-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathdocker-compose.server.yml
More file actions
110 lines (109 loc) · 3.73 KB
/
docker-compose.server.yml
File metadata and controls
110 lines (109 loc) · 3.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
services:
app:
container_name: app
image: ${ECR_REGISTRY}/trassenscout/app:${NEXT_PUBLIC_APP_ENV}-latest
ports:
- "3000:3000"
restart: unless-stopped
env_file: ".env"
environment:
FORCE_COLOR: 1
# We access `.env` variables directly here
labels:
traefik.enable: true
# Main router for trassenscout.de
traefik.http.routers.server.rule: Host(`${APP_DOMAIN}`)
traefik.http.routers.server.entrypoints: websecure
traefik.http.routers.server.tls.certresolver: letsencrypt
traefik.http.routers.server.tls: true
traefik.http.services.container.loadbalancer.server.port: 3000
# WWW redirect router
traefik.http.routers.www-redirect.rule: Host(`www.${APP_DOMAIN}`)
traefik.http.routers.www-redirect.entrypoints: websecure
traefik.http.routers.www-redirect.tls.certresolver: letsencrypt
traefik.http.routers.www-redirect.tls: true
traefik.http.routers.www-redirect.middlewares: www-redirect-middleware
# WWW redirect middleware
traefik.http.middlewares.www-redirect-middleware.redirectregex.regex: ^https://www\.(.*)
traefik.http.middlewares.www-redirect-middleware.redirectregex.replacement: https://$${1}
traefik.http.middlewares.www-redirect-middleware.redirectregex.permanent: true
depends_on:
db:
condition: service_healthy
logging:
driver: journald
db:
container_name: db
image: postgres:16-alpine
restart: unless-stopped
ports:
- "5432:5432"
environment:
POSTGRES_DB: ${POSTGRES_DB}
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
LANG: en_US.UTF-8
LC_ALL: en_US.UTF-8
TZ: Europe/Berlin
volumes:
- pgdata:/var/lib/postgresql/data
healthcheck:
# We access `.env` variables directly here
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
interval: 5s
timeout: 5s
retries: 5
logging:
driver: journald
traefik:
container_name: traefik
image: traefik:v3.6
restart: unless-stopped
environment:
TZ: Europe/Berlin
command:
- "--log.level=INFO"
- "--api.insecure=false"
- "--api.dashboard=false"
- "--providers.docker=true"
# Do not expose containers unless explicitly told so
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=dev-team@fixmycity.de"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./letsencrypt:/letsencrypt"
logging:
driver: journald
imap-listener:
container_name: imap-listener
image: ${ECR_REGISTRY}/trassenscout/imap-listener:${NEXT_PUBLIC_APP_ENV}-latest
restart: unless-stopped
env_file: ".env"
environment:
TZ: Europe/Berlin
NODE_ENV: production
ports:
- "3100:3100" # Health check endpoint
depends_on:
- app
- db
healthcheck:
test: ["CMD-SHELL", "node -e \"require('http').get('http://localhost:3100/health', (res) => process.exit(res.statusCode === 200 ? 0 : 1)).on('error', () => process.exit(1))\""]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
logging:
driver: journald
volumes:
pgdata: