81 lines
2.4 KiB
YAML
81 lines
2.4 KiB
YAML
---
|
|
version: "3.8"
|
|
|
|
services:
|
|
app:
|
|
image: 3wordchant/capsul-flask:yolocolo
|
|
networks:
|
|
- proxy
|
|
- internal
|
|
environment:
|
|
- "POSTGRES_CONNECTION_PARAMETERS=host=db port=5432 user=capsul password=capsul dbname=capsul"
|
|
- "HUB_MODEL"
|
|
- "SPOKE_MODEL"
|
|
- "BASE_URL=https://${DOMAIN}"
|
|
- "LOG_LEVEL"
|
|
- "HUB_URL=http://localhost:5000"
|
|
- "MAIL_SERVER"
|
|
- "MAIL_PORT"
|
|
- "MAIL_USE_TLS"
|
|
- "MAIL_USE_SSL"
|
|
- "MAIL_USERNAME"
|
|
- "MAIL_PASSWORD"
|
|
- "MAIL_DEFAULT_SENDER"
|
|
- "ADMIN_EMAIL_ADDRESSES"
|
|
- "ADMIN_PANEL_ALLOW_EMAIL_ADDRESSES"
|
|
- "HUB_TOKEN_FILE=/var/run/secrets/hub_token"
|
|
- "SPOKE_HOST_TOKEN_FILE=/var/run/secrets/hub_token"
|
|
# - "SPOKE_HOST_TOKEN_FILE=/var/run/secrets/spoke_host_token"
|
|
- THEME
|
|
secrets:
|
|
- hub_token
|
|
# - spoke_host_token
|
|
deploy:
|
|
update_config:
|
|
failure_action: rollback
|
|
order: start-first
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=5000"
|
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
# Redirect from EXTRA_DOMAINS to DOMAIN
|
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
|
- "coop-cloud.${STACK_NAME}.version=0.1.0+yolocolo"
|
|
healthcheck:
|
|
test: ["CMD", "wget", "-q", "--tries=1", "http://localhost:5000", "-O", "/dev/null"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 10
|
|
start_period: 1m
|
|
|
|
db:
|
|
image: "postgres:9.6.5-alpine"
|
|
networks:
|
|
- internal
|
|
volumes:
|
|
- "postgres:/var/lib/postgresql/data"
|
|
environment:
|
|
POSTGRES_USER: capsul
|
|
POSTGRES_PASSWORD: capsul
|
|
POSTGRES_DB: capsul
|
|
|
|
networks:
|
|
proxy:
|
|
external: true
|
|
internal:
|
|
|
|
volumes:
|
|
postgres:
|
|
|
|
secrets:
|
|
hub_token:
|
|
external: true
|
|
name: ${STACK_NAME}_hub_token_${SECRET_HUB_TOKEN_VERSION}
|
|
# spoke_host_token:
|
|
# external: true
|
|
# name: ${STACK_NAME}_spoke_host_token_${SECRET_SPOKE_HOST_TOKEN_VERSION}
|