diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..6da96c0 --- /dev/null +++ b/compose.yml @@ -0,0 +1,89 @@ +--- +version: "3.8" + +services: + app: + image: git.autonomic.zone/autonomic-cooperative/justice-equity-technology-astro:latest + environment: + - PAYLOAD_URL=${STACK_NAME}_payload + secrets: + - mongo_password + - payload_secret + networks: + - proxy + - internal + deploy: + update_config: + failure_action: rollback + order: start-first + labels: + - "traefik.enable=true" + - "traefik.http.services.${STACK_NAME}-astro.loadbalancer.server.port=80" + - "traefik.http.routers.${STACK_NAME}-astro.rule=Host(`${DOMAIN}`)" + - "traefik.http.routers.${STACK_NAME}-astro.entrypoints=web-secure" + - "traefik.http.routers.${STACK_NAME}-astro.tls.certresolver=production" + + payload: + image: git.autonomic.zone/autonomic-cooperative/justice-equity-technology-payload:latest + environment: + - "NAME=${STACK_NAME}" + - "PAYLOAD_URL=${STACK_NAME}_payload" + - "PAYLOAD_PORT=3001" + - "PAYLOAD_SECRET_FILE=/run/secrets/payload_secret" + - "MONGODB_USER=mongo" + - "MONGODB_HOST=${STACK_NAME}_mongo" + - "MONGODB_PORT=27017" + - "MONGODB_PASSWORD_FILE=/run/secrets/mongo_password" + - "TOKEN_FILE=/run/secrets/token" + secrets: + - mongo_password + - payload_secret + - token + networks: + - proxy + - internal + deploy: + update_config: + failure_action: rollback + order: start-first + labels: + - "traefik.enable=true" + - "traefik.http.services.${STACK_NAME}-payload.loadbalancer.server.port=3001" + # FIXME switch to /admin probably using PathPrefix + - "traefik.http.routers.${STACK_NAME}-payload.rule=Host(`admin.${DOMAIN}`)" + - "traefik.http.routers.${STACK_NAME}-payload.entrypoints=web-secure" + - "traefik.http.routers.${STACK_NAME}-payload.tls.certresolver=production" + + mongo: + image: mongo:6.0.5 + restart: unless-stopped + volumes: + - mongo:/data/db + command: + - --storageEngine=wiredTiger + environment: + - "MONGO_INITDB_ROOT_USERNAME=mongo" + - "MONGO_INITDB_ROOT_PASSWORD_FILE=/run/secrets/mongo_password" + secrets: + - mongo_password + networks: + - internal + +networks: + proxy: + external: true + internal: + +secrets: + payload_secret: + external: true + name: ${STACK_NAME}_payload_secret_${SECRET_PAYLOAD_SECRET_VERSION} + token: + external: true + name: ${STACK_NAME}_token_${SECRET_TOKEN_VERSION} + mongo_password: + external: true + name: ${STACK_NAME}_mongo_password_${SECRET_MONGO_PASSWORD_VERSION} + +volumes: + mongo: diff --git a/docker-compose-dev.yml b/docker-compose-dev.yml deleted file mode 100644 index 8aeb30a..0000000 --- a/docker-compose-dev.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - astro: - build: - target: dev - volumes: - - ./astro:/base - - /base/node_modules/ - ports: - - 3000:3000 - - payload: - build: - target: dev - volumes: - - ./payload/src:/base/src - - ./astro/src/types.ts:/types.ts - ports: - - 3001:3001 - - mongo: - ports: - - 27017:27017 diff --git a/docker-compose-prod.yml b/docker-compose-prod.yml deleted file mode 100644 index 80ff071..0000000 --- a/docker-compose-prod.yml +++ /dev/null @@ -1,34 +0,0 @@ -services: - astro: - build: - context: astro - target: prod - labels: - - "traefik.enable=true" - - "traefik.http.routers.${NAME}-astro.rule=Host(`${ASTRO_HOST}`)" - - "traefik.http.routers.${NAME}-astro.entrypoints=https" - - "traefik.http.routers.${NAME}-astro.tls.certresolver=httpresolver" - - traefik.docker.network=traefik_network - networks: - - traefik_network - - payload: - build: - context: payload - target: prod - volumes: - - ./data/media:/prod/dist/media - environment: - - REPOSITORY=${REPOSITORY} - labels: - - traefik.enable=true - - traefik.http.routers.${NAME}-payload.rule=Host(`${PAYLOAD_HOST}`) - - traefik.http.routers.${NAME}-payload.entrypoints=https - - traefik.http.routers.${NAME}-payload.tls.certresolver=httpresolver - - traefik.docker.network=traefik_network - networks: - - traefik_network - -networks: - traefik_network: - external: true diff --git a/docker-compose.yml b/docker-compose.yml index f764795..a96e952 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,8 +4,14 @@ services: restart: unless-stopped build: context: astro + target: de networks: - front + volumes: + - ./astro:/base + - /base/node_modules/ + ports: + - 3000:3000 depends_on: - payload @@ -21,6 +27,11 @@ services: PAYLOAD_SECRET: ${PAYLOAD_SECRET} MONGODB_URI: ${MONGODB_URI} TOKEN: ${TOKEN} + volumes: + - ./payload/src:/base/src + - ./astro/src/types.ts:/types.ts + ports: + - 3001:3001 networks: - front - back @@ -40,6 +51,8 @@ services: MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PW} networks: - back + ports: + - 27017:27017 networks: front: