-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdocker-compose.prod.yml
107 lines (104 loc) · 2.77 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
version: "3.9"
networks:
web:
external: true
internal:
external: false
services:
api:
build:
context: api
dockerfile: Dockerfile.prod
args:
API_PORT: ${API_PORT}
POETRY_VERSION: ${POETRY_VERSION}
MAILCTL_VERSION: ${MAILCTL_VERSION}
MSMTP_VERSION: ${MSMTP_VERSION}
MAILCTL_SERVICES: ${MAILCTL_SERVICES}
MAILCTL_ACCOUNT: ${MAILCTL_ACCOUNT}
KEY_ID: ${KEY_ID}
PRIVATE_KEY: /run/secrets/gpg_private
MSMTP_HOST: ${MSMTP_HOST}
MSMTP_PORT: ${MSMTP_PORT}
MSMTP_AUTH: ${MSMTP_AUTH}
MSMTP_FROM: ${MSMTP_FROM}
MSMTP_USER: ${MSMTP_USER}
MSMTP_EVAL: ${MSMTP_EVAL}
secrets:
- gpg_private
ports:
- "${API_PORT}:${API_PORT}"
env_file:
- ./.env
environment:
API_PORT: "${API_PORT}"
SECRET_KEY: /run/secrets/api_secret
MAILCTL_TOKEN: ${MAILCTL_TOKEN}
DB_HOST: ${DB_HOST}
DB_USER: ${DB_USER}
DB_NAME: ${DB_NAME}
DB_PASSWORD: /run/secrets/db_password
TIMEZONE: ${TIMEZONE}
labels:
- "traefik.enable=true"
- "traefik.http.routers.cookies_api.rule=Host(`${API_HOST}`)"
- "traefik.http.routers.cookies_api.tls=true"
- "traefik.http.routers.cookies_api.tls.certresolver=lets-encrypt"
- "traefik.http.services.cookies_api.loadbalancer.server.port=${API_PORT}"
networks:
- internal
- web
secrets:
- api_secret
- gpg_private
- db_password
volumes:
- ${MAILCTL_TOKEN}:/app/mail/token.auth
client:
build:
context: client
dockerfile: Dockerfile.prod
args:
CLIENT_PORT: ${CLIENT_PORT}
API_URL: "http://api:${API_PORT}"
ports:
- "${CLIENT_PORT}:${CLIENT_PORT}"
environment:
API_URL: "http://api:${API_PORT}"
labels:
- "traefik.enable=true"
- "traefik.http.routers.cookies_client.rule=Host(`${CLIENT_HOST}`)"
- "traefik.http.routers.cookies_client.tls=true"
- "traefik.http.routers.cookies_client.tls.certresolver=lets-encrypt"
- "traefik.http.services.cookies_client.loadbalancer.server.port=${CLIENT_PORT}"
networks:
- internal
- web
depends_on:
- api
updater:
build:
context: updater
dockerfile: Dockerfile.prod
args:
CRON: ${CRON}
POETRY_VERSION: ${POETRY_VERSION}
environment:
API_USER: ${API_USER}
API_PASSWORD: /run/secrets/api_password
API_ENDPOINT: "http://api:${API_PORT}"
secrets:
- api_password
depends_on:
- api
networks:
- internal
secrets:
api_secret:
file: ${API_SECRET_FILE}
gpg_private:
file: ${GPG_SECRET_KEY_FILE}
api_password:
file: ${API_PASSWORD_FILE}
db_password:
file: ${DB_PASSWORD_FILE}