-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdocker-compose.yml
139 lines (132 loc) · 3.97 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
x-shared-environment:
&shared-environment # Pass to build environments and containers for all services
APP_TITLE: &app-title "UVP Interactive"
APP_DESCRIPTION: &app-description "Urban Video Project Interactive's web app"
# dns
DOMAIN:
# postgres
POSTGRES_HOST:
POSTGRES_DB:
POSTGRES_USER:
POSTGRES_PASSWORD:
# redis
REDIS_URL:
services:
proxy:
# networks:
# - app
image: traefik:v2.2
container_name: proxy
environment:
<<: *shared-environment
command:
- --api.insecure=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
- --certificatesresolvers.letsencrypt.acme.email=
- --certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/lets-encrypt/acme.json
volumes:
- ./traefik:/etc/traefik
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 80:80
- 443:443
depends_on:
- frontend
- backend
labels:
- traefik.enable=true
- traefik.http.routers.dashboard.rule=Host(`traefik.${DOMAIN}`)
- traefik.http.routers.dashboard.entrypoints=websecure
- traefik.http.routers.dashboard.tls=true
- traefik.http.routers.dashboard.tls.certresolver=letsencrypt
# HTTP Redirect
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
- traefik.http.routers.redirect-https.rule=hostregexp(`{host:.+}`)
- traefik.http.routers.redirect-https.entrypoints=web
- traefik.http.routers.redirect-https.middlewares=redirect-to-https
frontend:
container_name: frontend
environment:
<<: *shared-environment
NODE_ENV: production
VUE_APP_TITLE: *app-title
VUE_APP_DESCRIPTION: *app-description
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
build:
context: ./frontend
target: prod-stage
ports:
- 8080:8080
labels:
- traefik.enable=true
- traefik.http.routers.frontend.rule=Host(`${DOMAIN}`)
- traefik.http.routers.frontend.entrypoints=websecure
- traefik.http.routers.frontend.tls=true
- traefik.http.routers.frontend.tls.certresolver=letsencrypt
backend:
container_name: backend
environment:
<<: *shared-environment
# security
DEBUG: 0
SECRET_KEY:
ALLOWED_HOSTS:
BACKEND_CORS_ORIGINS:
# email
EMAILS_FROM_EMAIL: noreply@uvp.app
SMTP_TLS: 1
SMTP_PORT: 587
SMTP_HOST:
SMTP_USER:
SMTP_PASSWORD:
build:
context: ./backend
target: prod-stage
command: ${BACKEND_CMD-}
ports:
- 8000:8000
depends_on:
- frontend
- postgres
- redis
labels:
- traefik.enable=true
- traefik.http.routers.backend.rule=Host(`${DOMAIN}`) && PathPrefix(`/token`,`/api`,`/ws`,`/docs`,`/redoc`)
- traefik.http.routers.backend.entrypoints=websecure
- traefik.http.routers.backend.tls=true
- traefik.http.routers.backend.tls.certresolver=letsencrypt
redis:
image: redis:5-alpine
container_name: redis
environment:
<<: *shared-environment
postgres:
image: postgres:13.1-alpine
container_name: postgres
environment:
<<: *shared-environment
PGDATA: /var/lib/postgresql/data/pgdata
volumes:
- postgres_data:/var/lib/postgresql/data
pgadmin:
image: dpage/pgadmin4
container_name: pgadmin
environment:
<<: *shared-environment
PGADMIN_LISTEN_PORT: 5050
PGADMIN_DEFAULT_EMAIL:
PGADMIN_DEFAULT_PASSWORD:
depends_on:
- postgres
labels:
- traefik.enable=true
- traefik.http.routers.pgadmin.rule=Host(`pgadmin.${DOMAIN}`)
- traefik.http.routers.pgadmin.entrypoints=websecure
- traefik.http.routers.pgadmin.tls=true
- traefik.http.routers.pgadmin.tls.certresolver=letsencrypt
- traefik.http.services.pgadmin.loadbalancer.server.port=5050
volumes:
postgres_data: null