr) 320px; gap: 1rem; }
+    max-width: 100%;
-.invoice-detail-main, .invoice-detail-sidebar { min-width: 0; }
+}
-.invoice-detail-sticky { position: sticky; top: 1rem; }
+
-.invoice-preview-surface { max-height: none; }
+.page-topbar {
-.invoice-preview-surface table { min-width: 720px; }
+    backdrop-filter: blur(6px);
-@media (max-width: 991px) { .invoice-detail-layout { grid-template-columns: 1fr; } .invoice-detail-sticky { position: static; } }
+}
-.source-switch { display: flex; flex-wrap: wrap; gap: .75rem; }
+
-.btn-source { border: 1px solid var(--bs-border-color); border-radius: 999px; padding: .65rem 1rem; background: var(--bs-body-bg); }
+.page-content-wrap {
-.btn-check:checked + .btn-source { background: var(--bs-primary); color: #fff; border-color: var(--bs-primary); }
+    background: linear-gradient(180deg, rgba(13, 110, 253, .03), transparent 180px);
-.source-panel { padding: 1rem; border: 1px solid var(--bs-border-color); border-radius: 1rem; background: color-mix(in srgb, var(--bs-body-bg) 92%, var(--bs-primary-bg-subtle)); }
+}
-.source-panel-note .alert { border-radius: 1rem; }
+
-.settings-module-intro { display: flex; justify-content: space-between; gap: 1rem; align-items: flex-start; margin-bottom: 1rem; padding: 1rem; border-radius: 1rem; background: color-mix(in srgb, var(--bs-tertiary-bg) 88%, var(--bs-primary-bg-subtle)); }
+.brand-icon {
-.login-page { background: linear-gradient(135deg, rgba(13,110,253,.08), rgba(111,66,193,.08)); }
+    display: inline-flex;
-.login-hero { align-items: center; justify-content: center; padding: 3rem; }
+    align-items: center;
-.login-hero-card { max-width: 34rem; }
+    justify-content: center;
-.login-form-card { max-width: 34rem; border-radius: 1.5rem; }
+    width: 42px;
-.login-feature-list { display: grid; gap: 1rem; margin-top: 2rem; font-weight: 500; }
+    height: 42px;
-.invoice-actions-cell { min-width: 170px; }
+    border-radius: 14px;
-.invoice-action-btn { min-width: 88px; height: 34px; display: inline-flex; align-items: center; justify-content: center; border-radius: .7rem; white-space: nowrap; flex: 0 0 auto; }
+    background: linear-gradient(135deg, #0d6efd, #6ea8fe);
-.table td .invoice-action-btn i { line-height: 1; }
+    color: #fff;
-.table td.text-end { white-space: nowrap; }
+}
-.ksef-break, td.text-break { word-break: break-word; overflow-wrap: anywhere; }
+
-.invoice-ksef-col { min-width: 190px; max-width: 260px; }
+.menu-section-label {
-.invoice-number-col { min-width: 180px; }
+    font-size: .75rem;
-.invoice-actions-stack { display: flex; flex-wrap: nowrap; justify-content: flex-end; gap: .5rem; }
+    text-transform: uppercase;
-.pagination { gap: .2rem; }
+    letter-spacing: .08em;
-.pagination .page-link { border-radius: .65rem; }
+    color: var(--bs-secondary-color);
-@media (max-width: 1400px) { .invoice-actions-cell { min-width: 150px; } .invoice-action-btn { min-width: 80px; padding-left: .6rem; padding-right: .6rem; } .invoice-ksef-col { min-width: 170px; max-width: 220px; } }
+    margin-bottom: .5rem;
-@media (max-width: 1200px) { .invoice-actions-stack { flex-wrap: wrap; } .table td.text-end { white-space: normal; } }
+    margin-top: 1rem;
+}
+
+.nav-link {
+    border-radius: .85rem;
+    color: inherit;
+    padding: .7rem .85rem;
+    font-weight: 500;
+    display: flex;
+    align-items: center;
+    white-space: nowrap;
+    overflow: hidden;
+    text-overflow: ellipsis;
+}
+
+.nav-link i {
+    width: 1.2rem;
+    text-align: center;
+    flex: 0 0 1.2rem;
+}
+
+.nav-link:hover {
+    background: rgba(13, 110, 253, .08);
+}
+
+.nav-link-accent {
+    background: rgba(13, 110, 253, .08);
+    border: 1px solid rgba(13, 110, 253, .14);
+}
+
+.nav-link-highlight {
+    background: rgba(25, 135, 84, .08);
+    border: 1px solid rgba(25, 135, 84, .14);
+}
+
+.top-chip {
+    padding: .35rem .65rem;
+    border-radius: 999px;
+    background: rgba(127, 127, 127, .08);
+}
+
+.readonly-pill {
+    display: inline-flex;
+    align-items: center;
+    padding: .4rem .75rem;
+    border-radius: 999px;
+    background: rgba(255, 193, 7, .16);
+    color: var(--bs-emphasis-color);
+    border: 1px solid rgba(255, 193, 7, .35);
+    font-size: .875rem;
+}
+
+.readonly-pill-compact {
+    font-size: .8rem;
+    padding: .35rem .6rem;
+}
+
+.page-title {
+    font-size: 1.15rem;
+}
+
+.card {
+    border: 0;
+    box-shadow: 0 .35rem 1rem rgba(15, 23, 42, .08);
+    border-radius: 1rem;
+}
+
+.card-header {
+    font-weight: 600;
+    background: color-mix(in srgb, var(--bs-body-bg) 80%, var(--bs-primary-bg-subtle));
+    border-bottom: 1px solid var(--bs-border-color);
+    border-top-left-radius: 1rem !important;
+    border-top-right-radius: 1rem !important;
+}
+
+.table thead th {
+    font-size: .85rem;
+    color: var(--bs-secondary-color);
+}
+
+.page-section-header {
+    padding: 1.25rem;
+    border-radius: 1.1rem;
+    background: var(--bs-body-bg);
+    box-shadow: 0 .35rem 1rem rgba(15, 23, 42, .08);
+}
+
+.section-eyebrow {
+    letter-spacing: .08em;
+}
+
+.section-toolbar .btn, .page-section-header .btn {
+    border-radius: .8rem;
+}
+
+.surface-muted {
+    background: color-mix(in srgb, var(--bs-tertiary-bg) 85%, white);
+    border-radius: 1rem;
+}
+
+.settings-tab .nav-link {
+    justify-content: flex-start;
+}
+
+.settings-tab .nav-link.active {
+    background: var(--bs-primary);
+    color: #fff;
+}
+
+.stat-card {
+    min-height: 120px;
+    border: 0;
+}
+
+.stat-blue {
+    background: linear-gradient(135deg, #0d6efd, #4aa3ff);
+}
+
+.stat-green {
+    background: linear-gradient(135deg, #198754, #44c28a);
+}
+
+.stat-purple {
+    background: linear-gradient(135deg, #6f42c1, #9a6bff);
+}
+
+.stat-orange {
+    background: linear-gradient(135deg, #fd7e14, #ffad5c);
+}
+
+.stat-dark {
+    background: linear-gradient(135deg, #343a40, #586069);
+}
+
+.compact-card-body {
+    padding: .95rem 1.1rem;
+}
+
+.text-wrap-balanced {
+    max-width: 46rem;
+}
+
+.nfz-badge {
+    font-size: .78rem;
+}
+
+[data-bs-theme="dark"] .nav-link:hover {
+    background: rgba(255, 255, 255, .08);
+}
+
+[data-bs-theme="dark"] .top-chip {
+    background: rgba(255, 255, 255, .06);
+}
+
+[data-bs-theme="dark"] .page-content-wrap {
+    background: linear-gradient(180deg, rgba(13, 110, 253, .08), transparent 200px);
+}
+
+@media (max-width: 991px) {
+    .app-shell {
+        flex-direction: column;
+    }
+
+    .sidebar {
+        width: 100%;
+        min-width: 100%;
+        max-width: 100%;
+        flex-basis: auto;
+        min-height: auto;
+        position: static;
+    }
+
+    .main-column {
+        width: 100%;
+    }
+}
+
+.invoice-detail-layout {
+    display: grid;
+    grid-template-columns: minmax(0, 1fr) 320px;
+    gap: 1rem;
+}
+
+.invoice-detail-main, .invoice-detail-sidebar {
+    min-width: 0;
+}
+
+.invoice-detail-sticky {
+    position: sticky;
+    top: 1rem;
+}
+
+.invoice-preview-surface {
+    max-height: none;
+}
+
+.invoice-preview-surface table {
+    min-width: 720px;
+}
+
+@media (max-width: 991px) {
+    .invoice-detail-layout {
+        grid-template-columns: 1fr;
+    }
+
+    .invoice-detail-sticky {
+        position: static;
+    }
+}
+
+.source-switch {
+    display: flex;
+    flex-wrap: wrap;
+    gap: .75rem;
+}
+
+.btn-source {
+    border: 1px solid var(--bs-border-color);
+    border-radius: 999px;
+    padding: .65rem 1rem;
+    background: var(--bs-body-bg);
+}
+
+.btn-check:checked+.btn-source {
+    background: var(--bs-primary);
+    color: #fff;
+    border-color: var(--bs-primary);
+}
+
+.source-panel {
+    padding: 1rem;
+    border: 1px solid var(--bs-border-color);
+    border-radius: 1rem;
+    background: color-mix(in srgb, var(--bs-body-bg) 92%, var(--bs-primary-bg-subtle));
+}
+
+.source-panel-note .alert {
+    border-radius: 1rem;
+}
+
+.settings-module-intro {
+    display: flex;
+    justify-content: space-between;
+    gap: 1rem;
+    align-items: flex-start;
+    margin-bottom: 1rem;
+    padding: 1rem;
+    border-radius: 1rem;
+    background: color-mix(in srgb, var(--bs-tertiary-bg) 88%, var(--bs-primary-bg-subtle));
+}
+
+.login-page {
+    background: linear-gradient(135deg, rgba(13, 110, 253, .08), rgba(111, 66, 193, .08));
+}
+
+.login-hero {
+    align-items: center;
+    justify-content: center;
+    padding: 3rem;
+}
+
+.login-hero-card {
+    max-width: 34rem;
+}
+
+.login-form-card {
+    max-width: 34rem;
+    border-radius: 1.5rem;
+}
+
+.login-feature-list {
+    display: grid;
+    gap: 1rem;
+    margin-top: 2rem;
+    font-weight: 500;
+}
+
+.invoice-actions-cell {
+    min-width: 170px;
+}
+
+.invoice-action-btn {
+    min-width: 88px;
+    height: 34px;
+    display: inline-flex;
+    align-items: center;
+    justify-content: center;
+    border-radius: .7rem;
+    white-space: nowrap;
+    flex: 0 0 auto;
+}
+
+.table td .invoice-action-btn i {
+    line-height: 1;
+}
+
+.table td.text-end {
+    white-space: nowrap;
+}
+
+.ksef-break, td.text-break {
+    word-break: break-word;
+    overflow-wrap: anywhere;
+}
+
+.invoice-ksef-col {
+    min-width: 190px;
+    max-width: 260px;
+}
+
+.invoice-number-col {
+    min-width: 180px;
+}
+
+.invoice-actions-stack {
+    display: flex;
+    flex-wrap: nowrap;
+    justify-content: flex-end;
+    gap: .5rem;
+}
+
+.pagination {
+    gap: .2rem;
+}
+
+.pagination .page-link {
+    border-radius: .65rem;
+}
+
+@media (max-width: 1400px) {
+    .invoice-actions-cell {
+        min-width: 150px;
+    }
+
+    .invoice-action-btn {
+        min-width: 80px;
+        padding-left: .6rem;
+        padding-right: .6rem;
+    }
+
+    .invoice-ksef-col {
+        min-width: 170px;
+        max-width: 220px;
+    }
+}
+
+@media (max-width: 1200px) {
+    .invoice-actions-stack {
+        flex-wrap: wrap;
+    }
+
+    .table td.text-end {
+        white-space: normal;
+    }
+}

app/templates/auth/login.html

@@ -12,11 +12,10 @@
   <div class="row min-vh-100">
     <div class="col-lg-6 login-hero d-none d-lg-flex">
       <div class="login-hero-card">
-        <span class="brand-icon mb-4"><i class="fa-solid fa-file-invoice-dollar"></i></span>
         <h1 class="mt-4 mb-3">KSeF Manager</h1>
-        <p class="lead text-secondary">Logowanie do panelu faktur, KSeF, powiadomień i konfiguracji administracyjnej.</p>
+        <p class="lead text-secondary">Logowanie do systemu <strong>KsEF Manager</strong>.</p>
         <div class="login-feature-list">
-          <div><i class="fa-solid fa-check text-primary me-2"></i>Zarządzj fakturami w jednym miejscu</div>
+          <div><i class="fa-solid fa-check text-primary me-2"></i>Wystawiaj / odbieraj faktury w jednym meisjcu</div>
         </div>
       </div>
     </div>

app/templates/base.html

@@ -13,7 +13,7 @@
   <aside class="sidebar bg-body-tertiary border-end p-3">
     <div class="mb-4">
       <div class="d-flex align-items-center gap-2 mb-1">
-        <span class="brand-icon"><i class="fa-solid fa-file-invoice-dollar"></i></span>
+        <span class="brand-icon"><i class="fa-solid fa-file-invoice-invoice"></i></span>
         <div>
           <h5 class="mb-0">{{ app_name }}</h5>
           <div class="small text-secondary">Panel KSeF i archiwum</div>

config.py

@@ -1,18 +1,42 @@
 import os
 from pathlib import Path
+from urllib.parse import quote_plus
 from dotenv import load_dotenv
 
 BASE_DIR = Path(__file__).resolve().parent
 load_dotenv(BASE_DIR / '.env')
 
 
-def _normalize_sqlalchemy_db_url(raw: str | None) -> str:
+def _q(value: str) -> str:
-    if not raw:
+    return quote_plus(value or '')
-        return f"sqlite:///{(BASE_DIR / 'instance' / 'app.db').resolve()}"
+
-    if raw.startswith('sqlite:///') and not raw.startswith('sqlite:////'):
+
-        rel = raw.replace('sqlite:///', '', 1)
+def _build_db_url() -> str:
-        return f"sqlite:///{(BASE_DIR / rel).resolve()}"
+    db_engine = os.getenv('DB_ENGINE', 'sqlite').strip().lower()
-    return raw
+    db_host = os.getenv('DB_HOST', 'localhost').strip()
+    db_port = os.getenv('DB_PORT', '').strip()
+    db_name = os.getenv('DB_NAME', 'ksef').strip()
+    db_user = os.getenv('DB_USER', '').strip()
+    db_password = os.getenv('DB_PASSWORD', '').strip()
+
+    if db_engine == 'sqlite':
+        return f"sqlite:///{(BASE_DIR / 'db' / 'sqlite' / 'app.db').resolve()}"
+
+    if db_engine in ('pgsql', 'postgres', 'postgresql'):
+        port = db_port or '5432'
+        return (
+            f"postgresql+psycopg://{_q(db_user)}:{_q(db_password)}"
+            f"@{db_host}:{port}/{_q(db_name)}"
+        )
+
+    if db_engine == 'mysql':
+        port = db_port or '3306'
+        return (
+            f"mysql+pymysql://{_q(db_user)}:{_q(db_password)}"
+            f"@{db_host}:{port}/{_q(db_name)}"
+        )
+
+    raise ValueError(f"Nieobsługiwany DB_ENGINE: {db_engine}")
 
 
 def _path_from_env(name: str, default: Path) -> Path:
@@ -35,7 +59,7 @@ def _normalize_redis_url(raw: str | None) -> str:
 class Config:
     SECRET_KEY = os.getenv('SECRET_KEY', 'change-me-please')
     APP_MASTER_KEY = os.getenv('APP_MASTER_KEY', SECRET_KEY)
-    SQLALCHEMY_DATABASE_URI = _normalize_sqlalchemy_db_url(os.getenv('DATABASE_URL'))
+    SQLALCHEMY_DATABASE_URI = _build_db_url()
     SQLALCHEMY_TRACK_MODIFICATIONS = False
     ARCHIVE_PATH = _path_from_env('ARCHIVE_PATH', BASE_DIR / 'storage' / 'archive')
     PDF_PATH = _path_from_env('PDF_PATH', BASE_DIR / 'storage' / 'pdf')
@@ -55,8 +79,6 @@ class Config:
     SESSION_COOKIE_HTTPONLY = True
     REMEMBER_COOKIE_HTTPONLY = True
     SESSION_COOKIE_SAMESITE = 'Lax'
-    #CEIDG_API_URL = os.getenv('CEIDG_API_URL', 'https://dane.biznes.gov.pl/api/ceidg/v2/firmy')
-    #CEIDG_TEST_API_URL = os.getenv('CEIDG_TEST_API_URL', 'https://test-dane.biznes.gov.pl/api/ceidg/v2/firmy')
     APP_FOOTER_TEXT = 'KSeF Manager · linuxiarz.pl · Mateusz Gruszczyński'
 
 

deploy_docker.sh

@@ -1,10 +1,22 @@
 #!/usr/bin/env sh
 set -eu
 
+DB_TARGET="${1:-sqlite}"
+
 STACK_NAME="${STACK_NAME:-ksef_app}"
 COMPOSE_FILE="${COMPOSE_FILE:-docker-compose.yml}"
 SSL_DIR="${SSL_DIR:-./deploy/caddy/ssl}"
+
+if [ -f .env ]; then
+  set -a
+  . ./.env
+  set +a
+fi
+
 APP_DOMAIN="${APP_DOMAIN:-localhost}"
+APP_EXTERNAL_SCHEME="${APP_EXTERNAL_SCHEME:-https}"
+EXPOSE_PORT="${EXPOSE_PORT:-8785}"
+
 CERT_FILE="${CERT_FILE:-${SSL_DIR}/server.crt}"
 KEY_FILE="${KEY_FILE:-${SSL_DIR}/server.key}"
 
@@ -24,6 +36,38 @@ need_cmd openssl
 
 mkdir -p "$SSL_DIR"
 
+case "$DB_TARGET" in
+  sqlite)
+    export DB_ENGINE=sqlite
+    export DB_HOST=""
+    export DB_PORT=""
+    COMPOSE_PROFILES=""
+    mkdir -p ./db/sqlite
+    DB_PATH_INFO="./db/sqlite/app.db"
+    ;;
+  pgsql|postgres|postgresql)
+    export DB_ENGINE=pgsql
+    export DB_HOST="${DB_HOST:-postgres}"
+    export DB_PORT="${DB_PORT:-5432}"
+    COMPOSE_PROFILES="pgsql"
+    mkdir -p ./db/pgsql
+    DB_PATH_INFO="./db/pgsql"
+    ;;
+  mysql)
+    export DB_ENGINE=mysql
+    export DB_HOST="${DB_HOST:-mysql}"
+    export DB_PORT="${DB_PORT:-3306}"
+    COMPOSE_PROFILES="mysql"
+    mkdir -p ./db/mysql
+    DB_PATH_INFO="./db/mysql"
+    ;;
+  *)
+    printf 'Nieznany typ bazy: %s\n' "$DB_TARGET" >&2
+    printf 'Użycie: ./deploy_docker.sh [sqlite|pgsql|mysql]\n' >&2
+    exit 1
+    ;;
+esac
+
 if [ ! -f "$CERT_FILE" ] || [ ! -f "$KEY_FILE" ]; then
   log "Nie znaleziono certyfikatu SSL w katalogu ${SSL_DIR}, tworzę self-signed cert..."
   rm -f "$CERT_FILE" "$KEY_FILE"
@@ -38,22 +82,38 @@ else
   log "Znaleziono istniejący certyfikat SSL w katalogu ${SSL_DIR}."
 fi
 
-log "Pobieram najnowsze obrazy bazowe..."
+log "Wybrany silnik bazy: ${DB_ENGINE}"
-docker compose -f "$COMPOSE_FILE" pull
 
-log "Buduję obraz bez cache..."
+if [ -n "$COMPOSE_PROFILES" ]; then
-docker compose -f "$COMPOSE_FILE" build --no-cache
+  export COMPOSE_PROFILES
+  log "Aktywne profile Compose: ${COMPOSE_PROFILES}"
+else
+  unset COMPOSE_PROFILES || true
+  log "Brak aktywnych profili Compose"
+fi
 
-log "Zatrzymuję aktualny stack..."
+log "Pobieram najnowsze obrazy dla projektu ${STACK_NAME}..."
+docker compose -p "$STACK_NAME" -f "$COMPOSE_FILE" pull
+
+log "Zatrzymuję aktualny stack projektu ${STACK_NAME}..."
 docker compose -p "$STACK_NAME" -f "$COMPOSE_FILE" stop || true
 
-log "Usuwam osierocone kontenery i stare nieużywane obrazy..."
+log "Usuwam kontenery i osierocone zasoby tylko dla projektu ${STACK_NAME}..."
 docker compose -p "$STACK_NAME" -f "$COMPOSE_FILE" down --remove-orphans || true
-docker image prune -af || true
-docker builder prune -af || true
 
-authoritative_stack="${STACK_NAME}"
+log "Buduję obrazy projektu ${STACK_NAME} bez cache..."
-log "Uruchamiam stack ${authoritative_stack}..."
+docker compose -p "$STACK_NAME" -f "$COMPOSE_FILE" build --no-cache
+
+log "Uruchamiam stack ${STACK_NAME}..."
 docker compose -p "$STACK_NAME" -f "$COMPOSE_FILE" up -d
 
