-
-
Notifications
You must be signed in to change notification settings - Fork 33
Expand file tree
/
Copy pathdocker-compose-prod.yml
More file actions
124 lines (118 loc) · 3.32 KB
/
docker-compose-prod.yml
File metadata and controls
124 lines (118 loc) · 3.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
services:
app:
image: ${CONTAINER_DEPLOY_IMAGE:-fablabsio}
build: .
# command: bundle exec puma -C config/puma.rb
volumes:
- .:/fablabs
- /fablabs/tmp
env_file: .env
environment:
RAILS_ENV: production
depends_on:
- db
- redis
labels:
- "traefik.enable=true"
- "traefik.docker.network=fablabsio_web"
- "traefik.http.services.fablabsservice.loadbalancer.server.port=3000"
- "traefik.http.routers.fablabsweb.rule=Host(`fablabs.io`) || Host(`www.fablabs.io`) || Host(`api.fablabs.io`)"
- "traefik.http.routers.fablabsweb.entrypoints=websecure"
- "traefik.http.routers.fablabsweb.tls=true"
- "traefik.http.routers.fablabsweb.tls.certresolver=letsencrypt"
restart: unless-stopped
networks:
- internal
- web
logging:
driver: "json-file"
options:
max-size: "100m"
worker:
image: ${CONTAINER_DEPLOY_IMAGE:-fablabsio}
build: .
command: bundle exec sidekiq
volumes_from:
- app
env_file: .env
environment:
RAILS_ENV: production
depends_on:
- app
- redis
- db
restart: unless-stopped
networks:
- internal
logging:
driver: "json-file"
options:
max-size: "100m"
db:
image: postgres:14.20-bookworm
restart: unless-stopped
# environment:
# POSTGRES_USER: postgres
# POSTGRES_PASSWORD: password
volumes:
- postgres-14-data:/var/lib/postgresql/data
networks:
- internal
logging:
driver: "json-file"
options:
max-size: "40m"
redis:
image: redis:8.4
restart: unless-stopped
networks:
- internal
logging:
driver: "json-file"
options:
max-size: "10m"
traefik:
image: traefik:v3.6
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
- "--log.level=WARN"
- "--accesslog=true"
- "--accesslog.format=json"
- "--accesslog.filters.statuscodes=200,300-302"
- "--accesslog.filters.retryattempts"
- "--accesslog.filters.minduration=10ms"
- "--accesslog.fields.defaultmode=drop"
- "--accesslog.fields.names.StartUTC=keep"
- "--accesslog.fields.names.RouterName=keep"
- "--accesslog.fields.names.RequestHost=keep"
- "--accesslog.fields.names.RequestMethod=keep"
- "--accesslog.fields.names.RequestPath=keep"
- "--accesslog.fields.names.RequestProtocol=keep"
- "--accesslog.fields.names.RequestScheme=keep"
- "--accesslog.fields.names.DownstreamStatus=keep"
- "--accesslog.fields.headers.defaultmode=drop"
ports:
- "80:80"
- "443:443"
restart: unless-stopped
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./volumes/traefik/certs/acme.json:/letsencrypt/acme.json"
networks:
- web
logging:
driver: "json-file"
options:
max-size: "10m"
volumes:
postgres-14-data:
networks:
internal:
web:
external: false