-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.prod.yml
100 lines (100 loc) · 2.62 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
networks:
web:
external: true
internal:
external: false
services:
api:
build:
context: api
dockerfile: Dockerfile.prod
args:
POETRY_VERSION: ${POETRY_VERSION}
API_PORT: ${API_PORT}
ports:
- "${API_PORT}:${API_PORT}"
env_file:
- ./.env
environment:
API_ENV: prod
API_PORT: ${API_PORT}
ADMIN_USER: ${ADMIN_USER}
ADMIN_PASSWORD_HASHED: /run/secrets/admin_password_hash
SECRET_KEY: /run/secrets/api_secret
DB_HOST: ${DB_HOST}
DB_USER: ${DB_USER}
DB_PASSWORD: /run/secrets/db_password
DB_NAME: ${DB_NAME}
labels:
- "traefik.enable=true"
- "traefik.http.routers.blanket_api.rule=Host(`${API_HOST}`)"
- "traefik.http.routers.blanket_api.tls=true"
- "traefik.http.routers.blanket_api.tls.certresolver=lets-encrypt"
- "traefik.http.services.blanket_api.loadbalancer.server.port=${API_PORT}"
networks:
- internal
- web
secrets:
- api_secret
- admin_password_hash
- db_password
client:
build:
context: client
dockerfile: Dockerfile.prod
args:
API_URL: "http://api:${API_PORT}"
CLIENT_PORT: ${CLIENT_PORT}
ports:
- "${CLIENT_PORT}:${CLIENT_PORT}"
environment:
API_URL: "http://api:${API_PORT}"
CLIENT_PORT: ${CLIENT_PORT}
labels:
- "traefik.enable=true"
- "traefik.http.routers.blanket_client.rule=Host(`${CLIENT_HOST}`)"
- "traefik.http.routers.blanket_client.tls=true"
- "traefik.http.routers.blanket_client.tls.certresolver=lets-encrypt"
- "traefik.http.services.blanket_client.loadbalancer.server.port=${CLIENT_PORT}"
networks:
- internal
- web
depends_on:
- api
daemon:
depends_on:
- api
build:
context: daemon
dockerfile: Dockerfile
args:
POETRY_VERSION: ${POETRY_VERSION}
DAY_CHECK: ${DAY_CHECK}
NIGHT_CHECK: ${NIGHT_CHECK}
environment:
ENV: prod
API_ENDPOINT: http://api:${API_PORT}
METOFFICE_SECRET: /run/secrets/metoffice_secret
API_USER: ${ADMIN_USER}
API_PASSWORD: /run/secrets/admin_password
STATION_ID: ${STATION_ID}
DAY_START: ${DAWN}
DAY_END: ${DUSK}
NIGHT_START: ${DUSK}
NIGHT_END: ${DAWN}
secrets:
- metoffice_secret
- admin_password
networks:
- internal
secrets:
api_secret:
file: api-secret.txt
admin_password_hash:
file: admin-password-hash.txt
db_password:
file: db-password.txt
metoffice_secret:
file: metoffice-secret.txt
admin_password:
file: admin-password.txt