-
Notifications
You must be signed in to change notification settings - Fork 2
/
docker-compose-production.yml
73 lines (71 loc) · 2.17 KB
/
docker-compose-production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
version: '3.0'
services:
sdschedule-database:
container_name: sdschedule-database
image: mariadb:latest
environment:
- "MYSQL_ROOT_PASSWORD=password"
- "MYSQL_DATABASE=classes"
volumes:
- "sdschedule-data:/var/lib/mysql"
restart: always
sdschedule-backend:
container_name: sdschedule-backend
build: backend
depends_on:
- "sdschedule-database"
volumes:
- "sdschedule-sock:/app/sock"
environment:
- "ENV=PROD"
- "PYTHONUNBUFFERED=0"
- "SDSCHEDULE_SCRAPE=${SDSCHEDULE_SCRAPE}"
restart: always
sdschedule-frontend:
container_name: sdschedule-frontend
build: frontend
depends_on:
- "sdschedule-backend"
volumes:
- "./frontend/src:/app/src"
- "./frontend/public:/app/public"
- "sdschedule-frontend-build:/app/build"
environment:
- "ENV=PROD"
restart: "no"
web:
container_name: sdschedule-web
image: nginx
ports:
- "80:80"
- "443:443"
depends_on:
- "sdschedule-frontend"
volumes:
- "sdschedule-frontend-build:/var/www/sdschedule"
- "sdschedule-sock:/tmp/sdschedule-sock"
- "./web/nginx/nginx.conf:/etc/nginx/nginx.conf:ro"
- "./web/nginx/sites:/etc/nginx/sites-enabled:ro"
- "./web/nginx/snippets:/etc/nginx/snippets:ro"
- "./web/html:/usr/share/nginx/html:ro"
- "./web/log:/var/log/nginx"
- "sdschedule-letsencrypt:/etc/letsencrypt:ro" # must keep sercret
- "./web/letsencrypt/www:/var/www/_letsencrypt:ro"
restart: always
command: sh -c 'while :; do sleep 12h; nginx -s reload; done & nginx -g "daemon off;"'
certbot:
container_name: sdschedule-certbot
image: certbot/certbot
restart: on-failure
volumes:
- "sdschedule-letsencrypt:/etc/letsencrypt" # must keep secret
- "./web/letsencrypt/www:/var/www/certbot"
- "./web/log:/var/log/certbot/"
- "./web/nginx/sites:/etc/nginx/sites-enabled"
entrypoint: sh -c "while :; do certbot renew; sleep 24h; done >> /var/log/certbot/certbot.log;"
# short renew period for now
volumes:
sdschedule-letsencrypt:
sdschedule-data:
sdschedule-frontend-build:
sdschedule-sock: