-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose.prod.yml
286 lines (270 loc) · 7.86 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
version: "3"
services:
search-service:
image: ${DOCKERHUB_USERNAME}/dhammanava-search-image:latest
container_name: search-container
environment:
ESDB_URL: http://elastic-db:9200
ESDB_USERNAME: ${ELASTIC_USERNAME}
ESDB_PASSWORD: ${ELASTIC_PASSWORD}
FRONTEND_URL: http://frontend:5173
RABBITMQ_USERNAME: ${RABBITMQ_USERNAME}
RABBITMQ_PASSWORD: ${RABBITMQ_PASSWORD}
RABBITMQ_URL: rabbitmq
ML_GATEWAY_URL: ml-gateway-service
ports:
- 8081:8081
labels:
logging: "promtail"
loggin_jobname: "containerlogs"
volumes:
- ./data:/app/datasource
- ./ml-data:/app/ml-data
- ./logs:/app/logs
restart: always
depends_on:
- elastic-db
- rabbitmq
- ml-gateway-service
networks:
- dhammanava_network
ml-gateway-service:
container_name: ml-gateway-container
image: ${DOCKERHUB_USERNAME}/dhammanava-ml-gateway-image:latest
restart: always
ports:
- 8085:8085
labels:
logging: "promtail"
loggin_jobname: "containerlogs"
volumes:
- ./ml-data:/app/ml-data
networks:
- dhammanava_network
ml-service:
container_name: ml-container
image: ${DOCKERHUB_USERNAME}/dhammanava-ml-image:latest
environment:
- FLASK_APP=run.py
- FLASK_ENV=production
- FLASK_RUN_HOST=0.0.0.0
- FLASK_RUN_PORT=8084
volumes:
- ./data/stopword:/app/stopWord
restart: always
ports:
- 8084:8084
labels:
logging: "promtail"
loggin_jobname: "containerlogs"
command: ["gunicorn", "-b", "0.0.0.0:8084", "run:app"]
networks:
- dhammanava_network
elastic-db:
container_name: elastic-container
build:
context: ./elastic
environment:
- discovery.type=single-node
- xpack.security.enabled=true
- ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
- ES_JAVA_OPTS=-Xms512m -Xmx512m
volumes:
- ./volumes/database/elastic:/usr/share/elasticsearch/data
ports:
- 9200:9200
restart: always
labels:
logging: "promtail"
loggin_jobname: "containerlogs"
mem_limit: 1g
networks:
- dhammanava_network
frontend:
image: ${DOCKERHUB_USERNAME}/dhammanava-frontend-image:latest
container_name: frontend-container
environment:
- DHAMMANAVA_EVALUATION_FORM_URL=${EVALUATION_FORM_URL}
ports:
- 5173:8080
restart: always
networks:
- dhammanava_network
auth-service:
container_name: auth-container
image: ${DOCKERHUB_USERNAME}/dhammanava-auth-image:latest
environment:
- FRONTEND_URL=http://frontend:5173
- JWT_KEY=${JWT_KEY}
- DATABASE_HOST=auth-db
- DATABASE_USER=${AUTH_DB_USER}
- DATABASE_PASSWORD=${AUTH_DB_PASSWORD}
- EMAIL_SENDER_EMAIL=${SENDER_EMAIL}
- EMAIL_SENDER_PASSWORD=${SENDER_PASSWORD}
- LINK_URL=${LINK_URL}
- SUPER_ADMIN_PASSWORD=${SUPER_ADMIN_PASSWORD}
- SUPER_ADMIN_EMAIL=${SUPER_ADMIN_EMAIL}
- SUPER_ADMIN_USERNAME=${SUPER_ADMIN_USERNAME}
- ADMIN_PASSWORD=${ADMIN_PASSWORD}
- ADMIN_EMAIL=${ADMIN_EMAIL}
- USER_PASSWORD=${USER_PASSWORD}
- USER_EMAIL=${USER_EMAIL}
ports:
- 8082:8082
restart: always
depends_on:
- auth-db
labels:
logging: "promtail"
loggin_jobname: "containerlogs"
networks:
- dhammanava_network
#* Copy ./auth-db to server in `.github/workflows/auth-db.yml` before run docker-compose up
auth-db:
image: postgres:latest
container_name: auth-postgres-container
environment:
POSTGRES_DB: Authen
POSTGRES_USER: ${AUTH_DB_USER}
POSTGRES_PASSWORD: ${AUTH_DB_PASSWORD}
ports:
- 5432:5432
restart: always
volumes:
- ./auth-db:/docker-entrypoint-initdb.d
- ./volumes/database/auth:/var/lib/postgresql/data
networks:
- dhammanava_network
data-service:
container_name: data-container
image: ${DOCKERHUB_USERNAME}/dhammanava-data-image:latest
environment:
FRONTEND_URL: http://frontend:5173
SEARCH_SERVICE: search-service
AUTH_SERVICE: auth-service
MONGO_DB_HOST: data-db
MONGO_DB_PORT: 27017
MONGO_DB_USERNAME: ${DATA_MNGMNT_DB_USER}
MONGO_DB_PASSWORD: ${DATA_MNGMNT_DB_PASSWORD}
MONGO_DB_NAME: record
RABBITMQ_USERNAME: ${RABBITMQ_USERNAME}
RABBITMQ_PASSWORD: ${RABBITMQ_PASSWORD}
RABBITMQ_URL: rabbitmq
volumes:
- ./data/record:/app/datasource
ports:
- 8083:8083
restart: always
depends_on:
- data-db
- rabbitmq
- auth-service
- search-service
labels:
logging: "promtail"
loggin_jobname: "containerlogs"
networks:
- dhammanava_network
data-db:
image: mongo:4.4
container_name: data-mongo-container
ports:
- 27017:27017
restart: always
environment:
MONGO_INITDB_DATABASE: record
MONGO_INITDB_ROOT_USERNAME: ${DATA_MNGMNT_DB_USER}
MONGO_INITDB_ROOT_PASSWORD: ${DATA_MNGMNT_DB_PASSWORD}
volumes:
- ./volumes/database/mongo-data:/data/db
networks:
- dhammanava_network
rabbitmq:
image: "rabbitmq:3-alpine"
container_name: rabbitmq-container
environment:
RABBITMQ_DEFAULT_USER: ${RABBITMQ_USERNAME}
RABBITMQ_DEFAULT_PASS: ${RABBITMQ_PASSWORD}
ports:
- "5672:5672"
volumes:
- ./volumes/rabbitmq:/var/lib/rabbitmq
networks:
- dhammanava_network
#* Already run (set up ssl) don't need to run again
nginx:
image: nginx:latest
container_name: nginx-container
restart: unless-stopped
ports:
- 80:80
- 443:443
networks:
- dhammanava_network
volumes:
- ./nginx/nginx.prod.conf:/etc/nginx/nginx.conf
- ./certbot/www/:/var/www/certbot
- ./certbot/conf/:/etc/letsencrypt
labels:
logging: "promtail"
loggin_jobname: "containerlogs"
#* Already run (set up ssl) don't need to run again
certbot:
image: certbot/certbot:latest
networks:
- dhammanava_network
volumes:
- ./certbot/www/:/var/www/certbot
- ./certbot/conf/:/etc/letsencrypt
command: certonly --webroot -w /var/www/certbot --force-renewal --email [email protected] -d search.dhammanava.net --agree-tos
loki:
image: grafana/loki:2.9.2
container_name: loki
ports:
- "3100:3100"
command: -config.file=/etc/loki/local-config.yaml
volumes:
- ./volumes/monitoring/loki:/loki
networks:
- dhammanava_network
promtail:
image: grafana/promtail:2.8.11
container_name: promtail
volumes:
- ./monitoring/promtail.yaml:/etc/promtail/docker-config.yaml
- /var/lib/docker/containers:/var/lib/docker/containers:ro
- /var/run/docker.sock:/var/run/docker.sock
command: -config.file=/etc/promtail/docker-config.yaml
depends_on:
- loki
networks:
- dhammanava_network
grafana:
image: grafana/grafana:10.3.5
container_name: grafana
ports:
- 3000:3000
volumes:
- ./monitoring/grafana/datasources.yaml:/etc/grafana/provisioning/datasources/datasources.yaml
- ./monitoring/grafana/main-dashboard.json:/var/lib/grafana/dashboards/dashboard.json
- ./monitoring/grafana/dashboard.yml:/etc/grafana/provisioning/dashboards/main.yml
- ./monitoring/grafana/grafana.ini.prod:/etc/grafana/grafana.ini
environment:
- GF_AUTH_DISABLE_LOGIN_FORM=false
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
networks:
- dhammanava_network
prometheus:
image: prom/prometheus:v2.51.0
container_name: prometheus
volumes:
- ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
- ./volumes/monitoring/prometheus:/prometheus
command:
- "--config.file=/etc/prometheus/prometheus.yml"
networks:
- dhammanava_network
networks:
dhammanava_network:
driver: bridge