-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
67 lines (58 loc) · 1.68 KB
/
docker-compose.yml
File metadata and controls
67 lines (58 loc) · 1.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
version: '3.8'
services:
# Main application (internal, not exposed directly)
app:
build: .
container_name: vdv463-validator-app
restart: unless-stopped
environment:
# Authentication
- AUTH_SECRET=${AUTH_SECRET:-}
- JWT_SECRET_KEY=${JWT_SECRET_KEY}
# Set to true to disable all authentication (internal/trusted networks only!)
- DISABLE_AUTH=${DISABLE_AUTH:-false}
- ADMIN_EMAILS=${ADMIN_EMAILS:-}
# Google OAuth (optional)
- GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID:-}
# Email configuration (optional)
- SMTP_HOST=${SMTP_HOST:-}
- SMTP_PORT=${SMTP_PORT:-587}
- SMTP_USER=${SMTP_USER:-}
- SMTP_PASSWORD=${SMTP_PASSWORD:-}
# Application URL (used for email links)
- APP_URL=${APP_URL:-https://localhost}
# CORS origins (your domain)
- ALLOWED_ORIGINS=${ALLOWED_ORIGINS:-https://localhost}
volumes:
- app_data:/home/validator/app/web/backend/data
networks:
- internal
expose:
- "8000"
healthcheck:
test: [ "CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:8000/api/health" ]
interval: 30s
timeout: 10s
retries: 3
# Nginx reverse proxy with SSL termination
nginx:
image: nginx:alpine
container_name: vdv463-validator-nginx
restart: unless-stopped
ports:
- "${HTTPS_PORT:-443}:443"
- "${HTTP_PORT:-80}:80"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/ssl:/etc/nginx/ssl:ro
depends_on:
app:
condition: service_healthy
networks:
- internal
networks:
internal:
driver: bridge
volumes:
app_data:
driver: local