-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
executable file
·135 lines (126 loc) · 5.23 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
version: '3.5'
networks:
porto:
driver: overlay
external: true
services:
### APP (PHP-FPM + CADDY) ##############################################
app:
container_name: ${COMPOSE_PROJECT_NAME}_app_local
build:
args:
- PHP_VERSION=${PHP_VERSION}
- PHP_FPM_INSTALL_XDEBUG=${PHP_FPM_INSTALL_XDEBUG}
- PHP_FPM_INSTALL_PCOV=${PHP_FPM_INSTALL_PCOV}
- PHP_FPM_INSTALL_OPCACHE=${PHP_FPM_INSTALL_OPCACHE}
- COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME}
context: .
dockerfile: docker/app/Dockerfile_local
image: registry.gitlab.com/${REPOSITORY_NAME:-flagstudio}/${COMPOSE_PROJECT_NAME}:latest_dev
volumes:
- ./:/var/www
networks:
- ${COMPOSE_PROJECT_NAME}
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
#http
- traefik.http.services.${COMPOSE_PROJECT_NAME}-app-service.loadbalancer.server.port=${APP_PORT}
- traefik.http.routers.${COMPOSE_PROJECT_NAME}-app-router.rule=Host(`${APP_URI}`)
- traefik.http.routers.${COMPOSE_PROJECT_NAME}-app-router.entrypoints=http
- traefik.http.routers.${COMPOSE_PROJECT_NAME}-app-router.service=${COMPOSE_PROJECT_NAME}-app-service
### TRAEFIK (Edge Reverse Proxy) ##############################################
traefik:
image: traefik:v2.5.6
container_name: ${COMPOSE_PROJECT_NAME}_traefik
security_opt:
- no-new-privileges:true
ports:
- ${TRAEFIK_WEB_PORT}:80
- ${TRAEFIK_SECURE_WEB_PORT}:443
- ${TRAEFIK_PORT}:8080
command:
- --log.level=DEBUG
- --api.insecure=true
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.http.address=:${TRAEFIK_WEB_PORT}
- --entrypoints.https.address=:${TRAEFIK_SECURE_WEB_PORT}
- --entrypoints.dashboard.address=:${TRAEFIK_PORT}
- --certificatesresolvers.le.acme.httpchallenge=true
- --certificatesresolvers.le.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.le.acme.email=info@${APP_URI}
- --certificatesresolvers.le.acme.storage=/letsencrypt/acme.json
- --certificatesresolvers.le.acme.httpchallenge.entrypoint=http
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /etc/localtime:/etc/localtime:ro
- ./data/traefik/letsencrypt:/letsencrypt
networks:
- ${COMPOSE_PROJECT_NAME}
labels:
# Enable Traefik for this service, to make it available in the public network
- traefik.enable=true
# Use the traefik-public network (declared below)
- traefik.docker.network=${COMPOSE_PROJECT_NAME}
# https-redirect middleware to redirect HTTP to HTTPS
# It can be re-used by other stacks in other Docker Compose files
- traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
- traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
# traefik-http set up only to use the middleware to redirect to https
# Uses the environment variable TRAEFIK_DOMAIN
- traefik.http.routers.traefik-public-http.rule=Host(`${TRAEFIK_URI}`)
- traefik.http.routers.traefik-public-http.entrypoints=http
# - traefik.http.routers.traefik-public-http.middlewares=https-redirect
# traefik-https the actual router using HTTPS
# Uses the environment variable TRAEFIK_DOMAIN
# - traefik.http.routers.traefik-public-https.rule=Host(`${TRAEFIK_URI}`)
# - traefik.http.routers.traefik-public-https.entrypoints=https
# - traefik.http.routers.traefik-public-https.tls=true
# Use the special Traefik service api@internal with the web UI/Dashboard
# - traefik.http.routers.traefik-public-https.service=api@internal
# Use the "le" (Let's Encrypt) resolver created below
# - traefik.http.routers.traefik-public-https.tls.certresolver=le
# Define the port inside of the Docker service to use
- traefik.http.services.traefik-public.loadbalancer.server.port=${TRAEFIK_PORT}
restart: unless-stopped
### PostgreSQL ###########################################
postgres:
image: postgres:${POSTGRES_VERSION}-alpine
command: postgres
environment:
- POSTGRES_DB=${DB_DATABASE}
- POSTGRES_USER=${DB_USERNAME}
- POSTGRES_PASSWORD=${DB_PASSWORD}
volumes:
- ${DATA_PATH_HOST}/postgres:/var/lib/postgresql/data:delegated
expose:
- ${DB_PORT}
ports:
- "127.0.0.1:${DB_PORT}:5432"
networks:
- ${COMPOSE_PROJECT_NAME}
### PostgreSQL Test ######################################
postgrestest:
image: postgres:${POSTGRES_VERSION}-alpine
command: postgres
environment:
- POSTGRES_DB=${DB_DATABASE}
- POSTGRES_USER=${DB_USERNAME}
- POSTGRES_PASSWORD=${DB_PASSWORD}
volumes:
- ${DATA_PATH_HOST}/postgres_test:/var/lib/postgresql/data:delegated
expose:
- ${DB_TEST_PORT}
networks:
- ${COMPOSE_PROJECT_NAME}
### Redis ###########################################
redis:
container_name: ${COMPOSE_PROJECT_NAME}_redis
image: redis:6.2.5-buster
command: redis-server --requirepass ${REDIS_PASSWORD} --appendonly yes
volumes:
- ${DATA_PATH_HOST}/redis:/data
networks:
- ${COMPOSE_PROJECT_NAME}
restart: always