docker-compose.prod.yml 3.38 KB
Newer Older
Jacob Priddy's avatar
Jacob Priddy committed
1
version: '3.8'
Jacob Priddy's avatar
Jacob Priddy committed
2 3 4

networks:
  doorcode:
Jacob Priddy's avatar
Jacob Priddy committed
5
    attachable: true
Jacob Priddy's avatar
Jacob Priddy committed
6

Jacob Priddy's avatar
Jacob Priddy committed
7 8 9 10 11
configs:
  laravel_env:
    name: laravel_env-${CI_JOB_ID}
    file: $PROJ_DIR/.env

Jacob Priddy's avatar
Jacob Priddy committed
12 13
secrets:
  webserver_cert:
Jacob Priddy's avatar
Jacob Priddy committed
14
    name: webserver_cert-${CI_JOB_ID}
Jacob Priddy's avatar
Jacob Priddy committed
15
    file: $WEBSERVER_CERT
Jacob Priddy's avatar
Jacob Priddy committed
16
  webserver_key:
Jacob Priddy's avatar
Jacob Priddy committed
17
    name: webserver_key-${CI_JOB_ID}
Jacob Priddy's avatar
Jacob Priddy committed
18
    file: $WEBSERVER_KEY
Jacob Priddy's avatar
Jacob Priddy committed
19
  root_cert:
Jacob Priddy's avatar
Jacob Priddy committed
20
    name: root_cert-${CI_JOB_ID}
Jacob Priddy's avatar
Jacob Priddy committed
21
    file: $ROOT_CERT
22
  wwu_webserver_cert:
Jacob Priddy's avatar
Jacob Priddy committed
23
    name: wwu_webserver_cert-${CI_JOB_ID}
Jacob Priddy's avatar
Jacob Priddy committed
24
    file: $WWU_WEBSERVER_CERT
25
  wwu_webserver_key:
Jacob Priddy's avatar
Jacob Priddy committed
26
    name: wwu_webserver_key-${CI_JOB_ID}
Jacob Priddy's avatar
Jacob Priddy committed
27
    file: $WWU_WEBSERVER_KEY
28
  wwu_root_cert:
Jacob Priddy's avatar
Jacob Priddy committed
29
    name: wwu_root_cert-${CI_JOB_ID}
Jacob Priddy's avatar
Jacob Priddy committed
30
    file: $WWU_ROOT_CERT
Jacob Priddy's avatar
Jacob Priddy committed
31
  postgres_password:
Jacob Priddy's avatar
Jacob Priddy committed
32
    name: postgres_password-${CI_JOB_ID}
Jacob Priddy's avatar
Jacob Priddy committed
33
    file: $POSTGRES_PASSWORD
Jacob Priddy's avatar
Jacob Priddy committed
34 35

volumes:
36
  doorcode_db:
Jacob Priddy's avatar
Jacob Priddy committed
37 38 39
    external: true
  doorcode_pgadmin-data:
    external: true
Jacob Priddy's avatar
Jacob Priddy committed
40 41 42

services:
  webserver:
Jacob Priddy's avatar
Jacob Priddy committed
43
    image: $NGINX_IMAGE_NAME
Jacob Priddy's avatar
Jacob Priddy committed
44 45 46 47 48
    healthcheck:
      test: [ "CMD", "curl", "--fail", "http://localhost/health" ]
      interval: 30s
      timeout: 3s
      retries: 3
Jacob Priddy's avatar
Jacob Priddy committed
49 50 51 52
    secrets:
      - webserver_cert
      - webserver_key
      - root_cert
53 54 55
      - wwu_webserver_cert
      - wwu_webserver_key
      - wwu_root_cert
Jacob Priddy's avatar
Jacob Priddy committed
56
    ports:
Jacob Priddy's avatar
Jacob Priddy committed
57 58
      - target: 4433
        published: 4433
Jacob Priddy's avatar
Jacob Priddy committed
59
        mode: host
Jacob Priddy's avatar
Jacob Priddy committed
60 61
      - target: 443
        published: 443
Jacob Priddy's avatar
Jacob Priddy committed
62
        mode: host
Jacob Priddy's avatar
Jacob Priddy committed
63 64
      - target: 80
        published: 80
Jacob Priddy's avatar
Jacob Priddy committed
65
        mode: host
Jacob Priddy's avatar
Jacob Priddy committed
66
    volumes:
Jacob Priddy's avatar
Jacob Priddy committed
67 68 69
      - $PROJ_DIR/simple-saml/cert:/var/simplesamlphp/cert:ro
      - $PROJ_DIR/simple-saml/config:/var/simplesamlphp/config:ro
      - $PROJ_DIR/simple-saml/metadata:/var/simplesamlphp/metadata
70 71 72 73
    logging:
      options:
        max-size: "10m"
        max-file: "3"
Jacob Priddy's avatar
Jacob Priddy committed
74 75
    networks:
      - doorcode
Jacob Priddy's avatar
Jacob Priddy committed
76 77 78 79 80 81 82 83
    deploy:
      update_config:
        order: start-first
        failure_action: rollback
        delay: 5s
      rollback_config:
        parallelism: 0
        order: stop-first
Jacob Priddy's avatar
Jacob Priddy committed
84
  postgres:
85
    image: postgres:13-alpine
86 87
    secrets:
      - postgres_password
Jacob Priddy's avatar
Jacob Priddy committed
88
    volumes:
89
      - doorcode_db:/var/lib/postgresql/data
Jacob Priddy's avatar
Jacob Priddy committed
90 91 92 93
    environment:
      POSTGRES_USER: web
      POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password
      POSTGRES_DB: doorcode
Jacob Priddy's avatar
Jacob Priddy committed
94
      TZ: America/Los_Angeles
95 96 97 98
    logging:
      options:
        max-size: "10m"
        max-file: "3"
Jacob Priddy's avatar
Jacob Priddy committed
99 100 101
    networks:
      - doorcode
  dbadmin:
Jacob Priddy's avatar
Jacob Priddy committed
102
    image: dpage/pgadmin4:4.24
Jacob Priddy's avatar
Jacob Priddy committed
103
    volumes:
Jacob Priddy's avatar
Jacob Priddy committed
104
      - doorcode_pgadmin-data:/var/lib/pgadmin
Jacob Priddy's avatar
Jacob Priddy committed
105
    environment:
Jacob Priddy's avatar
Jacob Priddy committed
106 107
      PGADMIN_DEFAULT_EMAIL: admin@elock
      PGADMIN_DEFAULT_PASSWORD: Please change the default password.
108 109 110 111
    logging:
      options:
        max-size: "10m"
        max-file: "3"
Jacob Priddy's avatar
Jacob Priddy committed
112 113 114
    networks:
      - doorcode
  api:
Jacob Priddy's avatar
Jacob Priddy committed
115
    image: $DOORCODE_IMAGE_NAME
Jacob Priddy's avatar
Jacob Priddy committed
116 117 118 119 120 121 122 123 124 125
    environment:
      TZ: America/Los_Angeles
    configs:
      - source: laravel_env
        target: /var/www/backend/.env
    healthcheck:
      test: [ "CMD", "/healthcheck.sh" ]
      interval: 30s
      timeout: 3s
      retries: 3
Jacob Priddy's avatar
Jacob Priddy committed
126
    volumes:
Jacob Priddy's avatar
Jacob Priddy committed
127 128 129 130
      - $PROJ_DIR/controller-bins:/var/www/backend/storage/app/controller/binaries:ro
      - $PROJ_DIR/simple-saml/cert:/var/simplesamlphp/cert:ro
      - $PROJ_DIR/simple-saml/config:/var/simplesamlphp/config:ro
      - $PROJ_DIR/simple-saml/metadata:/var/simplesamlphp/metadata
131 132 133 134
    logging:
      options:
        max-size: "10m"
        max-file: "3"
Jacob Priddy's avatar
Jacob Priddy committed
135 136
    networks:
      - doorcode
Jacob Priddy's avatar
Jacob Priddy committed
137 138 139 140 141 142 143 144
    deploy:
      update_config:
        order: start-first
        failure_action: rollback
        delay: 5s
      rollback_config:
        parallelism: 0
        order: stop-first