-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathdocker-compose.prod.yml
96 lines (88 loc) · 2.9 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
version: "3.9"
volumes:
pgdata:
services:
reverse-proxy:
image: traefik:latest
restart: unless-stopped
command:
# Enables the web UI and tells Traefik to listen to docker
# "--api.insecure=true"
- "--providers.docker"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver.acme.email=${EMAIL}"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
- "--log.level=ERROR"
- "--accesslog"
# - "--log"
ports:
# The HTTP port
- "80:80"
- "443:443"
# The Web UI (enabled by --api.insecure=true)
# - "8080:8080"
volumes:
# So that Traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock
- ./certificates:/letsencrypt
media:
image: index.docker.io/nginx:alpine
restart: always
expose:
- "8080"
volumes:
- ./media:/usr/share/nginx/html:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.media.rule=Host(Host(`media.eduzen.ar`)"
- "traefik.http.routers.media.entrypoints=websecure"
- "traefik.http.routers.media.tls.certresolver=myresolver"
- "traefik.http.services.media.loadbalancer.server.port=8080"
- "traefik.media.headers.contentTypeNosniff=true"
- "traefik.media.headers.forceSTSHeader=true"
- "traefik.media.headers.browserXSSFilter=true"
web:
image: index.docker.io/eduzen/website:latest
restart: always
expose:
- 80
env_file:
- "./.env"
links:
- db
- redis
depends_on:
- db
- redis
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.rule=Host(Host(`eduzen.ar`) || Host(`eduzen.com.ar`)) || Host(`eduardoenriquez.com.ar`)"
- "traefik.http.routers.web.entrypoints=websecure"
- "traefik.http.routers.web.tls.certresolver=myresolver"
- "traefik.http.services.web.loadbalancer.server.port=8080"
- "traefik.web.headers.contentTypeNosniff=true"
- "traefik.web.headers.forceSTSHeader=true"
- "traefik.web.headers.browserXSSFilter=true"
db:
image: index.docker.io/postgres:13-alpine
restart: always
volumes:
- pgdata:/var/lib/postgresql/data/
- ./dump-2020-10-18.sql:/docker-entrypoint-initdb.d/01.sql:ro
environment:
- POSTGRES_PASSWORD=${DJANGO_POSTGRES_PASSWORD}
redis:
image: index.docker.io/redis:latest
command: redis-server --requirepass $REDIS_PASSWORD
expose:
- "6379"
watchtower:
image: index.docker.io/containrrr/watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /home/eduzen/.docker/config.json:/config.json:ro
command: --interval 60 --cleanup