forked from debiki/talkyard-prod-one
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
85 lines (79 loc) · 2.77 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
version: '2'
services:
web:
image: debiki/ed-web:$VERSION_TAG
command: nginx
restart: always
volumes:
- ./data/uploads/:/opt/ed/uploads/:ro
- ./conf/web/listen.conf:/etc/nginx/listen.conf:ro
#- ./conf/web/default-site/:/etc/nginx/default-site/:ro
- ./data/sites-enabled/:/etc/nginx/sites-enabled/:ro
- ./data/certbot/:/etc/certbot/:ro
- ./data/certbot-challenges/.well-known/:/opt/nginx/html/.well-known/:ro
# Mount here so standard monitoring tools looking for Nginx logs will work.
- /var/log/nginx/:/var/log/nginx/
ports:
- '80:80'
- '443:443'
depends_on:
- app
# (todo)
# This is a tiny Rust web server to which one POSTs /make-cert?domain=www.example.com
# and which then calls Bash & certbot. The resulting cert is mounted :ro in Nginx, above.
#certbot:
# image: debiki/ed-certbot:$VERSION_TAG
# command: certbot-server
# restart: always
# volumes:
# - ./data/certbot/:/etc/certbot/
# - ./data/certbot-challenges/.well-known/:/opt/webserver/html/.well-known/
#
# todo:
# docker-compose run --rm certbot certbot ... ?
app:
image: debiki/ed-app:$VERSION_TAG
restart: always
stdin_open: true # otherwise Play Framework exits
volumes:
- ./conf/app/:/opt/ed/app-conf/:ro
- ./data/uploads/:/opt/ed/uploads/
links:
- cache
- rdb
- search
environment:
CONFIG_FILE: /opt/ed/app-conf/play.conf
POSTGRES_PASSWORD: '$POSTGRES_PASSWORD'
# SHOULD build my own Redis image for this, so I can auto upgrade the Redis config
# by bumping the $VERSION_TAG.
cache:
image: redis:3.0.7-alpine
restart: always
volumes:
- ./data/cache/:/data/
- /var/log/redis/:/var/log/redis/
rdb:
image: debiki/ed-rdb:$VERSION_TAG
restart: always
volumes:
- ./data/rdb/:/var/lib/postgresql/data/
# Mount here so standard monitoring tools configured to find Postgres logs here will work.
# (Inside the container, we don't mount in /var/lib/postgresql/data/pg_log/ because
# then Postgres would refuse to create a db in data/, because data/ wouldn't be empty.)
- /var/log/postgresql/:/var/log/postgresql/
environment:
POSTGRES_PASSWORD: '$POSTGRES_PASSWORD'
# Optionally, streaming replication peer:
# (but you'll need to rename ./postgres-data/recovery.conf.disabled first — and
# that file isn't created until you start Postgres)
# PEER_HOST: 'postgres2'
# PEER_PORT: '5432'
# PEER_PASSWORD: '...'
search:
image: elasticsearch:5.0.0-alpha4
restart: always
volumes:
- ./conf/search/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
- ./data/search/:/usr/share/elasticsearch/data/
# vim: et ts=2 sw=2