forked from Haxxnet/Compose-Examples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose-v3.yml
142 lines (132 loc) · 5.25 KB
/
docker-compose-v3.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
# This docker compose example targets rxresume < 4.0
# For a newer version, please see https://github.com/AmruthPillai/Reactive-Resume/tree/main/tools/compose
# Make sure that you expose both the client and server container behind the same (sub)domain,
# which is properly resolvable. Otherwise, you'll either receive DNS or CORS errors, as the domain
# cannot be resolved by the containers properly or since the Same Origin Policy (SOP) will prevent
# access from Domain A (client) to Domain B (server). So let both containers run on the same domain
# and tell your reverse proxy (here traefik) that the server container will handle all /api requests.
# If PDF export keeps failing, you may want to enable the `extra_hosts` definition in the client's
# Docker Compose service definition. Specify your domain name and your server's IP address where
# Traefik is listening on TCP/80 and TCP/443. See this GitHub issue here:
# https://github.com/AmruthPillai/Reactive-Resume/issues/721#issuecomment-1530550167
# Also ensure to create a new resume always as soon as you've changed your setup or the Docker
# Compose file. Older resumes may introduce previous errors, which are false positives and only
# occur for the old resume.
# If you use Nginx Proxy Manager as reverse proxy, may have a read here:
# https://github.com/AmruthPillai/Reactive-Resume/issues/721#issuecomment-1405283786
services:
postgres:
image: postgres:16-alpine
container_name: rxresume-db
restart: always
expose:
- 5432
volumes:
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/rxresume/postgresql:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]
start_period: 15s
interval: 30s
timeout: 30s
retries: 3
environment:
- POSTGRES_DB=postgres
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
networks:
- proxy
server:
image: amruthpillai/reactive-resume:server-latest
container_name: rxresume-server
restart: always
#extra_hosts:
# - "resume.example.com:10.10.0.100" # optionally enable if PDF export keeps failing; specify your domain and server's IP address where traefik is running
expose:
- 3100
depends_on:
- postgres
environment:
- PUBLIC_URL=http://resume.example.com
- PUBLIC_SERVER_URL=http://resume.example.com/api # only change the subdomain, leave /api as is
- PUBLIC_GOOGLE_CLIENT_ID=
- POSTGRES_DB=postgres
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
- SECRET_KEY=change-me-to-something-secure
- POSTGRES_HOST=postgres
- POSTGRES_PORT=5432
- POSTGRES_SSL_CERT=
- JWT_SECRET=change-me-to-something-secure
- JWT_EXPIRY_TIME=604800
- GOOGLE_CLIENT_SECRET=
- GOOGLE_API_KEY=
- MAIL_FROM_NAME=Reactive Resume
- MAIL_HOST=
- MAIL_PORT=
- MAIL_USERNAME=
- MAIL_PASSWORD=
- STORAGE_BUCKET=
- STORAGE_REGION=
- STORAGE_ENDPOINT=
- STORAGE_URL_PREFIX=
- STORAGE_ACCESS_KEY=
- STORAGE_SECRET_KEY=
- PDF_DELETION_TIME=
networks:
- proxy
labels:
- traefik.enable=true
- traefik.http.routers.rxresume-server.rule=Host(`resume.example.com`) && PathPrefix(`/api`) # only change the subdomain, leave /api as is
- traefik.http.services.rxresume-server.loadbalancer.server.port=3100
- traefik.docker.network=proxy
# Part for optional traefik middlewares
- traefik.http.routers.rxresume-server.middlewares=path-strip # may add local-ipwhitelist@file for access control
- traefik.http.middlewares.path-strip.stripprefix.prefixes=/api
- traefik.http.middlewares.path-strip.stripprefix.forceSlash=false
client:
image: amruthpillai/reactive-resume:client-latest
container_name: rxresume-client
restart: always
#extra_hosts:
# - "resume.example.com:10.10.0.100" # # optionally enable if PDF export keeps failing; specify your domain and server's IP address where traefik is running
expose:
- 3000
depends_on:
- server
environment:
- PUBLIC_URL=http://resume.example.com
- PUBLIC_SERVER_URL=http://resume.example.com/api # only change the subdomain, leave /api as is
- PUBLIC_GOOGLE_CLIENT_ID=
networks:
- proxy
labels:
- traefik.enable=true
- traefik.http.routers.rxresume-client.rule=Host(`resume.example.com`)
- traefik.http.services.rxresume-client.loadbalancer.server.port=3000
- traefik.docker.network=proxy
# Part for optional traefik middlewares
#- traefik.http.routers.rxresume-client.middlewares=local-ipwhitelist@file # may enable this middleware for access control
traefik:
image: traefik:v2.10.1
container_name: rxresume-traefik
restart: unless-stopped
command:
- "--log.level=INFO"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
ports:
- 80:80
- 8080:8080
environment:
- VIRTUAL_HOST=resume.example.com
- VIRTUAL_PORT=80
networks:
- proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
proxy:
external: true