test/shop10
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity
Files
3419d90e617ec30b1a114437c3a253e7881f9179
shop10/docker-compose.yml
T
shop 3419d90e61 refactor: заменить Caddy на Traefik v3 
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-16 20:27:54 +03:00

95 lines
2.6 KiB
YAML
Raw Blame History

services:
ssl-init:
image: alpine:3.20
container_name: shop-ssl-init
volumes:
- postgres_ssl:/certs
- ./postgres/ssl/generate-certs.sh:/generate-certs.sh:ro
entrypoint: ["/bin/sh", "-c", "apk add --no-cache openssl > /dev/null && sh /generate-certs.sh /certs"]
restart: "no"
postgres:
image: postgres:17-alpine
container_name: shop-postgres
depends_on:
ssl-init:
condition: service_completed_successfully
environment:
POSTGRES_USER: ${POSTGRES_USER:-shop}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-shop_secret}
POSTGRES_DB: ${POSTGRES_DB:-shopdb}
volumes:
- postgres_data:/var/lib/postgresql/data
- postgres_ssl:/var/lib/postgresql/ssl:ro
- ./postgres/init:/docker-entrypoint-initdb.d:ro
command:
- postgres
- -c
- ssl=on
- -c
- ssl_cert_file=/var/lib/postgresql/ssl/server.crt
- -c
- ssl_key_file=/var/lib/postgresql/ssl/server.key
- -c
- ssl_min_protocol_version=TLSv1.2
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
interval: 5s
timeout: 5s
retries: 10
start_period: 15s
networks:
- backend
restart: unless-stopped
app:
build:
context: .
dockerfile: Dockerfile
container_name: shop-app
depends_on:
postgres:
condition: service_healthy
environment:
APP_PORT: "8080"
DATABASE_URL: postgres://${POSTGRES_USER:-shop}:${POSTGRES_PASSWORD:-shop_secret}@postgres:5432/${POSTGRES_DB:-shopdb}?sslmode=require
COOKIE_SECURE: ${COOKIE_SECURE:-false}
networks:
- backend
- frontend
restart: unless-stopped
traefik:
image: traefik:v3.2
container_name: shop-traefik
depends_on:
- app
command:
- --log.level=INFO
- --accesslog=true
- --providers.file.directory=/etc/traefik/dynamic
- --providers.file.watch=true
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL:-admin@localhost}
- --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
ports:
- "${HTTP_PORT:-80}:80"
- "${HTTPS_PORT:-443}:443"
volumes:
- ./traefik/dynamic:/etc/traefik/dynamic:ro
- traefik_letsencrypt:/letsencrypt
networks:
- frontend
restart: unless-stopped
volumes:
postgres_data:
postgres_ssl:
traefik_letsencrypt:
networks:
backend:
frontend:
Reference in New Issue View Git Blame Copy Permalink