-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose-prod.yml
92 lines (84 loc) · 3.24 KB
/
docker-compose-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# docker-compose file used to deploy assosuite in a prodution environment
# do not use it in a development environment
version: '3.8'
services:
proxy:
image: traefik:v2.2
restart: always
command:
- --api.insecure=true
- --providers.docker=true
- --api.debug=true
- --providers.docker.network=assos-network-web
- --entrypoints.assosuite-web.address=:80
- --entrypoints.assosuite-web-secured.address=:443
- --providers.file.filename=/dynamic.yaml
- --certificatesresolvers.assosuite-challenge.acme.tlschallenge=true
- --certificatesresolvers.assosuite-challenge.acme.email=tolstoyfafa@gmail.com
- --certificatesresolvers.assosuite-challenge.acme.storage=/letsencrypt/acme.json
ports:
- 80:80
- 8080:8080
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./config/letsencrypt:/letsencrypt
- ./config/dynamic.yaml:/dynamic.yaml
networks:
- assos-network-web
backend:
image: "docker.pkg.github.com/tolstoyfafa/assos_suite/assos-backend:${APP_VERSION}"
restart: always
depends_on:
- mongo
labels:
- "traefik.http.routers.assos-back-router.rule=Host(`${BACKEND_DN}`)"
- "traefik.http.routers.assos-back-entrypoint.entrypoints=assosuite-web"
- "traefik.http.services.backend.loadbalancer.server.port=8080"
- "traefik.http.middlewares.back-headers.headers.accesscontrolallowmethods=GET,OPTIONS,PUT,POST,DELETE"
- "traefik.http.middlewares.back-headers.headers.addvaryheader=true"
- "traefik.http.middlewares.back-headers.headers.accesscontrolallowheaders=*"
- "traefik.http.middlewares.back-headers.headers.accesscontrolallowcredentials=true"
- "traefik.http.middlewares.back-headers.headers.accesscontrolalloworiginlist=*"
- "traefik.http.routers.assos-back-secured.rule=Host(`${BACKEND_DN}`)"
- "traefik.http.routers.assos-back-secured.entrypoints=assosuite-web-secured"
- "traefik.http.routers.assos-back-secured.tls.certresolver=assosuite-challenge"
networks:
- assos-network-web
- backend-network
environment:
- MAIL_USERNAME=${MAIL_USERNAME}
- MAIL_PASSWORD=${MAIL_PASSWORD}
- JWT_SECRET=${JWT_SECRET}
- JWT_DURATION=${JWT_DURATION}
frontend:
image: "docker.pkg.github.com/tolstoyfafa/assos_suite/assos-frontend:${APP_VERSION}"
restart: always
depends_on:
- backend
labels:
- "traefik.http.routers.assos-front-router.rule=Host(`${FRONTEND_DN}`)"
- "traefik.http.routers.assos-front-entrypoint.entrypoints=assosuite-web"
- "traefik.http.routers.assos-front-secured.rule=Host(`${FRONTEND_DN}`)"
- "traefik.http.routers.assos-front-secured.entrypoints=assosuite-web-secured"
- "traefik.http.routers.assos-front-secured.tls.certresolver=assosuite-challenge"
volumes:
- ./config/nginx.conf:/etc/nginx/nginx.conf
networks:
- assos-network-web
environment:
- API_URL=${ENV_API_URL}
mongo:
image: mongo
restart: always
networks:
- backend-network
labels:
- "treafik.enable=false"
volumes:
- ./data/db:/data/db
networks:
assos-network-web:
internal: false
backend-network:
internal: true