diff --git a/src/docker-compose.override.yml b/src/docker-compose.override.yml index 256a684..6e12f41 100644 --- a/src/docker-compose.override.yml +++ b/src/docker-compose.override.yml @@ -5,6 +5,7 @@ services: ports: - "80:80" - "8090:8080" + # Duplicate the command from docker-compose.yml to add --api.insecure=true command: # Enable Docker in Traefik, so that it reads labels from Docker services - --providers.docker @@ -13,8 +14,6 @@ services: - --providers.docker.constraints=Label(`traefik.constraint-label-stack`, `${TRAEFIK_TAG?Variable not set}`) # Do not expose all Docker services, only the ones explicitly exposed - --providers.docker.exposedbydefault=false - # Disable Docker Swarm mode for local development - # - --providers.docker.swarmmode # Enable the access log, with HTTP requests - --accesslog # Enable the Traefik log, for configurations and errors @@ -24,7 +23,6 @@ services: # Enable the Dashboard and API in insecure mode for local development - --api.insecure=true labels: - - traefik.enable=true - traefik.http.routers.${STACK_NAME?Variable not set}-traefik-public-http.rule=Host(`${DOMAIN?Variable not set}`) - traefik.http.services.${STACK_NAME?Variable not set}-traefik-public.loadbalancer.server.port=80 @@ -36,13 +34,12 @@ services: ports: - "5050:5050" - # Uncomment the section below to be able to debug locally - # queue: - # ports: - # - "5671:5671" - # - "5672:5672" - # - "15672:15672" - # - "15671:15671" + queue: + ports: + - "5671:5671" + - "5672:5672" + - "15672:15672" + - "15671:15671" flower: ports: @@ -62,13 +59,8 @@ services: args: INSTALL_DEV: ${INSTALL_DEV-true} INSTALL_JUPYTER: ${INSTALL_JUPYTER-true} - # command: bash -c "while true; do sleep 1; done" # Infinite loop to keep container live doing nothing + # command: sleep infinity # Infinite loop to keep container alive doing nothing command: /start-reload.sh - labels: - - traefik.enable=true - - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} - - traefik.http.routers.${STACK_NAME?Variable not set}-backend-http.rule=PathPrefix(`/api`) || PathPrefix(`/docs`) || PathPrefix(`/redoc`) - - traefik.http.services.${STACK_NAME?Variable not set}-backend.loadbalancer.server.port=80 celeryworker: volumes: @@ -90,20 +82,8 @@ services: args: FRONTEND_ENV: dev labels: - - traefik.enable=true - - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} # - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-http.rule=PathPrefix(`/`) - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-http.rule=Host(`old-frontend.localhost.tiangolo.com`) - - traefik.http.services.${STACK_NAME?Variable not set}-frontend.loadbalancer.server.port=80 - -# new-frontend: -# build: -# context: ./new-frontend -# labels: -# - traefik.enable=true -# - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} -# - traefik.http.routers.${STACK_NAME?Variable not set}-new-frontend-http.rule=PathPrefix(`/`) -# - traefik.http.services.${STACK_NAME?Variable not set}-new-frontend.loadbalancer.server.port=80 networks: traefik-public: diff --git a/src/docker-compose.yml b/src/docker-compose.yml index 39cccb0..dca0638 100644 --- a/src/docker-compose.yml +++ b/src/docker-compose.yml @@ -16,57 +16,51 @@ services: - --providers.docker.constraints=Label(`traefik.constraint-label-stack`, `${TRAEFIK_TAG?Variable not set}`) # Do not expose all Docker services, only the ones explicitly exposed - --providers.docker.exposedbydefault=false - # Enable Docker Swarm mode - - --providers.docker.swarmmode # Enable the access log, with HTTP requests - --accesslog # Enable the Traefik log, for configurations and errors - --log # Enable the Dashboard and API - --api - deploy: - placement: - constraints: - - node.role == manager - labels: - # Enable Traefik for this service, to make it available in the public network - - traefik.enable=true - # Use the traefik-public network (declared below) - - traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK?Variable not set} - # Use the custom label "traefik.constraint-label=traefik-public" - # This public Traefik will only use services with this label - - traefik.constraint-label=${TRAEFIK_PUBLIC_TAG?Variable not set} - # traefik-http set up only to use the middleware to redirect to https - - traefik.http.middlewares.${STACK_NAME?Variable not set}-https-redirect.redirectscheme.scheme=https - - traefik.http.middlewares.${STACK_NAME?Variable not set}-https-redirect.redirectscheme.permanent=true - # Handle host with and without "www" to redirect to only one of them - # Uses environment variable DOMAIN - # To disable www redirection remove the Host() you want to discard, here and - # below for HTTPS - - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-http.rule=Host(`${DOMAIN?Variable not set}`) || Host(`www.${DOMAIN?Variable not set}`) - - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-http.entrypoints=http - # traefik-https the actual router using HTTPS - - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.rule=Host(`${DOMAIN?Variable not set}`) || Host(`www.${DOMAIN?Variable not set}`) - - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.entrypoints=https - - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.tls=true - # Use the "le" (Let's Encrypt) resolver created below - - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.tls.certresolver=le - # Define the port inside of the Docker service to use - - traefik.http.services.${STACK_NAME?Variable not set}-proxy.loadbalancer.server.port=80 - # Handle domain with and without "www" to redirect to only one - # To disable www redirection remove the next line - - traefik.http.middlewares.${STACK_NAME?Variable not set}-www-redirect.redirectregex.regex=^https?://(www.)?(${DOMAIN?Variable not set})/(.*) - # Redirect a domain with www to non-www - # To disable it remove the next line - - traefik.http.middlewares.${STACK_NAME?Variable not set}-www-redirect.redirectregex.replacement=https://${DOMAIN?Variable not set}/$${3} - # Redirect a domain without www to www - # To enable it remove the previous line and uncomment the next - # - traefik.http.middlewares.${STACK_NAME}-www-redirect.redirectregex.replacement=https://www.${DOMAIN}/$${3} - # Middleware to redirect www, to disable it remove the next line - - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.middlewares=${STACK_NAME?Variable not set}-www-redirect - # Middleware to redirect www, and redirect HTTP to HTTPS - # to disable www redirection remove the section: ${STACK_NAME?Variable not set}-www-redirect, - - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-http.middlewares=${STACK_NAME?Variable not set}-www-redirect,${STACK_NAME?Variable not set}-https-redirect + labels: + # Enable Traefik for this service, to make it available in the public network + - traefik.enable=true + # Use the traefik-public network (declared below) + - traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK?Variable not set} + # Use the custom label "traefik.constraint-label=traefik-public" + # This public Traefik will only use services with this label + - traefik.constraint-label=${TRAEFIK_PUBLIC_TAG?Variable not set} + # traefik-http set up only to use the middleware to redirect to https + - traefik.http.middlewares.${STACK_NAME?Variable not set}-https-redirect.redirectscheme.scheme=https + - traefik.http.middlewares.${STACK_NAME?Variable not set}-https-redirect.redirectscheme.permanent=true + # Handle host with and without "www" to redirect to only one of them + # Uses environment variable DOMAIN + # To disable www redirection remove the Host() you want to discard, here and + # below for HTTPS + - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-http.rule=Host(`${DOMAIN?Variable not set}`) || Host(`www.${DOMAIN?Variable not set}`) + - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-http.entrypoints=http + # traefik-https the actual router using HTTPS + - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.rule=Host(`${DOMAIN?Variable not set}`) || Host(`www.${DOMAIN?Variable not set}`) + - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.entrypoints=https + - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.tls=true + # Use the "le" (Let's Encrypt) resolver created below + - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.tls.certresolver=le + # Define the port inside of the Docker service to use + - traefik.http.services.${STACK_NAME?Variable not set}-proxy.loadbalancer.server.port=80 + # Handle domain with and without "www" to redirect to only one + # To disable www redirection remove the next line + - traefik.http.middlewares.${STACK_NAME?Variable not set}-www-redirect.redirectregex.regex=^https?://(www.)?(${DOMAIN?Variable not set})/(.*) + # Redirect a domain with www to non-www + # To disable it remove the next line + - traefik.http.middlewares.${STACK_NAME?Variable not set}-www-redirect.redirectregex.replacement=https://${DOMAIN?Variable not set}/$${3} + # Redirect a domain without www to www + # To enable it remove the previous line and uncomment the next + # - traefik.http.middlewares.${STACK_NAME}-www-redirect.redirectregex.replacement=https://www.${DOMAIN}/$${3} + # Middleware to redirect www, to disable it remove the next line + - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-https.middlewares=${STACK_NAME?Variable not set}-www-redirect + # Middleware to redirect www, and redirect HTTP to HTTPS + # to disable www redirection remove the section: ${STACK_NAME?Variable not set}-www-redirect, + - traefik.http.routers.${STACK_NAME?Variable not set}-proxy-http.middlewares=${STACK_NAME?Variable not set}-www-redirect,${STACK_NAME?Variable not set}-https-redirect db: image: postgres:12 @@ -76,10 +70,6 @@ services: - .env environment: - PGDATA=/var/lib/postgresql/data/pgdata - deploy: - placement: - constraints: - - node.labels.${STACK_NAME?Variable not set}.app-db-data == true pgadmin: image: dpage/pgadmin4 @@ -90,19 +80,18 @@ services: - db env_file: - .env - deploy: - labels: - - traefik.enable=true - - traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK?Variable not set} - - traefik.constraint-label=${TRAEFIK_PUBLIC_TAG?Variable not set} - - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-http.rule=Host(`pgadmin.${DOMAIN?Variable not set}`) - - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-http.entrypoints=http - - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-http.middlewares=${STACK_NAME?Variable not set}-https-redirect - - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-https.rule=Host(`pgadmin.${DOMAIN?Variable not set}`) - - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-https.entrypoints=https - - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-https.tls=true - - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-https.tls.certresolver=le - - traefik.http.services.${STACK_NAME?Variable not set}-pgadmin.loadbalancer.server.port=5050 + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK?Variable not set} + - traefik.constraint-label=${TRAEFIK_PUBLIC_TAG?Variable not set} + - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-http.rule=Host(`pgadmin.${DOMAIN?Variable not set}`) + - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-http.entrypoints=http + - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-http.middlewares=${STACK_NAME?Variable not set}-https-redirect + - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-https.rule=Host(`pgadmin.${DOMAIN?Variable not set}`) + - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-https.entrypoints=https + - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-https.tls=true + - traefik.http.routers.${STACK_NAME?Variable not set}-pgadmin-https.tls.certresolver=le + - traefik.http.services.${STACK_NAME?Variable not set}-pgadmin.loadbalancer.server.port=5050 queue: image: rabbitmq:3 @@ -123,19 +112,18 @@ services: # For the "Broker" tab to work in the flower UI, uncomment the following command argument, # and change the queue service's image as well # - "--broker_api=http://guest:guest@queue:15672/api//" - deploy: - labels: - - traefik.enable=true - - traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK?Variable not set} - - traefik.constraint-label=${TRAEFIK_PUBLIC_TAG?Variable not set} - - traefik.http.routers.${STACK_NAME?Variable not set}-flower-http.rule=Host(`flower.${DOMAIN?Variable not set}`) - - traefik.http.routers.${STACK_NAME?Variable not set}-flower-http.entrypoints=http - - traefik.http.routers.${STACK_NAME?Variable not set}-flower-http.middlewares=${STACK_NAME?Variable not set}-https-redirect - - traefik.http.routers.${STACK_NAME?Variable not set}-flower-https.rule=Host(`flower.${DOMAIN?Variable not set}`) - - traefik.http.routers.${STACK_NAME?Variable not set}-flower-https.entrypoints=https - - traefik.http.routers.${STACK_NAME?Variable not set}-flower-https.tls=true - - traefik.http.routers.${STACK_NAME?Variable not set}-flower-https.tls.certresolver=le - - traefik.http.services.${STACK_NAME?Variable not set}-flower.loadbalancer.server.port=5555 + labels: + - traefik.enable=true + - traefik.docker.network=${TRAEFIK_PUBLIC_NETWORK?Variable not set} + - traefik.constraint-label=${TRAEFIK_PUBLIC_TAG?Variable not set} + - traefik.http.routers.${STACK_NAME?Variable not set}-flower-http.rule=Host(`flower.${DOMAIN?Variable not set}`) + - traefik.http.routers.${STACK_NAME?Variable not set}-flower-http.entrypoints=http + - traefik.http.routers.${STACK_NAME?Variable not set}-flower-http.middlewares=${STACK_NAME?Variable not set}-https-redirect + - traefik.http.routers.${STACK_NAME?Variable not set}-flower-https.rule=Host(`flower.${DOMAIN?Variable not set}`) + - traefik.http.routers.${STACK_NAME?Variable not set}-flower-https.entrypoints=https + - traefik.http.routers.${STACK_NAME?Variable not set}-flower-https.tls=true + - traefik.http.routers.${STACK_NAME?Variable not set}-flower-https.tls.certresolver=le + - traefik.http.services.${STACK_NAME?Variable not set}-flower.loadbalancer.server.port=5555 backend: image: '${DOCKER_IMAGE_BACKEND?Variable not set}:${TAG-latest}' @@ -153,12 +141,11 @@ services: dockerfile: backend.dockerfile args: INSTALL_DEV: ${INSTALL_DEV-false} - deploy: - labels: - - traefik.enable=true - - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} - - traefik.http.routers.${STACK_NAME?Variable not set}-backend-http.rule=PathPrefix(`/api`) || PathPrefix(`/docs`) || PathPrefix(`/redoc`) - - traefik.http.services.${STACK_NAME?Variable not set}-backend.loadbalancer.server.port=80 + labels: + - traefik.enable=true + - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} + - traefik.http.routers.${STACK_NAME?Variable not set}-backend-http.rule=PathPrefix(`/api`) || PathPrefix(`/docs`) || PathPrefix(`/redoc`) + - traefik.http.services.${STACK_NAME?Variable not set}-backend.loadbalancer.server.port=80 celeryworker: image: '${DOCKER_IMAGE_CELERYWORKER?Variable not set}:${TAG-latest}' @@ -184,24 +171,21 @@ services: context: ./frontend args: FRONTEND_ENV: ${FRONTEND_ENV-production} - deploy: - labels: - - traefik.enable=true - - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} - - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-http.rule=PathPrefix(`/`) - - traefik.http.services.${STACK_NAME?Variable not set}-frontend.loadbalancer.server.port=80 + labels: + - traefik.enable=true + - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} + - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-http.rule=PathPrefix(`/`) + - traefik.http.services.${STACK_NAME?Variable not set}-frontend.loadbalancer.server.port=80 # new-frontend: # image: '${DOCKER_IMAGE_NEW_FRONTEND?Variable not set}:${TAG-latest}' # build: # context: ./new-frontend -# deploy: -# labels: -# - traefik.enable=true -# - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} -# - traefik.http.routers.${STACK_NAME?Variable not set}-new-frontend-http.rule=PathPrefix(`/`) -# - traefik.http.services.${STACK_NAME?Variable not set}-new-frontend.loadbalancer.server.port=80 - + # labels: + # - traefik.enable=true + # - traefik.constraint-label-stack=${TRAEFIK_TAG?Variable not set} + # - traefik.http.routers.${STACK_NAME?Variable not set}-new-frontend-http.rule=PathPrefix(`/`) + # - traefik.http.services.${STACK_NAME?Variable not set}-new-frontend.loadbalancer.server.port=80 volumes: app-db-data: