Simplify docker-compose* files, add compose.yml

2024-05-06 13:11:59 -03:00 · 2024-05-06 13:11:59 -03:00 · 3a6a7e870a
parent 546536fb55
commit 3a6a7e870a
4 changed files with 102 additions and 56 deletions
--- a/compose.yml
+++ b/compose.yml
@ -0,0 +1,89 @@
+---
+version: "3.8"
+
+services:
+  app:
+    image: git.autonomic.zone/autonomic-cooperative/justice-equity-technology-astro:latest
+    environment:
+      - PAYLOAD_URL=${STACK_NAME}_payload
+    secrets:
+      - mongo_password
+      - payload_secret
+    networks:
+      - proxy
+      - internal
+    deploy:
+      update_config:
+        failure_action: rollback
+        order: start-first
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}-astro.loadbalancer.server.port=80"
+        - "traefik.http.routers.${STACK_NAME}-astro.rule=Host(`${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}-astro.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}-astro.tls.certresolver=production"
+
+  payload:
+    image: git.autonomic.zone/autonomic-cooperative/justice-equity-technology-payload:latest
+    environment:
+      - "NAME=${STACK_NAME}"
+      - "PAYLOAD_URL=${STACK_NAME}_payload"
+      - "PAYLOAD_PORT=3001"
+      - "PAYLOAD_SECRET_FILE=/run/secrets/payload_secret"
+      - "MONGODB_USER=mongo"
+      - "MONGODB_HOST=${STACK_NAME}_mongo"
+      - "MONGODB_PORT=27017"
+      - "MONGODB_PASSWORD_FILE=/run/secrets/mongo_password"
+      - "TOKEN_FILE=/run/secrets/token"
+    secrets:
+      - mongo_password
+      - payload_secret
+      - token
+    networks:
+      - proxy
+      - internal
+    deploy:
+      update_config:
+        failure_action: rollback
+        order: start-first
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}-payload.loadbalancer.server.port=3001"
+        # FIXME switch to /admin probably using PathPrefix
+        - "traefik.http.routers.${STACK_NAME}-payload.rule=Host(`admin.${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}-payload.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}-payload.tls.certresolver=production"
+
+  mongo:
+    image: mongo:6.0.5
+    restart: unless-stopped
+    volumes:
+      - mongo:/data/db
+    command:
+      - --storageEngine=wiredTiger
+    environment:
+      - "MONGO_INITDB_ROOT_USERNAME=mongo"
+      - "MONGO_INITDB_ROOT_PASSWORD_FILE=/run/secrets/mongo_password"
+    secrets:
+      - mongo_password
+    networks:
+      - internal
+
+networks:
+  proxy:
+    external: true
+  internal:
+
+secrets:
+  payload_secret:
+    external: true
+    name: ${STACK_NAME}_payload_secret_${SECRET_PAYLOAD_SECRET_VERSION}
+  token:
+    external: true
+    name: ${STACK_NAME}_token_${SECRET_TOKEN_VERSION}
+  mongo_password:
+    external: true
+    name: ${STACK_NAME}_mongo_password_${SECRET_MONGO_PASSWORD_VERSION}
+
+volumes:
+  mongo:
--- a/docker-compose-dev.yml
+++ b/docker-compose-dev.yml
@ -1,22 +0,0 @@
-services:
-  astro:
-    build:
-      target: dev
-    volumes:
-      - ./astro:/base
-      - /base/node_modules/
-    ports:
-      - 3000:3000
-
-  payload:
-    build:
-      target: dev
-    volumes:
-      - ./payload/src:/base/src
-      - ./astro/src/types.ts:/types.ts
-    ports:
-      - 3001:3001
-
-  mongo:
-    ports:
-      - 27017:27017
--- a/docker-compose-prod.yml
+++ b/docker-compose-prod.yml
@ -1,34 +0,0 @@
-services:
-  astro:
-    build:
-      context: astro
-      target: prod
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.${NAME}-astro.rule=Host(`${ASTRO_HOST}`)"
-      - "traefik.http.routers.${NAME}-astro.entrypoints=https"
-      - "traefik.http.routers.${NAME}-astro.tls.certresolver=httpresolver"
-      - traefik.docker.network=traefik_network
-    networks:
-      - traefik_network
-
-  payload:
-    build:
-      context: payload
-      target: prod
-    volumes:
-      - ./data/media:/prod/dist/media
-    environment:
-      - REPOSITORY=${REPOSITORY}
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.${NAME}-payload.rule=Host(`${PAYLOAD_HOST}`)
-      - traefik.http.routers.${NAME}-payload.entrypoints=https
-      - traefik.http.routers.${NAME}-payload.tls.certresolver=httpresolver
-      - traefik.docker.network=traefik_network
-    networks:
-      - traefik_network
-
-networks:
-  traefik_network:
-    external: true
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -4,8 +4,14 @@ services:
    restart: unless-stopped
    build:
      context: astro
+      target: de
    networks:
      - front
+    volumes:
+      - ./astro:/base
+      - /base/node_modules/
+    ports:
+      - 3000:3000
    depends_on:
      - payload

@ -21,6 +27,11 @@ services:
      PAYLOAD_SECRET: ${PAYLOAD_SECRET}
      MONGODB_URI: ${MONGODB_URI}
      TOKEN: ${TOKEN}
+    volumes:
+      - ./payload/src:/base/src
+      - ./astro/src/types.ts:/types.ts
+    ports:
+      - 3001:3001
    networks:
      - front
      - back
@ -40,6 +51,8 @@ services:
      MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PW}
    networks:
      - back
+    ports:
+      - 27017:27017

 networks:
  front: