version: "3.8" services: db: image: postgres:12.3 deploy: labels: backupbot.backup: "${ENABLE_BACKUPS:-true}" backupbot.backup.pre-hook: "/pg_backup.sh backup" backupbot.backup.volumes.db.path: "backup.sql" backupbot.restore.post-hook: '/pg_backup.sh restore' configs: - source: pg_backup target: /pg_backup.sh mode: 0555 secrets: - postgres_password environment: - POSTGRES_DB=taiga - POSTGRES_USER=taiga - POSTGRES_PASSWORD_FILE healthcheck: test: ["CMD-SHELL", "pg_isready -U taiga"] interval: 2s timeout: 15s retries: 5 start_period: 3s volumes: - taiga-db-data:/var/lib/postgresql/data networks: - internal app-admin-init: image: taigaio/taiga-back:6.9.0 secrets: - taiga_secret - postgres_password - rabbitmq_password - django_password configs: - source: create_superuser target: /create-superuser.sh mode: 0555 entrypoint: /create-superuser.sh env_file: - .env.sample environment: - POSTGRES_DB=taiga - POSTGRES_USER=taiga - POSTGRES_HOST=db - SECRET_KEY_FILE=${TAIGA_SECRET_KEY_FILE} - TAIGA_SITES_SCHEME=https - TAIGA_SITES_DOMAIN=${DOMAIN} - RABBITMQ_USER=taiga networks: - internal deploy: replicas: 1 restart_policy: condition: none app: image: taigaio/taiga-back:6.9.0 secrets: - taiga_secret - postgres_password - rabbitmq_password env_file: - .env.sample environment: - POSTGRES_DB=taiga - POSTGRES_USER=taiga - POSTGRES_HOST=db - TAIGA_SITES_SCHEME=https - TAIGA_SITES_DOMAIN=${DOMAIN} - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend - RABBITMQ_USER=taiga - ENTRYPOINT=/taiga-back/docker/entrypoint.sh hostname: "taiga-back" configs: - source: taiga_entrypoint target: /custom-entrypoint.sh mode: 0555 entrypoint: /custom-entrypoint.sh volumes: - taiga-static-data:/taiga-back/static - taiga-media-data:/taiga-back/media networks: - internal deploy: update_config: failure_action: rollback order: start-first labels: - "coop-cloud.${STACK_NAME}.version=0.1.0+6.9.0" - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}" healthcheck: test: ["CMD-SHELL", "python -m http.client -c 'GET /api/v1/' -H 'Host: localhost' || exit 1"] interval: 30s timeout: 10s retries: 10 start_period: 1m app-async: image: taigaio/taiga-back:6.9.0 configs: - source: taiga_entrypoint target: /custom-entrypoint.sh mode: 0555 entrypoint: /custom-entrypoint.sh hostname: "taiga-back-async" secrets: - taiga_secret - postgres_password - rabbitmq_password env_file: - .env.sample environment: - POSTGRES_DB=taiga - POSTGRES_USER=taiga - POSTGRES_HOST=db - TAIGA_SITES_SCHEME=https - TAIGA_SITES_DOMAIN=${DOMAIN} - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend - RABBITMQ_USER=taiga - ENTRYPOINT=/taiga-back/docker/async_entrypoint.sh volumes: - taiga-static-data:/taiga-back/static - taiga-media-data:/taiga-back/media networks: - internal rabbitmq-async: image: rabbitmq:3.8-management-alpine secrets: - rabbitmq_password environment: - RABBITMQ_ERLANG_COOKIE - RABBITMQ_DEFAULT_USER=taiga - RABBITMQ_DEFAULT_PASS_FILE=${RABBITMQ_PASS_FILE} - RABBITMQ_DEFAULT_VHOST=taiga hostname: "taiga-async-rabbitmq" volumes: - taiga-async-rabbitmq-data:/var/lib/rabbitmq networks: - internal healthcheck: test: rabbitmq-diagnostics -q ping interval: 30s timeout: 10s retries: 10 start_period: 1m taiga-front: image: taigaio/taiga-front:6.9.0 environment: - TAIGA_URL=https://${DOMAIN} - TAIGA_WEBSOCKETS_URL=wss://${DOMAIN} networks: - internal events: image: taigaio/taiga-events:6.9.0 configs: - source: taiga_events_entrypoint target: /custom-entrypoint.sh mode: 0555 entrypoint: /custom-entrypoint.sh secrets: - taiga_secret - rabbitmq_password env_file: - .env.sample environment: - RABBITMQ_USER=taiga - ENTRYPOINT=/taiga-events/docker/entrypoint.sh networks: - internal healthcheck: test: ["CMD", "wget", "-q", "-O", "-", "http://localhost:3023/healthz"] interval: 10s timeout: 3s retries: 5 rabbitmq: image: rabbitmq:3.8-management-alpine secrets: - rabbitmq_password environment: - RABBITMQ_ERLANG_COOKIE - RABBITMQ_DEFAULT_USER=taiga - RABBITMQ_DEFAULT_PASS_FILE=${RABBITMQ_PASS_FILE} - RABBITMQ_DEFAULT_VHOST=taiga hostname: "taiga-events-rabbitmq" volumes: - taiga-events-rabbitmq-data:/var/lib/rabbitmq networks: - internal healthcheck: test: rabbitmq-diagnostics -q ping interval: 30s timeout: 10s retries: 10 start_period: 1m taiga-protected: image: taigaio/taiga-protected:6.9.0 configs: - source: taiga_entrypoint target: /custom-entrypoint.sh mode: 0555 entrypoint: /custom-entrypoint.sh secrets: - taiga_secret environment: - POSTGRES_HOST=db - MAX_AGE=${ATTACHMENTS_MAX_AGE} - SECRET_KEY_FILE=${TAIGA_SECRET_KEY_FILE} - ENTRYPOINT=/taiga-protected/docker/entrypoint.sh networks: - internal web: image: nginx:1.19-alpine configs: - source: nginx_conf target: /etc/nginx/conf.d/default.conf - source: nginx_entrypoint target: /custom-entrypoint.sh mode: 0555 entrypoint: /custom-entrypoint.sh volumes: - taiga-static-data:/taiga/static - taiga-media-data:/taiga/media networks: - proxy - internal deploy: restart_policy: condition: on-failure labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80" - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.scheme=https" - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.permanent=true" healthcheck: test: curl -f taiga-back:8000/api/v1/ || exit 1 interval: 30s timeout: 10s retries: 10 start_period: 1m secrets: taiga_secret: external: true name: ${STACK_NAME}_taiga_secret_${SECRET_TAIGA_SECRET_VERSION} postgres_password: external: true name: ${STACK_NAME}_postgres_password_${SECRET_POSTGRES_PASSWORD_VERSION} rabbitmq_password: external: true name: ${STACK_NAME}_rabbitmq_password_${SECRET_RABBITMQ_PASSWORD_VERSION} django_password: external: true name: ${STACK_NAME}_django_password_${SECRET_DJANGO_PASSWORD_VERSION} configs: nginx_conf: name: ${STACK_NAME}_nginx_${NGINX_CONF_VERSION} file: nginx.conf template_driver: golang taiga_entrypoint: name: ${STACK_NAME}_taiga_entrypoint_${TAIGA_ENTRYPOINT_VERSION} file: entrypoint.sh.tmpl template_driver: golang taiga_events_entrypoint: name: ${STACK_NAME}_taiga_events_entrypoint_${TAIGA_EVENTS_ENTRYPOINT_VERSION} file: entrypoint-events.sh.tmpl template_driver: golang nginx_entrypoint: name: ${STACK_NAME}_nginx_entrypoint_${NGINX_ENTRYPOINT_VERSION} file: entrypoint-nginx.sh.tmpl template_driver: golang create_superuser: name: ${STACK_NAME}_create_superuser_${CREATE_SUPERUSER_VERSION} file: create-superuser.sh.tmpl template_driver: golang pg_backup: name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION} file: pg_backup.sh volumes: taiga-static-data: taiga-media-data: taiga-db-data: taiga-async-rabbitmq-data: taiga-events-rabbitmq-data: networks: internal: proxy: external: true