-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.prod.yml
65 lines (63 loc) · 1.74 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
version: '3.7'
volumes:
db: {}
redis: {}
services:
reverse_proxy:
image: traefik
restart: always
command:
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web80.address=:80
- --entrypoints.web443.address=:443
- --certificatesresolvers.letsencrypt=true
- --certificatesresolvers.letsencrypt.acme.email=$LETSENCRYPT_EMAIL
- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
- --entrypoints.web443.http.tls=true
- --entrypoints.web443.http.tls.certresolver=letsencrypt
- --entrypoints.web80.http.redirections.entrypoint.to=web443
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
app:
image: ghcr.io/stw-on/sheriff
env_file: .env
restart: always
expose:
- 80
labels:
- traefik.enable=true
- traefik.http.routers.sheriff.rule=Host(`$SHERIFF_HOST`)
- traefik.http.middlewares.sheriff-middlewares.headers.framedeny=true
- traefik.http.middlewares.sheriff-middlewares.headers.sslredirect=true
- traefik.http.middlewares.sheriff-middlewares.headers.stsSeconds=31536000
worker:
image: ghcr.io/stw-on/sheriff
env_file: .env
command: worker
restart: always
scheduler:
image: ghcr.io/stw-on/sheriff
env_file: .env
command: scheduler
restart: always
db:
image: postgres:14-alpine
restart: always
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
volumes:
- db:/var/lib/postgresql/data
redis:
image: redis:alpine
volumes:
- redis:/data
restart: always
pdfrenderer:
image: timoschwarzer/headless-pdf-renderer
restart: on-failure
cap_add:
- SYS_ADMIN