-
Notifications
You must be signed in to change notification settings - Fork 6
/
docker-compose.prod.yml
140 lines (126 loc) · 4.19 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
version: '3.8'
name: simple-file-sharing
services:
# Main service definition
backend:
container_name: backend
build: .
command: >
sh -c "
sleep 1;
prisma-cli migrate deploy;
simple-file-sharing-backend & \
local-ssl-proxy --cert cert/localhost.cert --key cert/localhost.key --target 5555 --source 5556 & \
until npx prisma studio; do :; done;
"
environment:
# Database
DATABASE_URL: "postgres://local:password@postgres:5432/local?sslmode=require&sslcert=../cert/rootCA.pem&sslidentity=../cert/localhost.p12&sslpassword=localhost"
# Backend environment variables
# Port is the backend's running port
PORT: 8000
# Hostname
HOSTNAME: "localhost" # default is localhost
# Enable HTTPS
HTTPS: true
SSL_CERT: cert/localhost.cert
SSL_KEY: cert/localhost.key
# Origin is the frontend's address, to use with CORS
ORIGIN: "http://localhost:5000"
# Token secrets
ACCESS_TOKEN_SECRET: "access-token-secret"
REFRESH_TOKEN_SECRET: "refresh-token-secret"
# Secret key used to encrypt file ids for temporary access
SHARE_KEY_SECRET: "local-share-key"
# AWS S3 tokens
AWS_ACCESS_KEY_ID: "local-access-key"
AWS_SECRET_ACCESS_KEY: "local-secret-key"
AWS_BUCKET_NAME: "sfs-storage"
AWS_REGION: "us-east-1"
# If you set MINIO to true, make sure to also provide ENDPOINT
# Minio enable
MINIO: true
# Minio endpoint
ENDPOINT: "https://minio:9000"
ports:
- "8000:8000" # Backend endpoint
- "5556:5556" # Prisma studio
depends_on:
- postgres
- minio
# Postgres GUI
postgres-gui:
container_name: postgres-gui
image: dpage/pgadmin4
ports:
# - "5050:80"
- "5050:443"
environment:
PGADMIN_DEFAULT_EMAIL: [email protected]
PGADMIN_DEFAULT_PASSWORD: password
PGADMIN_ENABLE_TLS: true
volumes:
# Enabling HTTPS
- ./cert/localhost.cert:/certs/server.cert
- ./cert/localhost.key:/certs/server.key
# Load config file
# - ./servers.json:/pgadmin4/servers.json
- ./servers-ssl.json:/pgadmin4/servers.json
depends_on:
- postgres
# Database service definition
postgres:
container_name: postgres
image: postgres:latest
environment:
POSTGRES_USER: local
POSTGRES_PASSWORD: password
POSTGRES_DB: local
ports:
- "5432:5432"
command: >
-c ssl=on
-c ssl_cert_file=/var/lib/postgresql/server.cert
-c ssl_key_file=/var/lib/postgresql/server.key
volumes:
# - ./data/postgres:/var/lib/postgresql/data
- ./cert/localhost.cert:/var/lib/postgresql/server.cert
- ./cert/localhost.key:/var/lib/postgresql/server.key
# Minio service definition
minio:
container_name: minio
image: minio/minio:latest
ports:
- "9000:9000"
- "9090:9090"
# volumes:
# - ./data/minio:/data
environment:
MINIO_ROOT_USER: admin
MINIO_ROOT_PASSWORD: password
command: server /data --console-address ":9090" --certs-dir "/certs"
volumes:
# - ./data/minio:/data
# Certs for console
- ./cert/localhost.cert:/certs/public.crt
- ./cert/localhost.key:/certs/private.key
# Certs for MinIO client to access
- ./cert/minio/public.crt:/certs/minio/public.crt
- ./cert/minio/private.key:/certs/minio/private.key
# Create default bucket on Minio startup
createbucket:
container_name: create_bucket_task
image: minio/mc:latest
depends_on:
- minio
entrypoint: >
/bin/sh -c "
/usr/bin/mc --insecure alias set minio https://minio:9000 admin password;
/usr/bin/mc --insecure mb minio/sfs-storage;
/usr/bin/mc --insecure anonymous set public minio/sfs-storage;
/usr/bin/mc --insecure admin user svcacct add \
--access-key local-access-key \
--secret-key local-secret-key \
minio \
admin;
"