forked from rubiin/ultimate-nest
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.prod.yml
executable file
·120 lines (118 loc) · 3.7 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
version: "3.9"
services:
nestify:
container_name: nestify
env_file: "env/.env.${ENV}"
build:
context: .
dockerfile: ./docker/prod.Dockerfile
image: nestify
depends_on:
- traefik
- redis
- rabbitmq
restart: unless-stopped
command: "npm run start"
labels:
- traefik.enable=true
- traefik.http.routers.nestify.rule=Host(`api.localhost`)
- traefik.http.services.nestify.loadbalancer.server.port=8000
- "traefik.http.middlewares.test-ratelimit.ratelimit.average=100"
- "traefik.http.middlewares.test-ratelimit.ratelimit.burst=50"
- "traefik.http.middlewares.test-ratelimit.ratelimit.period=1m"
- "traefik.http.middlewares.traefik-headers.headers.framedeny=true"
- "traefik.http.middlewares.traefik-headers.headers.browserxssfilter=true"
- "traefik.http.middlewares.traefik-headers.headers.contentTypeNosniff=true"
- "traefik.http.middlewares.traefik-headers.headers.permissionsPolicy=camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';"
stdin_open: true
tty: true
networks:
- nestify-network
volumes:
- .:/usr/src/app
- /usr/src/app/node_modules
traefik:
image: "traefik:v2.9.8"
container_name: traefik
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--accesslog"
- "--log"
- "--api"
- "--api.insecure=true"
labels:
- traefik.enable=true
networks:
- nestify-network
ports:
- "443:443"
- "80:80"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
redis:
image: "redis:7.0.9-alpine"
restart: always
depends_on:
- traefik
ports:
- "6379"
networks:
- nestify-network
command: "redis-server --loglevel warning --requirepass ${PASSWORD}"
volumes:
- "redis-data:/data"
rabbitmq:
container_name: rabbitmq
image: "rabbitmq:3.11.10-management-alpine"
networks:
- nestify-network
depends_on:
- traefik
environment:
- RABBITMQ_DEFAULT_USER=nestify
- "RABBITMQ_DEFAULT_PASS=${PASSWORD}"
ports:
- "5672:5672"
- "15672:15672"
volumes:
- "rabbitmq-data:/var/lib/rabbitmq/mnesia/"
db:
image: "postgres:15.2-alpine"
restart: unless-stopped
volumes:
- "postgres_data:/var/lib/postgresql/data/"
depends_on:
- traefik
environment:
- "POSTGRES_USER=${DB_USERNAME}"
- "POSTGRES_PASSWORD=${DB_PASSWORD}"
- "POSTGRES_DB=${DB_DATABASE}"
networks:
- nestify-network
pgadmin:
container_name: pgadmin4_container
image: "dpage/pgadmin4:6.21"
restart: unless-stopped
environment:
- PGADMIN_DEFAULT_PASSWORDsecret
- PGADMIN_LISTEN_PORT=80
ports:
- "8090:80"
volumes:
- "pgadmin-data:/var/lib/pgadmin"
depends_on:
- traefik
networks:
- nestify-network
volumes:
redis-data:
rabbitmq-data:
postgres_data:
pgadmin-data:
networks:
nestify-network:
name: nestify-network