setrsoft_app/docker-compose.prod.yml at main · setrsoft/setrsoft_app · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
services:
  db:
    image: postgres:16-alpine
    env_file: .env
    environment:
      POSTGRES_DB: ${POSTGRES_DB:-setrsoft}
      POSTGRES_USER: ${POSTGRES_USER:-setrsoft}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?Set POSTGRES_PASSWORD}
    volumes:
      - postgres_data_prod:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-setrsoft} -d ${POSTGRES_DB:-setrsoft}"]
      interval: 5s
      timeout: 5s
      retries: 5
    networks:
      - internal_bridge

  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    expose:
      - "${PORT_BACKEND:-8000}"
    env_file: .env
    environment:
      POSTGRES_HOST: db
      POSTGRES_PORT: ${POSTGRES_PORT:-5432}
      POSTGRES_DB: ${POSTGRES_DB:-setrsoft}
      POSTGRES_USER: ${POSTGRES_USER:-setrsoft}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?Set POSTGRES_PASSWORD}
      SECRET_KEY: ${SECRET_KEY:?Set SECRET_KEY}
      DEBUG: ${DEBUG:-False}
      ALLOWED_HOSTS: ${ALLOWED_HOSTS:?Set ALLOWED_HOSTS}
      CORS_ALLOWED_ORIGINS: ${CORS_ALLOWED_ORIGINS:-http://${SERVER_IP}}
      TRUST_PROXY: ${TRUST_PROXY:-1}
    command:
      - "sh"
      - "-c"
      - "python manage.py migrate && python manage.py sync_holds --if-empty && gunicorn setrsoft.wsgi:application --bind 0.0.0.0:${PORT_BACKEND:-8000} --workers 2"
    depends_on:
      db:
        condition: service_healthy
    networks:
      - internal_bridge

  web:
    build:
      context: ./frontend
      dockerfile: Dockerfile
      args:
        - VITE_API_BASE=/api
        - VITE_PUBLIC_POSTHOG_PROJECT_TOKEN=${VITE_PUBLIC_POSTHOG_PROJECT_TOKEN:-}
        - VITE_PUBLIC_POSTHOG_HOST=${VITE_PUBLIC_POSTHOG_HOST:-}
    container_name: setrsoft-frontend
    restart: unless-stopped
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=${DOCKER_NETWORK_NAME:-default}"
      # HTTP → redirect HTTPS
      - "traefik.http.routers.setrsoft-http.rule=Host(`setrsoft.com`) || Host(`www.setrsoft.com`)"
      - "traefik.http.routers.setrsoft-http.entrypoints=http"
      - "traefik.http.routers.setrsoft-http.middlewares=redirect-to-https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      # HTTPS
      - "traefik.http.routers.setrsoft-https.rule=Host(`setrsoft.com`) || Host(`www.setrsoft.com`)"
      - "traefik.http.routers.setrsoft-https.entrypoints=https"
      - "traefik.http.routers.setrsoft-https.tls=true"
      - "traefik.http.routers.setrsoft-https.tls.certresolver=letsencrypt"
      # Service
      - "traefik.http.services.setrsoft-web.loadbalancer.server.port=80"
    depends_on:
      - backend
    networks:
      - internal_bridge
      - public_gateway

volumes:
  postgres_data_prod:

networks:
  internal_bridge:
    driver: bridge
  public_gateway:
    external: true
    name: ${DOCKER_NETWORK_NAME:-default}