2020-04-19 16:44:12 +02:00
|
|
|
version: "3.3"
|
|
|
|
|
services:
|
|
|
|
|
|
|
|
|
|
proxy:
|
2020-05-24 23:35:49 +02:00
|
|
|
image: traefik:v2.2
|
2020-04-19 16:44:12 +02:00
|
|
|
networks:
|
|
|
|
|
- ${TRAEFIK_PUBLIC_NETWORK}
|
|
|
|
|
- default
|
|
|
|
|
volumes:
|
|
|
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
2020-05-24 23:35:49 +02:00
|
|
|
command:
|
|
|
|
|
# Enable Docker in Traefik, so that it reads labels from Docker services
|
|
|
|
|
- --providers.docker
|
|
|
|
|
# Add a constraint to only use services with the label for this stack
|
|
|
|
|
# from the env var TRAEFIK_TAG
|
|
|
|
|
- --providers.docker.constraints=Label(`traefik.constraint-label-stack`, `${TRAEFIK_TAG}`)
|
|
|
|
|
# Do not expose all Docker services, only the ones explicitly exposed
|
|
|
|
|
- --providers.docker.exposedbydefault=false
|
|
|
|
|
# Enable Docker Swarm mode
|
|
|
|
|
- --providers.docker.swarmmode
|
|
|
|
|
# Enable the access log, with HTTP requests
|
|
|
|
|
- --accesslog
|
|
|
|
|
# Enable the Traefik log, for configurations and errors
|
|
|
|
|
- --log
|
|
|
|
|
# Enable the Dashboard and API
|
|
|
|
|
- --api
|
2020-04-19 16:44:12 +02:00
|
|
|
deploy:
|
|
|
|
|
placement:
|
|
|
|
|
constraints:
|
|
|
|
|
- node.role == manager
|
|
|
|
|
labels:
|
2020-05-24 23:35:49 +02:00
|
|
|
# Enable Traefik for this service, to make it available in the public network
|
2020-04-19 16:44:12 +02:00
|
|
|
- traefik.enable=true
|
2020-05-24 23:35:49 +02:00
|
|
|
# Use the traefik-public network (declared below)
|
2020-04-19 16:44:12 +02:00
|
|
|
- traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK}
|
2020-05-24 23:35:49 +02:00
|
|
|
# Use the custom label "traefik.constraint-label=traefik-public"
|
|
|
|
|
# This public Traefik will only use services with this label
|
|
|
|
|
- traefik.constraint-label=${TRAEFIK_PUBLIC_TAG}
|
|
|
|
|
# traefik-http set up only to use the middleware to redirect to https
|
|
|
|
|
- traefik.http.middlewares.${STACK_NAME}-https-redirect.redirectscheme.scheme=https
|
|
|
|
|
- traefik.http.middlewares.${STACK_NAME}-https-redirect.redirectscheme.permanent=true
|
|
|
|
|
# Handle host with and without "www" to redirect to only one of them
|
|
|
|
|
# Uses environment variable DOMAIN
|
|
|
|
|
# To disable www redirection remove the Host() you want to discard, here and
|
|
|
|
|
# below for HTTPS
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-proxy-http.rule=Host(`${DOMAIN}`) || Host(`www.${DOMAIN}`)
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-proxy-http.entrypoints=http
|
|
|
|
|
# traefik-https the actual router using HTTPS
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-proxy-https.rule=Host(`${DOMAIN}`) || Host(`www.${DOMAIN}`)
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-proxy-https.entrypoints=https
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-proxy-https.tls=true
|
|
|
|
|
# Use the "le" (Let's Encrypt) resolver created below
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-proxy-https.tls.certresolver=le
|
|
|
|
|
# Define the port inside of the Docker service to use
|
|
|
|
|
- traefik.http.services.${STACK_NAME}-proxy.loadbalancer.server.port=80
|
|
|
|
|
# Handle domain with and without "www" to redirect to only one
|
|
|
|
|
# To disable www redirection remove the next line
|
|
|
|
|
- traefik.http.middlewares.${STACK_NAME}-www-redirect.redirectregex.regex=^https?://(www.)?(${DOMAIN})/(.*)
|
|
|
|
|
# Redirect a domain with www to non-www
|
|
|
|
|
# To disable it remove the next line
|
|
|
|
|
- traefik.http.middlewares.${STACK_NAME}-www-redirect.redirectregex.replacement=https://${DOMAIN}/$${3}
|
|
|
|
|
# Redirect a domain without www to www
|
|
|
|
|
# To enable it remove the previous line and uncomment the next
|
|
|
|
|
# - traefik.http.middlewares.${STACK_NAME}-www-redirect.redirectregex.replacement=https://www.${DOMAIN}/$${3}
|
|
|
|
|
# Middleware to redirect www, to disable it remove the next line
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-proxy-https.middlewares=${STACK_NAME}-www-redirect
|
|
|
|
|
# Middleware to redirect www, and redirect HTTP to HTTPS
|
|
|
|
|
# to disable www redirection remove the section: ${STACK_NAME}-www-redirect,
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-proxy-http.middlewares=${STACK_NAME}-www-redirect,${STACK_NAME}-https-redirect
|
|
|
|
|
|
2020-04-19 16:44:12 +02:00
|
|
|
db:
|
|
|
|
|
image: postgres:12
|
|
|
|
|
volumes:
|
|
|
|
|
- app-db-data:/var/lib/postgresql/data/pgdata
|
|
|
|
|
env_file:
|
|
|
|
|
- .env
|
|
|
|
|
environment:
|
|
|
|
|
- PGDATA=/var/lib/postgresql/data/pgdata
|
|
|
|
|
deploy:
|
|
|
|
|
placement:
|
|
|
|
|
constraints:
|
|
|
|
|
- node.labels.${STACK_NAME}.app-db-data == true
|
|
|
|
|
|
|
|
|
|
pgadmin:
|
|
|
|
|
image: dpage/pgadmin4
|
|
|
|
|
networks:
|
|
|
|
|
- ${TRAEFIK_PUBLIC_NETWORK}
|
|
|
|
|
- default
|
|
|
|
|
depends_on:
|
|
|
|
|
- db
|
|
|
|
|
env_file:
|
|
|
|
|
- .env
|
|
|
|
|
deploy:
|
|
|
|
|
labels:
|
|
|
|
|
- traefik.enable=true
|
|
|
|
|
- traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK}
|
2020-05-24 23:35:49 +02:00
|
|
|
- traefik.constraint-label=${TRAEFIK_PUBLIC_TAG}
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-pgadmin-http.rule=Host(`pgadmin.${DOMAIN}`)
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-pgadmin-http.entrypoints=http
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-pgadmin-http.middlewares=${STACK_NAME}-https-redirect
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-pgadmin-https.rule=Host(`pgadmin.${DOMAIN}`)
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-pgadmin-https.entrypoints=https
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-pgadmin-https.tls=true
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-pgadmin-https.tls.certresolver=le
|
|
|
|
|
- traefik.http.services.${STACK_NAME}-pgadmin.loadbalancer.server.port=5050
|
2020-04-19 16:44:12 +02:00
|
|
|
|
|
|
|
|
queue:
|
|
|
|
|
image: rabbitmq:3
|
|
|
|
|
# Using the below image instead is required to enable the "Broker" tab in the flower UI:
|
|
|
|
|
# image: rabbitmq:3-management
|
|
|
|
|
#
|
|
|
|
|
# You also have to change the flower command
|
|
|
|
|
|
|
|
|
|
flower:
|
|
|
|
|
image: mher/flower
|
|
|
|
|
networks:
|
|
|
|
|
- ${TRAEFIK_PUBLIC_NETWORK}
|
|
|
|
|
- default
|
|
|
|
|
env_file:
|
|
|
|
|
- .env
|
|
|
|
|
command:
|
|
|
|
|
- "--broker=amqp://guest@queue:5672//"
|
|
|
|
|
# For the "Broker" tab to work in the flower UI, uncomment the following command argument,
|
|
|
|
|
# and change the queue service's image as well
|
|
|
|
|
# - "--broker_api=http://guest:guest@queue:15672/api//"
|
|
|
|
|
deploy:
|
|
|
|
|
labels:
|
|
|
|
|
- traefik.enable=true
|
|
|
|
|
- traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK}
|
2020-05-24 23:35:49 +02:00
|
|
|
- traefik.constraint-label=${TRAEFIK_PUBLIC_TAG}
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-flower-http.rule=Host(`flower.${DOMAIN}`)
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-flower-http.entrypoints=http
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-flower-http.middlewares=${STACK_NAME}-https-redirect
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-flower-https.rule=Host(`flower.${DOMAIN}`)
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-flower-https.entrypoints=https
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-flower-https.tls=true
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-flower-https.tls.certresolver=le
|
|
|
|
|
- traefik.http.services.${STACK_NAME}-flower.loadbalancer.server.port=5555
|
2020-04-19 16:44:12 +02:00
|
|
|
|
|
|
|
|
backend:
|
|
|
|
|
image: '${DOCKER_IMAGE_BACKEND}:${TAG-latest}'
|
|
|
|
|
depends_on:
|
|
|
|
|
- db
|
|
|
|
|
env_file:
|
|
|
|
|
- .env
|
|
|
|
|
environment:
|
|
|
|
|
- SERVER_NAME=${DOMAIN}
|
|
|
|
|
- SERVER_HOST=https://${DOMAIN}
|
|
|
|
|
# Allow explicit env var override for tests
|
|
|
|
|
- SMTP_HOST=${SMTP_HOST}
|
|
|
|
|
build:
|
|
|
|
|
context: ./backend
|
|
|
|
|
dockerfile: backend.dockerfile
|
:recycle: Refactor backend, settings, DB sessions, types, configs, plugins (#158)
* :recycle: Refactor backend, update DB session handling
* :sparkles: Add mypy config and plugins
* :heavy_plus_sign: Use Python-jose instead of PyJWT
as it has some extra functionalities and features
* :sparkles: Add/update scripts for test, lint, format
* :wrench: Update lint and format configs
* :art: Update import format, comments, and types
* :art: Add types to config
* :sparkles: Add types for all the code, and small fixes
* :art: Use global imports to simplify exploring with Jupyter
* :recycle: Import schemas and models, instead of each class
* :truck: Rename db_session to db for simplicity
* :pushpin: Update dependencies installation for testing
2020-04-20 19:03:13 +02:00
|
|
|
args:
|
|
|
|
|
INSTALL_DEV: ${INSTALL_DEV-false}
|
2020-04-19 16:44:12 +02:00
|
|
|
deploy:
|
|
|
|
|
labels:
|
|
|
|
|
- traefik.enable=true
|
2020-05-24 23:35:49 +02:00
|
|
|
- traefik.constraint-label-stack=${TRAEFIK_TAG}
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-backend-http.rule=PathPrefix(`/api`) || PathPrefix(`/docs`) || PathPrefix(`/redoc`)
|
|
|
|
|
- traefik.http.services.${STACK_NAME}-backend.loadbalancer.server.port=80
|
2020-04-19 16:44:12 +02:00
|
|
|
|
|
|
|
|
celeryworker:
|
|
|
|
|
image: '${DOCKER_IMAGE_CELERYWORKER}:${TAG-latest}'
|
|
|
|
|
depends_on:
|
|
|
|
|
- db
|
|
|
|
|
- queue
|
|
|
|
|
env_file:
|
|
|
|
|
- .env
|
|
|
|
|
environment:
|
|
|
|
|
- SERVER_NAME=${DOMAIN}
|
|
|
|
|
- SERVER_HOST=https://${DOMAIN}
|
|
|
|
|
# Allow explicit env var override for tests
|
|
|
|
|
- SMTP_HOST=${SMTP_HOST}
|
|
|
|
|
build:
|
|
|
|
|
context: ./backend
|
|
|
|
|
dockerfile: celeryworker.dockerfile
|
:recycle: Refactor backend, settings, DB sessions, types, configs, plugins (#158)
* :recycle: Refactor backend, update DB session handling
* :sparkles: Add mypy config and plugins
* :heavy_plus_sign: Use Python-jose instead of PyJWT
as it has some extra functionalities and features
* :sparkles: Add/update scripts for test, lint, format
* :wrench: Update lint and format configs
* :art: Update import format, comments, and types
* :art: Add types to config
* :sparkles: Add types for all the code, and small fixes
* :art: Use global imports to simplify exploring with Jupyter
* :recycle: Import schemas and models, instead of each class
* :truck: Rename db_session to db for simplicity
* :pushpin: Update dependencies installation for testing
2020-04-20 19:03:13 +02:00
|
|
|
args:
|
|
|
|
|
INSTALL_DEV: ${INSTALL_DEV-false}
|
2020-04-19 16:44:12 +02:00
|
|
|
|
|
|
|
|
frontend:
|
|
|
|
|
image: '${DOCKER_IMAGE_FRONTEND}:${TAG-latest}'
|
|
|
|
|
build:
|
|
|
|
|
context: ./frontend
|
|
|
|
|
args:
|
|
|
|
|
FRONTEND_ENV: ${FRONTEND_ENV-production}
|
|
|
|
|
deploy:
|
|
|
|
|
labels:
|
|
|
|
|
- traefik.enable=true
|
2020-05-24 23:35:49 +02:00
|
|
|
- traefik.constraint-label-stack=${TRAEFIK_TAG}
|
|
|
|
|
- traefik.http.routers.${STACK_NAME}-frontend-http.rule=PathPrefix(`/`)
|
|
|
|
|
- traefik.http.services.${STACK_NAME}-frontend.loadbalancer.server.port=80
|
2020-04-19 16:44:12 +02:00
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
app-db-data:
|
|
|
|
|
|
|
|
|
|
networks:
|
|
|
|
|
traefik-public:
|
|
|
|
|
# Allow setting it to false for testing
|
|
|
|
|
external: ${TRAEFIK_PUBLIC_NETWORK_IS_EXTERNAL-true}
|
