-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yaml
143 lines (130 loc) · 4.13 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
x-django:
&default-django
image: git.ubuntu-eu.org/ubuntuusers/inyokaproject
environment:
DJANGO_SETTINGS_MODULE: production_settings
secrets:
- inyoka-postgres-password
- inyoka-redis-password
- inyoka-secret-key
- inyoka-secret-key-fallback
- inyoka-akismet-key
- inyoka-sentry-dsn
configs:
- source: inyoka-config
target: /inyoka/code/production_settings.py
- inyoka-base-domain
- inyoka-media-domain
- inyoka-static-domain
volumes:
- media-files:/srv/www/media
services:
postgres:
# pin postgres major version to prevent unexpected database migrations
# debian image is used, as alpine can have problems with locals
# see https://github.com/docker-library/docs/blob/master/postgres/README.md#locale-customization
image: docker.io/library/postgres:14.13-bookworm
environment:
POSTGRES_DB: inyoka
# TODO defines superuser name -> do not use superuser from inyoka?
POSTGRES_USER: inyoka
POSTGRES_PASSWORD_FILE: /run/secrets/inyoka-postgres-password
POSTGRES_HOST_AUTH_METHOD: "scram-sha-256"
POSTGRES_INITDB_ARGS: "--data-checksums"
# https://github.com/docker-library/postgres/blob/a83005b407ee6d810413500d8a041c957fb10cf0/14/bullseye/Dockerfile#L211-L213
# https://www.postgresql.org/docs/14/server-start.html suggests no timeout
stop_grace_period: 5m
command: postgres -c 'config_file=/etc/postgresql/postgresql.conf'
configs:
- source: postgres-config
target: /etc/postgresql/postgresql.conf
secrets:
- inyoka-postgres-password
volumes:
- postgres-data:/var/lib/postgresql/data
# increase shared memory like recommended at https://github.com/docker-library/docs/blob/master/postgres/README.md#caveats
# shm_size is not supported in docker swarm
# workaround: https://github.com/moby/moby/issues/26714#issuecomment-579820612
- type: tmpfs
target: /dev/shm
tmpfs:
size: 268435456
inyoka-worker:
<< : *default-django
command: /inyoka/venv/bin/gunicorn -b 0.0.0.0:8000 --workers 24 --max-requests 500 inyoka.wsgi:application
redis:
image: docker.io/library/redis:7.2.6-alpine
command: redis-server /etc/redis/redis.conf
configs:
- source: redis-config
target: /etc/redis/redis.conf
uid: "999" # see `id redis` inside the redis container
gid: "1000"
mode: 0440
secrets:
- inyoka-redis-password
volumes:
- redis-data:/data
celeryworker:
<< : *default-django
command: /inyoka/venv/bin/celery --app=inyoka worker --loglevel=INFO --concurrency=8
celerybeat:
<< : *default-django
command: /inyoka/venv/bin/celery --app=inyoka beat --pidfile /tmp/celerybeat.pid --loglevel=INFO --schedule /volume/celerybeat-schedule/celerybeat-schedule
volumes:
- celerybeat-schedule:/volume/celerybeat-schedule
caddy:
image: git.ubuntu-eu.org/ubuntuusers/caddy-inyoka
volumes:
- caddy_data:/data
- caddy_config:/config
- media-files:/srv/www/media:ro
configs:
- source: Caddyfile
target: /etc/caddy/Caddyfile
- caddy-email
- inyoka-base-domain
- inyoka-media-domain
- inyoka-static-domain
configs:
inyoka-config:
file: ./production_settings.py
template_driver: golang
postgres-config:
file: ./postgres.conf
template_driver: golang
redis-config:
file: ./redis.conf
template_driver: golang
Caddyfile:
file: ./Caddyfile
template_driver: golang
inyoka-base-domain:
external: true
inyoka-media-domain:
external: true
inyoka-static-domain:
external: true
caddy-email:
external: true
secrets:
inyoka-postgres-password:
external: true
inyoka-redis-password:
external: true
inyoka-secret-key:
external: true
inyoka-secret-key-fallback:
external: true
inyoka-akismet-key:
external: true
inyoka-sentry-dsn:
external: true
# https://docs.docker.com/compose/compose-file/compose-file-v3/#volume-configuration-reference
volumes:
celerybeat-schedule: {}
postgres-data: {}
redis-data: {}
media-files: {}
caddy_data: {}
caddy_config: {}