-log "Deployment zakończony. Aplikacja powinna być dostępna pod https://${APP_DOMAIN}"
+APP_URL="${APP_EXTERNAL_SCHEME}://${APP_DOMAIN}"
+if [ -n "${EXPOSE_PORT:-}" ]; then
+  APP_URL="${APP_URL}:${EXPOSE_PORT}"
+fi
+
+log "Deployment zakończony."
+log "Adres aplikacji: ${APP_URL}"
+log "Port zewnętrzny: ${EXPOSE_PORT}"
+log "Silnik bazy: ${DB_ENGINE}"
+log "Ścieżka danych bazy: ${DB_PATH_INFO}"

docker-compose.yml

@@ -3,20 +3,74 @@ services:
     build: .
     env_file: [.env]
     environment:
-      APP_PORT: 5000
+      APP_PORT: ${APP_PORT:-5000}
-      APP_EXTERNAL_SCHEME: https
+      APP_EXTERNAL_SCHEME: ${APP_EXTERNAL_SCHEME:-https}
       APP_EXTERNAL_HOST: ${APP_DOMAIN:-localhost}
       APP_EXTERNAL_PORT: ${EXPOSE_PORT:-8785}
       TZ: ${APP_TIMEZONE:-Europe/Warsaw}
     volumes:
       - ./:/app
-    depends_on: [redis]
+      - ./db/sqlite:/app/db/sqlite
+    depends_on:
+      redis:
+        condition: service_healthy
+      postgres:
+        condition: service_healthy
+        required: false
+      mysql:
+        condition: service_healthy
+        required: false
     restart: unless-stopped
 
   redis:
     image: redis:7-alpine
     ports:
       - "6379:6379"
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 5s
+      timeout: 3s
+      retries: 20
+    restart: unless-stopped
+
+  postgres:
+    image: postgres:18-alpine
+    profiles: ["pgsql"]
+    environment:
+      POSTGRES_DB: ${DB_NAME:-ksef}
+      POSTGRES_USER: ${DB_USER:-ksef}
+      POSTGRES_PASSWORD: ${DB_PASSWORD:-ksef}
+      TZ: ${APP_TIMEZONE:-Europe/Warsaw}
+    volumes:
+      - ./db/pgsql:/var/lib/postgresql
+    ports:
+      - "${DB_PORT:-5432}:5432"
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-ksef} -d ${DB_NAME:-ksef}"]
+      interval: 5s
+      timeout: 5s
+      retries: 20
+    restart: unless-stopped
+
+  mysql:
+    image: mysql:8.4
+    profiles: ["mysql"]
+    command: --default-authentication-plugin=mysql_native_password
+    environment:
+      MYSQL_DATABASE: ${DB_NAME:-ksef}
+      MYSQL_USER: ${DB_USER:-ksef}
+      MYSQL_PASSWORD: ${DB_PASSWORD:-ksef}
+      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-root}
+      TZ: ${APP_TIMEZONE:-Europe/Warsaw}
+    volumes:
+      - ./db/mysql:/var/lib/mysql
+    ports:
+      - "${DB_PORT:-3306}:3306"
+    healthcheck:
+      test: ["CMD-SHELL", "mysqladmin ping -h 127.0.0.1 -uroot -p${MYSQL_ROOT_PASSWORD:-root} --silent"]
+      interval: 5s
+      timeout: 5s
+      retries: 20
     restart: unless-stopped
 
   caddy:
@@ -33,7 +87,8 @@ services:
       - ./deploy/caddy/ssl:/certs:ro
       - caddy_data:/data
       - caddy_config:/config
-    depends_on: [web]
+    depends_on:
+      - web
     restart: unless-stopped
 
 volumes:

requirements.txt

@@ -22,3 +22,4 @@ cryptography==45.0.0
 xhtml2pdf==0.2.17
 psutil
 gunicorn==23.0.0
+PyMySQL==1.1.1

tests/test_admin_system.py

@@ -43,6 +43,8 @@ def test_admin_system_data_page(auth_client, monkeypatch):
     assert 'Połączenie CEIDG' in body
     assert 'Proces i health systemu' in body
     assert 'Użytkownicy' in body
+    assert 'Typ bazy:' in body
+    assert 'Silnik SQLAlchemy:' in body
     assert 'Diagnoza' not in body
     assert 'Co sprawdzić' not in body