forked from elpaso/qgis-feed
-
Notifications
You must be signed in to change notification settings - Fork 7
/
docker-compose-production-ssl.yml
140 lines (131 loc) · 3.65 KB
/
docker-compose-production-ssl.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
version: "3.7"
services:
postgis:
image: kartoza/postgis:16-3.4
ports:
- "5432"
environment:
POSTGRES_USER: ${QGISFEED_DOCKER_DBUSER}
POSTGRES_PASS: ${QGISFEED_DOCKER_DBPASSWORD}
POSTGRES_DBNAME: ${QGISFEED_DOCKER_DBNAME}
logging:
driver: "json-file"
options:
max-size: "200k"
max-file: "10"
restart: always
healthcheck:
test: "POSTGRES_PASS=$${QGISFEED_DOCKER_DBPASSWORD} pg_isready -h 127.0.0.1 -U ${QGISFEED_DOCKER_DBUSER} -d ${QGISFEED_DOCKER_DBNAME}"
volumes:
- ${QGISFEED_DOCKER_SHARED_VOLUME}:/var/lib/postgresql
- ${QGISFEED_BACKUP_VOLUME}:/backups
networks:
internal:
metabase:
image: metabase/metabase:v0.49.10
hostname: metabase-secrets
volumes:
- /dev/urandom:/dev/random:ro
ports:
- 3000:3000
environment:
MB_DB_TYPE: postgres
MB_DB_DBNAME: metabase
MB_DB_PORT: 5432
MB_DB_HOST: postgis
MB_DB_USER: ${QGISFEED_DOCKER_DBUSER}
MB_DB_PASS: ${QGISFEED_DOCKER_DBPASSWORD}
logging:
driver: "json-file"
options:
max-size: "200k"
max-file: "10"
restart: always
networks:
internal:
qgisfeed:
# Note you cannot scale if you use container_name
container_name: qgisfeed
image: ${QGISFEED_DOCKER_IMAGE}
build:
context: .
dockerfile: Dockerfile.production
environment:
QGISFEED_DOCKER_DBNAME: ${QGISFEED_DOCKER_DBNAME}
QGISFEED_DOCKER_DBUSER: ${QGISFEED_DOCKER_DBUSER}
QGISFEED_DOCKER_DBPASSWORD: ${QGISFEED_DOCKER_DBPASSWORD}
QGIS_FEED_PROD_URL: ${QGIS_FEED_PROD_URL}
QGISFEED_FROM_EMAIL: ${QGISFEED_FROM_EMAIL:-automation}
EMAIL_BACKEND: ${EMAIL_BACKEND}
EMAIL_HOST: ${EMAIL_HOST}
EMAIL_PORT: ${EMAIL_PORT}
EMAIL_USE_TLS: ${EMAIL_USE_TLS}
EMAIL_HOST_USER: ${EMAIL_HOST_USER:-automation}
EMAIL_HOST_PASSWORD: ${EMAIL_HOST_PASSWORD}
SENTRY_DSN: ${SENTRY_DSN}
SENTRY_RATE: ${SENTRY_RATE}
command: /code/entrypoint_production.sh
expose:
- "8000"
volumes:
- ${QGISFEED_DOCKER_SHARED_VOLUME}:/shared-volume
- ../qgis-feed:/code
depends_on:
- postgis
logging:
driver: "json-file"
options:
max-size: "200k"
max-file: "10"
restart: always
networks:
internal:
nginx:
image: nginx:latest
ports:
- "80:80"
- "443:443"
logging:
driver: "json-file"
options:
max-size: "200k"
max-file: "10"
volumes:
- ${QGISFEED_DOCKER_SHARED_VOLUME}:/shared-volume
- ./config/nginx:/etc/nginx/conf.d
- ./webroot:/var/www/webroot
- ./certbot-etc:/etc/letsencrypt
- ./certbot-var:/var/lib/letsencrypt
- ./dhparam:/etc/ssl/certs
restart: always
networks:
internal:
certbot:
image: certbot/certbot
container_name: certbot
volumes:
- ./webroot:/var/www/webroot
- ./certbot-etc:/etc/letsencrypt
- ./certbot-var:/var/lib/letsencrypt
depends_on:
- nginx
command: certonly --webroot --webroot-path=/var/www/webroot --email [email protected] --agree-tos --no-eff-email --force-renewal -d feed.qgis.org
dbbackups:
image: kartoza/pg-backup:16-3.4
environment:
DUMPPREFIX: PG_QGIS_FEED
POSTGRES_DATABASE: ${QGISFEED_DOCKER_DBNAME}
POSTGRES_HOST: postgis
POSTGRES_PASS: ${QGISFEED_DOCKER_DBPASSWORD}
POSTGRES_PORT: '5432'
POSTGRES_USER: ${QGISFEED_DOCKER_DBUSER}
volumes:
- ${QGISFEED_BACKUP_VOLUME}:/backups
restart: on-failure
depends_on:
postgis:
condition: service_healthy
networks:
internal:
networks:
internal: