146 lines
4.9 KiB
YAML
146 lines
4.9 KiB
YAML
services:
|
|
|
|
api_server:
|
|
image: furyhawk/listen:latest
|
|
restart: always
|
|
depends_on:
|
|
- postgres_db
|
|
environment:
|
|
DATABASE__HOSTNAME: ${DATABASE__HOSTNAME}
|
|
DATABASE__USERNAME: ${POSTGRES_USER}
|
|
DATABASE__PASSWORD: ${POSTGRES_PASSWORD}
|
|
DATABASE__PORT: ${DATABASE__PORT}
|
|
DATABASE__DB: ${DATABASE__DB}
|
|
SECURITY__JWT_SECRET_KEY: ${SECURITY__JWT_SECRET_KEY}
|
|
SECURITY__BACKEND_CORS_ORIGINS: ${SECURITY__BACKEND_CORS_ORIGINS}
|
|
SECURITY__ALLOWED_HOSTS: ${SECURITY__ALLOWED_HOSTS}
|
|
DOMAIN: ${DOMAIN}
|
|
networks:
|
|
- net
|
|
- traefik-public
|
|
deploy:
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik-public
|
|
- traefik.constraint-label=traefik-public
|
|
- traefik.http.routers.api_server.entrypoints=https
|
|
- traefik.http.routers.api_server.rule=Host(`api.${DOMAIN}`)
|
|
- traefik.http.routers.api_server.middlewares=rate-limit
|
|
- traefik.http.routers.api_server.tls.certresolver=le
|
|
- traefik.http.routers.api_server.service=api_server_service
|
|
- traefik.http.services.api_server_service.loadbalancer.server.port=8000
|
|
|
|
postgres_db:
|
|
image: postgres
|
|
environment:
|
|
POSTGRES_DB: ${POSTGRES_DB}
|
|
POSTGRES_USER: ${POSTGRES_USER}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
PGDATA: "/var/lib/postgresql/data"
|
|
LANG: en_US.utf8
|
|
TZ: Asia/Singapore
|
|
command: ["postgres", "-c", "log_connections=on"]
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
# - ./config/postgresql.conf:/etc/postgresql.conf
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 10
|
|
networks:
|
|
- net
|
|
- traefik-public
|
|
deploy:
|
|
placement:
|
|
constraints:
|
|
- node.labels.postgres.postgres_data == true
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik-public
|
|
- traefik.constraint-label=traefik-public
|
|
- traefik.tcp.routers.postgres.entrypoints=postgres-socket
|
|
- traefik.tcp.routers.postgres.rule=HostSNI(`*`)
|
|
- traefik.tcp.routers.postgres.service=postgres_service
|
|
- traefik.tcp.services.postgres_service.loadbalancer.server.port=5432
|
|
|
|
osrm-backend:
|
|
environment:
|
|
# OSRM manager setup
|
|
- OSRM_ALGORITHM=mld
|
|
- OSRM_THREADS=2
|
|
- OSRM_PORT=${OSRM_PORT:-5000}
|
|
- OSRM_PROFILE=/opt/car.lua
|
|
- OSRM_MAP_NAME=${OSRM_MAP_NAME}
|
|
- OSRM_GEOFABRIK_PATH=${OSRM_GEOFABRIK_PATH}
|
|
# Notify OSRM Manager to restart without stopping container
|
|
- OSRM_NOTIFY_FILEPATH=/data/osrm_notify.txt
|
|
- DOMAIN=${DOMAIN}
|
|
image: furyhawk/osrm-backend:${OSRM_VERSION:-latest}
|
|
restart: unless-stopped
|
|
networks:
|
|
- traefik-public
|
|
deploy:
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik-public
|
|
- traefik.constraint-label=traefik-public
|
|
- traefik.http.routers.osrm-backend.entrypoints=https
|
|
- traefik.http.routers.osrm-backend.rule=Host(`osrm.${DOMAIN}`)
|
|
- traefik.http.routers.osrm-backend.middlewares=rate-limit
|
|
- traefik.http.routers.osrm-backend.tls.certresolver=le
|
|
- traefik.http.routers.osrm-backend.service=osrm_backend_service
|
|
- traefik.http.services.osrm_backend_service.loadbalancer.server.port=${OSRM_PORT:-5000}
|
|
|
|
dozzle:
|
|
image: amir20/dozzle:latest
|
|
restart: always
|
|
environment:
|
|
- DOMAIN=${DOMAIN}
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
networks:
|
|
- traefik-public
|
|
deploy:
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik-public
|
|
- traefik.constraint-label=traefik-public
|
|
- traefik.http.routers.dozzle.entrypoints=https
|
|
- traefik.http.routers.dozzle.rule=Host(`log.${DOMAIN}`)
|
|
- traefik.http.routers.dozzle.middlewares=admin-auth
|
|
- traefik.http.routers.dozzle.tls.certresolver=le
|
|
- traefik.http.routers.dozzle.service=dozzle_service
|
|
- traefik.http.services.dozzle_service.loadbalancer.server.port=8080
|
|
|
|
# WhoAmI - For Testing and Troubleshooting
|
|
whoami:
|
|
image: traefik/whoami
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
restart: unless-stopped
|
|
networks:
|
|
- traefik-public
|
|
deploy:
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik-public
|
|
- traefik.constraint-label=traefik-public
|
|
- traefik.http.routers.whoami-rtr.entrypoints=https
|
|
- traefik.http.routers.whoami-rtr.rule=Host(`whoami.$DOMAIN`)
|
|
- traefik.http.routers.whoami-rtr.tls.certresolver=le
|
|
- traefik.http.routers.whoami-rtr.service=whoami-svc
|
|
- traefik.http.services.whoami-svc.loadbalancer.server.port=80
|
|
|
|
volumes:
|
|
postgres_data: {}
|
|
networks:
|
|
net:
|
|
driver: overlay
|
|
attachable: true
|
|
traefik-public:
|
|
external: true
|