-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathdocker-compose.prod.yml
99 lines (93 loc) · 2.74 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
volumes:
redis-prod:
external: false
public-prod:
external: false
uploads-prod:
external: false
postgres-prod:
external: false
letsencrypt-prod:
external: false
certbot-prod:
external: false
services:
postgres:
image: mpugach/postgres_ua:9.5
restart: always
container_name: postgres
volumes:
- postgres-prod:/var/lib/postgresql/data
environment:
POSTGRES_DB: va_db
POSTGRES_USER: postgres
redis:
image: redis:3.2.4-alpine
restart: always
container_name: redis
volumes:
- redis-prod:/data
application:
image: mpugach/akadem_students_prod:latest
command: bin/start_rails_prod.sh
restart: always
env_file: ./.ruby-env
container_name: application
expose:
- '3000'
volumes:
- public-prod:/home/app/students_crm/public_nginx
- uploads-prod:/home/app/students_crm/uploads
depends_on:
- redis
- postgres
environment:
RAILS_ENV: production
REDIS_URL: redis
RAILS_LOG_TO_STDOUT: 1
sidekiq:
image: mpugach/akadem_students_prod:latest
command: bin/start_sidekiq_prod.sh
restart: always
env_file: ./.ruby-env
container_name: sidekiq
volumes:
- public-prod:/home/app/students_crm/public_nginx
- uploads-prod:/home/app/students_crm/uploads
depends_on:
- redis
- postgres
environment:
RAILS_ENV: production
REDIS_URL: redis
RAILS_LOG_TO_STDOUT: 1
nginx:
image: nginx:1.23.3-alpine
restart: always
container_name: nginx
ports:
- '80:80'
- '443:443'
volumes:
- public-prod:/assets/public:ro
- uploads-prod:/assets/uploads:ro
- letsencrypt-prod:/etc/letsencrypt:ro
- certbot-prod:/var/www/certbot:ro
- ./nginx.conf:/etc/nginx/nginx.conf:ro
depends_on:
- application
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
# https://github.com/wmnnd/nginx-certbot
# First time certificate initialization
# certbot certonly --webroot -w /var/www/certbot --email "[email protected]" -d YOUR_DOMAIN_HERE --rsa-key-size 4096 --agree-tos --force-renewal
# cd /etc/letsencrypt
# wget https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf
# wget https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem
certbot:
image: certbot/certbot
restart: always
container_name: certbot
volumes:
- letsencrypt-prod:/etc/letsencrypt
- certbot-prod:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"