-
Notifications
You must be signed in to change notification settings - Fork 13
/
docker-production.yml
84 lines (81 loc) · 2.46 KB
/
docker-production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# Stack Definition for Production
services:
# Redis is used to back our worker queues. It is not exposed.
redis:
image: redis:7.0.10-alpine3.17@sha256:0859ed47321d2d26a3f53bca47b76fb7970ea2512ca3a379926dc965880e442e
volumes:
- redis-data:/data
deploy:
placement:
# We run the redis instance on the manager node only
constraints: [node.role == manager]
logging:
# Use journald log driver, see:
# https://docs.docker.com/config/containers/logging/journald/
driver: journald
options:
tag: redis
mycustomdomain:
# Production runs the most recent release built for production
image: ghcr.io/developingspace/starchart:production
depends_on:
- redis
ports:
- 8080:8080
environment:
- APP_URL=https://mycustomdomain.senecacollege.ca
- AWS_ROUTE53_HOSTED_ZONE_ID=Z06191131OO53SNFL465G
- LETS_ENCRYPT_DIRECTORY_URL=https://acme-v02.api.letsencrypt.org/directory
- LOG_LEVEL=info
- NODE_ENV=production
- PORT=8080
- REDIS_URL=redis://redis:6379
- ROOT_DOMAIN=mystudentproject.ca
- USER_DNS_RECORD_LIMIT=10
secrets:
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- DATABASE_URL
- LETS_ENCRYPT_ACCOUNT_PRIVATE_KEY_PEM
- NOTIFICATIONS_USERNAME
- NOTIFICATIONS_PASSWORD
- SESSION_SECRET
deploy:
mode: replicated
replicas: 2
rollback_config:
# Rollback all containers at once if a deploy fails
parallelism: 0
failure_action: rollback
update_config:
# Stop all existing containers, then update one container at a time,
# waiting 20s between each. If something fails, rollback to last-known-good.
parallelism: 1
delay: 20s
failure_action: rollback
order: stop-first
logging:
# Use journald log driver, see:
# https://docs.docker.com/config/containers/logging/journald/
driver: journald
options:
tag: mycustomdomain
secrets:
AWS_ACCESS_KEY_ID:
external: true
AWS_SECRET_ACCESS_KEY:
external: true
DATABASE_URL:
external: true
LETS_ENCRYPT_ACCOUNT_PRIVATE_KEY_PEM:
external: true
NOTIFICATIONS_USERNAME:
external: true
NOTIFICATIONS_PASSWORD:
external: true
SESSION_SECRET:
external: true
volumes:
redis-data: