add production compose file
* secrets are stored in env files, examples were added * add .*.env to .{docker,git}ignore to prevent anybody from mistakenly committing their env files (unless it's forced) * [skip ci]
This commit is contained in:
parent
4cde01394f
commit
5c65ea289b
|
@ -10,3 +10,4 @@ obj/
|
|||
.dotnet
|
||||
.nuget
|
||||
.local
|
||||
.*.env
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
POSTGRES_USER=postgres
|
||||
POSTGRES_PASSWORD=a6a204ca41effac89a0696ec8c652ba8b6b668129d55b5085eb4453ccb214343481bd0a61b889f1e2ec2ad58d267edf623898892b6cd042f93ad17610871da58
|
||||
POSTGRES_INITDB_ARGS="--data-checksums"
|
|
@ -0,0 +1,3 @@
|
|||
DOTNET_CLI_TELEMETRY_OPTOUT=true
|
||||
ASPNETCORE_ENVIRONMENT=Production
|
||||
DB_CONNECTION_STRING="User ID=postgres;Password=a6a204ca41effac89a0696ec8c652ba8b6b668129d55b5085eb4453ccb214343481bd0a61b889f1e2ec2ad58d267edf623898892b6cd042f93ad17610871da58;Server=db;Port=5432;Database=pwt;Integrated Security=true;Pooling=true;"
|
|
@ -16,3 +16,5 @@ riderModule.iml
|
|||
*.jpg
|
||||
*.jpeg
|
||||
*.png
|
||||
|
||||
.*.env
|
||||
|
|
|
@ -0,0 +1,66 @@
|
|||
version: '3.8'
|
||||
|
||||
services:
|
||||
netcoreultimateapp-prod:
|
||||
image: netcoreultimateapp-prod
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
networks:
|
||||
- internal-nw
|
||||
labels:
|
||||
traefik.enable: true
|
||||
traefik.http.services.netcoreultimateapp-prod.loadbalancer.server.port: 80
|
||||
traefik.http.routers.netcoreultimateapp-prod.rule: Host(`localhost`) || Host(`127.0.0.1`) || Host(`netcoreultimateapp-prod`) || Host(`pwt`)
|
||||
logging:
|
||||
driver: json-file
|
||||
options:
|
||||
max-size: "5m"
|
||||
max-file: "5"
|
||||
volumes:
|
||||
- ./:/src:z
|
||||
env_file:
|
||||
- ./.release_app.env
|
||||
restart: always
|
||||
cap_drop:
|
||||
- NET_ADMIN
|
||||
- SYS_ADMIN
|
||||
depends_on:
|
||||
- db
|
||||
|
||||
db:
|
||||
container_name: 'db'
|
||||
image: postgres:13.1-alpine
|
||||
networks:
|
||||
- internal-nw
|
||||
labels:
|
||||
- traefik.enable=false
|
||||
volumes:
|
||||
- dbdata-prod:/var/lib/postgresql/data:z
|
||||
env_file:
|
||||
- ./.db.env
|
||||
restart: always
|
||||
cap_drop:
|
||||
- NET_ADMIN
|
||||
- SYS_ADMIN
|
||||
|
||||
reverse-proxy:
|
||||
image: traefik:2.4.5
|
||||
command: --api=false --api.dashboard=false --providers.docker
|
||||
networks:
|
||||
- internal-nw
|
||||
- default
|
||||
ports:
|
||||
- 127.0.0.1:8001:80
|
||||
restart: always
|
||||
volumes:
|
||||
# So that traefik can listen to the Docker events
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
|
||||
volumes:
|
||||
dbdata-prod:
|
||||
|
||||
networks:
|
||||
internal-nw:
|
||||
internal: true
|
||||
default:
|
Reference in New Issue