Sign upLogin

unclesp1d3r/CipherSwarm

View on GitHub
Star
docker-compose-production.yml

Summary

Maintainability
Test Coverage
x-common-env-vars: &common-env-vars
  RAILS_MASTER_KEY: ${RAILS_MASTER_KEY}
  REDIS_URL: redis://redis-db:6379
  DATABASE_URL: postgres://root:${POSTGRES_PASSWORD:-password}@postgres-db/
  MINIO_ENDPOINT: http://${MINIO_PUBLIC_IP:-127.0.0.1}:9000

x-resource-limits: &resource-limits
  limits:
    cpus: '1'
    memory: 512M
  reservations:
    cpus: '0.5'
    memory: 256M

x-replicas: &replicas
  mode: replicated
  endpoint_mode: vip
  restart_policy:
    condition: on-failure
    delay: 10s
    max_attempts: 3
    window: 120s
  update_config:
    delay: 10s
    parallelism: 2
    failure_action: rollback
    monitor: 1m
    max_failure_ratio: 0.3
    order: start-first

services:
  web:
    image: ghcr.io/unclesp1d3r/cipherswarm:latest
    ports:
      - "80:80"
    environment:
      <<: *common-env-vars
    depends_on:
      - redis-db
      - postgres-db
      - minio
      - sidekiq
    volumes:
      - storage:/rails/storage
    networks:
      - frontend
      - backend
    deploy:
      resources:
        <<: *resource-limits
    healthcheck:
      test: [ "CMD-SHELL", "curl --fail http://localhost/up || exit 1" ]
      interval: 30s
      timeout: 10s
      retries: 3

  postgres-db:
    image: postgres
    environment:
      POSTGRES_USER: root
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password}
    volumes:
      - postgres:/var/lib/postgresql/data
    ports:
      - "5432:5432"
    healthcheck:
      test: pg_isready
      interval: 2s
      timeout: 5s
      retries: 30
    networks:
      - backend
    deploy:
      resources:
        <<: *resource-limits

  minio:
    image: bitnami/minio
    ports:
      - '9000:9000'
      - '9001:9001'
    volumes:
      - minio:/bitnami/minio/data
    networks:
      - frontend
    environment:
      - MINIO_ROOT_USER=minioadmin
      - MINIO_ROOT_PASSWORD=minioadmin
      - MINIO_DEFAULT_BUCKETS=application
    deploy:
      resources:
        <<: *resource-limits
    healthcheck:
      test: [ "CMD-SHELL", "curl --fail http://localhost:9000/minio/health/live || exit 1" ]
      interval: 30s
      timeout: 10s
      retries: 3

  redis-db:
    image: redis
    networks:
      - backend
    deploy:
      restart_policy:
        condition: on-failure
      resources:
        <<: *resource-limits
    volumes:
      - redis:/data
    healthcheck:
      test: [ "CMD-SHELL", "redis-cli ping | grep PONG" ]
      interval: 1s
      timeout: 3s
      retries: 5

  sidekiq:
    image: ghcr.io/unclesp1d3r/cipherswarm:latest
    command: bundle exec sidekiq
    environment:
      <<: *common-env-vars
    depends_on:
      - redis-db
      - postgres-db
      - minio
    volumes:
      - storage:/rails/storage
    networks:
      - backend
    deploy:
      replicas: 4
      <<: *replicas
      resources:
        <<: *resource-limits
    healthcheck:
      test: [ "CMD-SHELL", "curl --fail http://localhost:7433 || exit 1" ]
      interval: 30s
      timeout: 10s
      retries: 3

networks:
  backend:
  frontend:

volumes:
  storage:
  postgres:
  redis:
  minio:
    driver: local