-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose-prd.yml
95 lines (90 loc) · 3.26 KB
/
docker-compose-prd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
version: "3.8"
services:
app:
image: ghcr.io/sohosai/sos24-server:prd
restart: unless-stopped
depends_on:
- sos24-traefik
environment:
- HOST=0.0.0.0
- PORT=${PORT}
- POSTGRES_DB_URL=${POSTGRES_DB_URL}
- FIREBASE_PROJECT_ID=${FIREBASE_PROJECT_ID}
- FIREBASE_SERVICE_ACCOUNT_KEY=${FIREBASE_SERVICE_ACCOUNT_KEY}
- PROJECT_APPLICATION_START_AT=${PROJECT_APPLICATION_START_AT}
- PROJECT_APPLICATION_END_AT=${PROJECT_APPLICATION_END_AT}
- REQUIRE_EMAIL_VERIFICATION=${REQUIRE_EMAIL_VERIFICATION}
- MONGO_DB_URL=${MONGO_DB_URL}
- MONGO_DB=${MONGO_DB}
- S3_ENDPOINT=${S3_ENDPOINT}
- S3_REGION=${S3_REGION}
- S3_BUCKET=${S3_BUCKET}
- S3_ACCESS_KEY_ID=${S3_ACCESS_KEY_ID}
- S3_SECRET_ACCESS_KEY=${S3_SECRET_ACCESS_KEY}
- SEND_GRID_API_KEY=${SEND_GRID_API_KEY}
- EMAIL_SENDER_ADDRESS=${EMAIL_SENDER_ADDRESS}
- EMAIL_REPLY_TO_ADDRESS=${EMAIL_REPLY_TO_ADDRESS}
- APP_URL=${APP_URL}
- SLACK_WEBHOOK_URL=${SLACK_WEBHOOK_URL}
labels:
- traefik.enable=true
- traefik.docker.network=sos24-traefik
- traefik.http.services.sos24-server.loadbalancer.server.port=${PORT}
- traefik.http.routers.sos24-server.rule=Host(`api.sos24.sohosai.com`)
- traefik.http.routers.sos24-server.entrypoints=websecure
- traefik.http.routers.sos24-server.tls.certresolver=leresolver
networks:
- sos24-traefik
- sos24-server-prd
mongo:
image: mongo
restart: always
volumes:
- mongodb-data:/data/db
environment:
- MONGO_INITDB_ROOT_USERNAME=${MONGO_INITDB_ROOT_USERNAME}
- MONGO_INITDB_ROOT_PASSWORD=${MONGO_INITDB_ROOT_PASSWORD}
networks:
- sos24-server-prd
sos24-traefik:
image: traefik:latest
restart: unless-stopped
command:
- --api.insecure=true
- --providers.docker
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --entrypoints.traefik.address=:8080
- --certificatesresolvers.leresolver.acme.email=${LETSENCRYPT_EMAIL}
- --certificatesresolvers.leresolver.acme.storage=/letsencrypt/acme.json
- --certificatesresolvers.leresolver.acme.tlschallenge=true
- --certificatesresolvers.leresolver.acme.httpchallenge.entrypoint=web
labels:
- traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
- traefik.http.routers.http-catchall.entrypoints=web
- traefik.http.routers.http-catchall.middlewares=redirect-to-https
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
# traefikダッシュボード(sohosai internalからのみアクセス可能)
- traefik.http.routers.dashboard.entrypoints=traefik
- traefik.http.routers.dashboard.service=api@internal
- traefik.http.routers.dashboard.rule=Host(`sos24-production.server.sohosai.internal`)
ports:
- "8080:8080"
- "80:80"
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- traefik-letsencrypt:/letsencrypt
networks:
- sos24-traefik
volumes:
mongodb-data:
traefik-letsencrypt:
networks:
sos24-traefik:
name: sos24-traefik
attachable: true
external: true
sos24-server-prd:
name: sos24-server-prd
internal: true