-
Notifications
You must be signed in to change notification settings - Fork 16
/
base.yml
110 lines (108 loc) · 2.91 KB
/
base.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
services:
redis:
image: redis:7-alpine
command: ["redis-server", "/usr/local/etc/redis/redis.conf"]
volumes:
- ./deploy/conf/redis.conf:/usr/local/etc/redis/redis.conf
- ./docker/shared/redis:/data
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:${ES_VERSION}
healthcheck:
test: curl -u elastic:elastic -s -f elasticsearch:9200/_cat/health >/dev/null || exit 1
interval: 30s
timeout: 10s
retries: 5
ports:
- "127.0.0.1:9200:9200"
environment:
- node.name=elasticsearch
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
deploy:
resources:
limits:
memory: 1g
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
volumes:
- ./deploy/elasticsearch.conf.d/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties
- esdata:/usr/share/elasticsearch/data
db:
image: postgis/postgis:16-3.5
secrets:
- db_password
volumes:
- ./docker/pgdata:/var/lib/postgresql/data
- ./build/secrets/db_password:/run/secrets/db_password
- ./docker/shared:/shared
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${DB_USER} -d ${DB_NAME}"]
interval: 30s
timeout: 5s
retries: 5
environment:
POSTGRES_USER: "${DB_USER}"
POSTGRES_DB: "${DB_NAME}"
POSTGRES_PASSWORD_FILE: /run/secrets/db_password
vite:
build: frontend
image: comses/vite
volumes:
- /code/node_modules
- ./docker/shared:/shared
- ./build/secrets/config.ini:/run/secrets/config.ini
server:
build: django
image: comses/server
secrets:
- datacite_api_password
- db_password
- discourse_api_key
- discourse_sso_secret
- django_secret_key
- github_client_secret
- orcid_client_secret
- hcaptcha_secret
- mail_api_key
volumes:
- ./deploy/elasticsearch.conf.d:/etc/elasticsearch
- ./docker/shared:/shared
- ./.env:/etc/environment
depends_on:
db:
condition: service_healthy
elasticsearch:
condition: service_started
redis:
condition: service_started
vite:
condition: service_started
env_file:
- ./.env
secrets:
datacite_api_password:
file: ./build/secrets/datacite_api_password
db_password:
file: ./build/secrets/db_password
discourse_api_key:
file: ./build/secrets/discourse_api_key
discourse_sso_secret:
file: ./build/secrets/discourse_sso_secret
django_secret_key:
file: ./build/secrets/django_secret_key
github_client_secret:
file: ./build/secrets/github_client_secret
hcaptcha_secret:
file: ./build/secrets/hcaptcha_secret
mail_api_key:
file: ./build/secrets/mail_api_key
orcid_client_secret:
file: ./build/secrets/orcid_client_secret
volumes:
esdata:
driver: local