git-deploy-healer/docker-compose.yml at main · AlinaSHforwork/git-deploy-healer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
version: '3.8'

services:
  app:
    build: .
    container_name: pypaas-app
    ports:
      - "8085:8080"
    env_file:
      - .env
    environment:
      - DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
      - DEPLOYMENT_MODE=local

    user: root

    entrypoint: []

    command: >
      bash -c "
      ln -sf /dev/stdout /var/log/nginx/access.log &&
      ln -sf /dev/stderr /var/log/nginx/error.log &&
      sed -i '/pid/d' /etc/nginx/nginx.conf &&
      nginx -g 'pid /run/nginx.pid; daemon on;' &&
      echo 'Nginx started successfully' &&
      uvicorn api.server:app --host 0.0.0.0 --port ${APP_PORT} --reload
      "

    volumes:
      # ⚠️ SECURITY WARNING: Docker socket access grants elevated privileges
      # Only use this in trusted development environments
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - .:/app
    depends_on:
      db:
        condition: service_healthy
      prometheus:
        condition: service_started
      grafana:
        condition: service_started
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:${APP_PORT}/health"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 10s
    networks:
      - pypaas-network

  db:
    image: postgres:latest
    container_name: pypaas-db
    env_file:
      - .env
    environment:
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_DB: ${POSTGRES_DB}
    command: ["postgres", "-c", "shared_buffers=256MB", "-c", "max_connections=200"]
    ports:
      - "${POSTGRES_PORT}:${POSTGRES_PORT}"
    volumes:
      - db_data:/var/lib/postgresql
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      - pypaas-network

  prometheus:
    image: prom/prometheus:v2.51.2
    container_name: pypaas-prometheus
    volumes:
      - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml:ro
      - ./monitoring/alerts.yml:/etc/prometheus/alerts.yml:ro
    command:
      - --config.file=/etc/prometheus/prometheus.yml
      - --web.enable-lifecycle
    ports:
      - "9090:9090"
    networks:
      - pypaas-network

  grafana:
    image: grafana/grafana:10.4.3
    container_name: pypaas-grafana
    environment:
      - GF_SECURITY_ADMIN_PASSWORD=admin
      - GF_USERS_ALLOW_SIGN_UP=false
    volumes:
      - ./monitoring/grafana-datasources.yml:/etc/grafana/provisioning/datasources/datasource.yml:ro
      - ./monitoring/grafana-dashboards.yml:/etc/grafana/provisioning/dashboards/dashboard.yml:ro
      - ./monitoring/pypaas-dashboard.json:/etc/grafana/dashboards/pypaas-overview.json:ro
    ports:
      - "3000:3000"
    depends_on:
      - prometheus
    networks:
      - pypaas-network

volumes:
  db_data:
    driver: local

networks:
  pypaas-network:
    driver: bridge