mirror of https://github.com/MieuxVoter/mvapi
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
209 lines
6.1 KiB
209 lines
6.1 KiB
version: '3.9'
|
|
|
|
services:
|
|
mj_db:
|
|
image: postgres:15.1
|
|
restart: unless-stopped
|
|
hostname: mj_db
|
|
healthcheck:
|
|
start_period: 10s
|
|
test: ["CMD", "pg_isready", "-U", "postgres"]
|
|
interval: 30s
|
|
environment:
|
|
- POSTGRES_USER=${DB_USER:-mj}
|
|
- POSTGRES_PASSWORD=$DB_PASS
|
|
- POSTGRES_DB=${DB_NAME:-mj}
|
|
- TZ=${TIMEZONE:-Europe/Paris}
|
|
networks:
|
|
- lan
|
|
volumes:
|
|
- db:/var/lib/mysql
|
|
|
|
mj_api:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/Dockerfile
|
|
image: majority-judgment/api-python:latest
|
|
restart: unless-stopped
|
|
# TODO remove reload
|
|
command: uvicorn app.main:app --host 0.0.0.0 --port 8877 --proxy-headers --env-file ${ENV_FILE:-.env.local} --reload
|
|
healthcheck:
|
|
start_period: 30s
|
|
test: ['CMD-SHELL', 'curl localhost:8877/liveness -s -f -o /dev/null || exit 1']
|
|
interval: 30s
|
|
retries: 5
|
|
depends_on:
|
|
mj_db:
|
|
condition: service_healthy
|
|
volumes:
|
|
- .:/code
|
|
networks:
|
|
- lan
|
|
- traefik_network
|
|
environment:
|
|
POSTGRES_USER: ${DB_USER:-mj}
|
|
POSTGRES_PASSWORD: $DB_PASS
|
|
POSTGRES_DB: ${DB_NAME:-mj}
|
|
POSTGRES_HOST: mj_db
|
|
TZ: ${TIMEZONE:-Europe/Paris}
|
|
ALLOWED_ORIGINS: ${ALLOWED_ORIGINS:-["*"]}
|
|
SECRET: $SECRET
|
|
ports:
|
|
- 8877:8877
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik_network"
|
|
- "traefik.http.routers.mj.entrypoints=web,websecure"
|
|
- "traefik.http.routers.mj.rule=Host(`${API_PREFIX:-api}.${DOMAIN}`)"
|
|
- "traefik.http.services.mj.loadbalancer.server.port=8877"
|
|
- "traefik.http.routers.mj.tls=true"
|
|
- "traefik.http.routers.mj.tls.certresolver=leresolver"
|
|
|
|
mj_restic:
|
|
profiles:
|
|
- backup
|
|
- all
|
|
depends_on:
|
|
- mj_db
|
|
image: restic
|
|
networks:
|
|
- lan
|
|
build:
|
|
context: ./docker/restic
|
|
dockerfile: Dockerfile
|
|
args:
|
|
RESTIC_INIT_ARGS: $RESTIC_INIT_ARGS
|
|
RESTIC_PASSWORD: $RESTIC_PASSWORD
|
|
restart: unless-stopped
|
|
volumes:
|
|
- db:/data/db
|
|
- imgpush:/data/images
|
|
environment:
|
|
- TZ=${TIMEZONE:-Europe/Paris}
|
|
- RESTIC_REPOSITORY=$RESTIC_REPOSITORY
|
|
- BACKUP_CRON=${RESTIC_BACKUP_CRON:-0 0 * * *}
|
|
- RESTIC_FORGET_ARGS=--prune --keep-last 1 --keep-daily 1
|
|
- AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
|
|
- AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
|
|
- MAILX_ARGS=-r '${RESTIC_SEND_MAIL}' -s 'Result of the last restic backup run' -S smtp='${SMTP_HOST}:${SMTP_PORT;-587}' -S smtp-use-starttls -S smtp-auth=login -S smtp-auth-user='${SMTP_USER}' -S smtp-auth-password='${SMTP_PASS}' '${RESTIC_DEST_MAIL}'
|
|
|
|
mj_imgpush:
|
|
profiles:
|
|
- image
|
|
- all
|
|
image: hauxir/imgpush:latest
|
|
restart: unless-stopped
|
|
environment:
|
|
PUID: $PUID
|
|
PGID: $PUID
|
|
TZ: ${TIMEZONE:-Europe/Paris}
|
|
IMAGES_DIR: /images
|
|
MAX_SIZE_MB: 16
|
|
MAX_UPLOADS_PER_DAY: 100
|
|
MAX_UPLOADS_PER_HOUR: 100
|
|
MAX_UPLOADS_PER_MINUTE: 10
|
|
ALLOWED_ORIGINS: ${ALLOWED_ORIGINS:-["*"]}
|
|
VALID_SIZES: ${VALID_SIZES:-"[100,200,300]"}
|
|
NAME_STRATEGY: "uuidv4"
|
|
healthcheck:
|
|
start_period: 0s
|
|
test: ['CMD-SHELL', 'curl localhost:5000/liveness -s -f -o /dev/null || exit 1']
|
|
interval: 30s
|
|
networks:
|
|
- lan
|
|
- traefik_network
|
|
volumes:
|
|
- imgpush:/images
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik_network"
|
|
- "traefik.http.routers.imgpush.entrypoints=web,websecure"
|
|
- "traefik.http.routers.imgpush.rule=Host(`${IMGPUSH_PREFIX:-imgpush}.${DOMAIN}`)"
|
|
- "traefik.http.services.imgpush.loadbalancer.server.port=5000"
|
|
- "traefik.http.routers.imgpush.tls=true"
|
|
- "traefik.http.routers.imgpush.tls.certresolver=leresolver"
|
|
|
|
mj_metabase:
|
|
image: metabase/metabase
|
|
restart: unless-stopped
|
|
profiles:
|
|
- dashboard
|
|
- all
|
|
depends_on:
|
|
- mj_db
|
|
networks:
|
|
- lan
|
|
- traefik_network
|
|
environment:
|
|
MB_DB_TYPE: postgres
|
|
MB_DB_DBNAME: ${DB_NAME:-mj}
|
|
MB_DB_PORT: ${DB_PORT:-5432}
|
|
MB_DB_USER: ${DB_USER:-mj}
|
|
MB_DB_PASS: $DB_PASS
|
|
MB_DB_HOST: mj_db
|
|
TZ: ${TIMEZONE:-Europe/Paris}
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik_network"
|
|
- "traefik.http.routers.metabase.entrypoints=web,websecure"
|
|
- "traefik.http.routers.metabase.rule=Host(`${METABASE_PREFIX:-metabase}.${DOMAIN}`)"
|
|
- "traefik.http.services.metabase.loadbalancer.server.port=3000"
|
|
- "traefik.http.routers.metabase.tls=true"
|
|
- "traefik.http.routers.metabase.tls.certresolver=leresolver"
|
|
|
|
mj_admin:
|
|
image: fastapi-admin
|
|
container_name: fastapi-admin
|
|
build:
|
|
context: ./docker/fastapi-admin
|
|
dockerfile: Dockerfile
|
|
restart: unless-stopped
|
|
profiles:
|
|
- admin
|
|
- all
|
|
environment:
|
|
- TZ=${TIMEZONE:-Europe/Paris}
|
|
- DATABASE_URL=postgres://${DB_USER:-mj}:${DB_PASS}@mj_db:5432/fastapi-admin
|
|
- REDIS_URL=redis://mj_redis:6379/0
|
|
command: uvicorn examples.main:app_ --port 8000 --host 0.0.0.0
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik_network"
|
|
- "traefik.http.routers.fastapi_admin.entrypoints=web,websecure"
|
|
- "traefik.http.routers.fastapi_admin.rule=Host(`${FASTAPI_ADMIN_PREFIX:-fastapi}.${DOMAIN}`)"
|
|
- "traefik.http.services.fastapi_admin.loadbalancer.server.port=8000"
|
|
- "traefik.http.routers.fastapi_admin.tls=true"
|
|
- "traefik.http.routers.fastapi_admin.tls.certresolver=leresolver"
|
|
networks:
|
|
- lan
|
|
- traefik_network
|
|
|
|
mj_redis:
|
|
image: docker.io/bitnami/redis:7.0
|
|
hostname: mj_redis
|
|
profiles:
|
|
- admin
|
|
- all
|
|
networks:
|
|
- lan
|
|
environment:
|
|
# ALLOW_EMPTY_PASSWORD is recommended only for development.
|
|
- ALLOW_EMPTY_PASSWORD=false
|
|
- REDIS_DISABLE_COMMANDS=FLUSHDB,FLUSHALL
|
|
# ports:
|
|
# - '6379:6379'
|
|
volumes:
|
|
- 'redis_data:/bitnami/redis/data'
|
|
|
|
|
|
volumes:
|
|
imgpush:
|
|
db:
|
|
redis_data:
|
|
driver: local
|
|
|
|
networks:
|
|
lan:
|
|
traefik_network:
|
|
external: true
|