forked from ueberdosis/alldocs.app
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.production.yml
135 lines (127 loc) · 3.25 KB
/
docker-compose.production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
version: "3.7"
x-update-config: &update-config
update_config:
parallelism: 1
failure_action: rollback
order: start-first
monitor: 120s
delay: 30s
x-laravel-env: &laravel-env
configs:
- source: laravel-env
target: /var/www/.env
mode: 0440
uid: "33"
gid: "33"
x-resources: &resources
resources:
limits:
cpus: "2.0"
memory: 2G
reservations:
cpus: "0.5"
memory: 1G
services:
nginx:
image: ${IMAGE}/nginx:${BRANCH_NAME:-master}
deploy:
labels:
- "traefik.enable=true"
- "traefik.http.routers.alldocs-http.rule=Host(`alldocs.app`, `www.alldocs.app`)"
- "traefik.http.routers.alldocs-http.entrypoints=http"
- "traefik.http.routers.alldocs-http.middlewares=enforce-https-permanently@file"
- "traefik.http.routers.alldocs-https.rule=Host(`alldocs.app`, `www.alldocs.app`)"
- "traefik.http.routers.alldocs-https.entrypoints=https"
- "traefik.http.routers.alldocs-https.tls.certresolver=tlsChallenge"
- "traefik.http.routers.alldocs-https.tls.options=intermediate@file"
- "traefik.http.services.alldocs.loadbalancer.server.port=80"
<<: *resources
<<: *update-config
networks:
- srv-proxy
- tier1
php:
image: ${IMAGE}/php:${BRANCH_NAME:-master}
<<: *laravel-env
deploy:
<<: *resources
<<: *update-config
networks:
- tier1
- tier2
volumes:
- laravel-storage:/var/www/storage/
scheduler:
image: ${IMAGE}/php:${BRANCH_NAME:-master}
command: ["scheduler"]
<<: *laravel-env
deploy:
<<: *resources
<<: *update-config
networks:
- tier1
- tier2
volumes:
- laravel-storage:/var/www/storage/
worker:
image: ${IMAGE}/php:${BRANCH_NAME:-master}
command: ["worker"]
<<: *laravel-env
deploy:
<<: *resources
<<: *update-config
networks:
- tier1
- tier2
volumes:
- laravel-storage:/var/www/storage/
mysql:
image: ${IMAGE}/mysql:${BRANCH_NAME:-master}
deploy:
<<: *resources
environment:
MYSQL_ROOT_PASSWORD_FILE: /run/secrets/mysql_root_password
MYSQL_DATABASE_FILE: /run/secrets/mysql_database
MYSQL_USER_FILE: /run/secrets/mysql_user
MYSQL_PASSWORD_FILE: /run/secrets/mysql_password
networks:
- tier2
secrets:
- mysql_root_password
- mysql_database
- mysql_user
- mysql_password
volumes:
- mysql-data:/var/lib/mysql
redis:
image: redis:5.0-alpine
deploy:
<<: *resources
<<: *update-config
networks:
- tier2
configs:
laravel-env:
name: servivum-app-env-${LARAVEL_ENV_HASH}
file: LARAVEL_ENV.txt
networks:
srv-proxy:
external: true
tier1:
tier2:
secrets:
mysql_root_password:
name: servivum_app_mysql_root_password_${MYSQL_ROOT_PASSWORD_HASH}
file: MYSQL_ROOT_PASSWORD.txt
mysql_database:
name: servivum_app_mysql_database_${MYSQL_DATABASE_HASH}
file: MYSQL_DATABASE.txt
mysql_user:
name: servivum_app_mysql_user_${MYSQL_USER_HASH}
file: MYSQL_USER.txt
mysql_password:
name: servivum_app_mysql_password_${MYSQL_PASSWORD_HASH}
file: MYSQL_PASSWORD.txt
volumes:
mysql-data:
laravel-storage: