2a5/compose.yaml at main · reckseba/2a5 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
services:
  db:
    image: postgres:18@sha256:b6b4d0b75c699a2c94dfc5a94fe09f38630f3b67ab0e1653ede1b7ac8e13c197
    environment:
      POSTGRES_PASSWORD: ${DATABASE_SUPERUSER_PASSWORD}
      DATABASE_ORM_PASSWORD: ${DATABASE_ORM_PASSWORD}
      DATABASE_ORM_USERNAME: ${DATABASE_ORM_USERNAME}
      DATABASE_APP_PASSWORD: ${DATABASE_APP_PASSWORD}
      DATABASE_APP_USERNAME: ${DATABASE_APP_USERNAME}
      DATABASE_NAME: ${DATABASE_NAME}
    restart: unless-stopped
    volumes:
      - db-data:/var/lib/postgresql
      - ./init-user-db.sh:/docker-entrypoint-initdb.d/init-user-db.sh:ro
    healthcheck:
      test:
        - CMD-SHELL
        - pg_isready -U postgres -d postgres
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      - internal

  prisma:
    build:
      context: ./api/
      dockerfile: Dockerfile.prisma
    depends_on:
      db:
        condition: service_healthy
    restart: no
    environment:
      DATABASE_URL: "postgresql://${DATABASE_ORM_USERNAME}:${DATABASE_ORM_PASSWORD}@db:5432/${DATABASE_NAME}?schema=appschema"
    networks:
      - internal

  api:
    build:
      context: ./api/
      dockerfile: Dockerfile.api
      target: runner
    depends_on:
      db:
        condition: service_healthy
      prisma:
        condition: service_completed_successfully
    restart: unless-stopped
    environment:
      DATABASE_URL: "postgresql://${DATABASE_APP_USERNAME}:${DATABASE_APP_PASSWORD}@db:5432/${DATABASE_NAME}?schema=appschema"
      API_BEARER_TOKEN: ${API_BEARER_TOKEN}
      LINK_PROTOCOL: ${LINK_PROTOCOL}
      LINK_HOSTNAME: ${LINK_HOSTNAME}
      LINK_PORT: ${LINK_PORT}
    networks:
      - internal

  app:
    build:
      context: ./app/
      dockerfile: Dockerfile
      target: runner
    depends_on:
      db:
        condition: service_healthy
      api:
        condition: service_healthy
    expose:
      - ${DOCKER_APP_PORT}
    restart: unless-stopped
    environment:
      DOCKER_API_HOSTNAME: api
      DOCKER_API_PORT: 3000
    labels:
      - traefik.enable=true
      - traefik.http.routers.${DOCKER_APP_TRAEFIK_NAME_HTTP}.rule=Host(`${LINK_HOSTNAME}`)
      - traefik.http.routers.${DOCKER_APP_TRAEFIK_NAME_HTTP}.entrypoints=web
      - traefik.http.services.${DOCKER_APP_TRAEFIK_NAME_HTTP}.loadbalancer.server.port=${DOCKER_APP_PORT}
      - traefik.http.routers.${DOCKER_APP_TRAEFIK_NAME_HTTP}.service=${DOCKER_APP_TRAEFIK_NAME_HTTP}
      - traefik.http.routers.${DOCKER_APP_TRAEFIK_NAME_HTTP}.middlewares=redirect-to-https@file
      - traefik.http.routers.${DOCKER_APP_TRAEFIK_NAME_HTTPS}.rule=Host(`${LINK_HOSTNAME}`)
      - traefik.http.routers.${DOCKER_APP_TRAEFIK_NAME_HTTPS}.entrypoints=websecure
      - traefik.http.services.${DOCKER_APP_TRAEFIK_NAME_HTTPS}.loadbalancer.server.port=${DOCKER_APP_PORT}
      - traefik.http.routers.${DOCKER_APP_TRAEFIK_NAME_HTTPS}.service=${DOCKER_APP_TRAEFIK_NAME_HTTPS}
      - traefik.http.routers.${DOCKER_APP_TRAEFIK_NAME_HTTPS}.tls.certresolver=letsencrypt
    networks:
      - dokploy-network
      - internal

  admin:
    build:
      context: ./admin/
      dockerfile: Dockerfile
      target: runner
    restart: unless-stopped
    depends_on:
      db:
        condition: service_healthy
      api:
        condition: service_healthy
    expose:
      - ${DOCKER_ADMIN_PORT}
    environment:
      API_BEARER_TOKEN: ${API_BEARER_TOKEN}
      DOCKER_API_HOSTNAME: api
      DOCKER_API_PORT: 3000
    labels:
      - traefik.enable=true
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTP}.rule=Host(`${ADMIN_HOSTNAME}`)
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTP}.entrypoints=web
      - traefik.http.services.${DOCKER_ADMIN_TRAEFIK_NAME_HTTP}.loadbalancer.server.port=${DOCKER_ADMIN_PORT}
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTP}.service=${DOCKER_ADMIN_TRAEFIK_NAME_HTTP}
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTP}.middlewares=redirect-to-https@file
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTPS}.rule=Host(`${ADMIN_HOSTNAME}`)
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTPS}.entrypoints=websecure
      - traefik.http.services.${DOCKER_ADMIN_TRAEFIK_NAME_HTTPS}.loadbalancer.server.port=${DOCKER_ADMIN_PORT}
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTPS}.service=${DOCKER_ADMIN_TRAEFIK_NAME_HTTPS}
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTPS}.tls.certresolver=letsencrypt
      - traefik.http.middlewares.${DOCKER_ADMIN_TRAEFIK_NAME_MIDDLEWARE}.basicauth.users=${ADMIN_BASIC_AUTH}
      - traefik.http.middlewares.${DOCKER_ADMIN_TRAEFIK_NAME_MIDDLEWARE}.basicauth.realm=${DOCKER_ADMIN_TRAEFIK_NAME_REALM}
      - traefik.http.routers.${DOCKER_ADMIN_TRAEFIK_NAME_HTTPS}.middlewares=${DOCKER_ADMIN_TRAEFIK_NAME_MIDDLEWARE}
    networks:
      - dokploy-network
      - internal

volumes:
  db-data:

networks:
  internal:
    driver: bridge
    internal: true
  dokploy-network:
    external: true