nucleo000/cataRio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7c3b9a34b7f33044963d8a33b6cd435d3e9bf32d
cataRio/docker-compose.yml
josedario87 2448f5a7be
All checks were successful
build-and-deploy / build-and-deploy (push) Successful in 16s
Details
fix docker compose 2
2025-10-19 16:40:09 -06:00

96 lines
4.0 KiB
YAML
Raw Blame History

version: '3.8'
services:
postgres:
image: postgres:16-alpine
container_name: ${APP_NAME}_postgres
restart: unless-stopped
environment:
- POSTGRES_DB=${POSTGRES_DB:-riocata}
- POSTGRES_USER=${POSTGRES_USER:-riocata_user}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- PGDATA=/var/lib/postgresql/data/pgdata
volumes:
- postgres_data:/var/lib/postgresql/data
- ./postgres/init:/docker-entrypoint-initdb.d:ro
networks:
- principal
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-riocata_user} -d ${POSTGRES_DB:-riocata}"]
interval: 10s
timeout: 5s
retries: 5
app:
image: ${REG}/${REPO_OWNER}/${APP_NAME}:latest
container_name: ${APP_NAME}
restart: unless-stopped
depends_on:
postgres:
condition: service_healthy
environment:
# Node Environment
- NODE_ENV=production
- NUXT_HOST=0.0.0.0
- NUXT_PORT=3000
# Public URL
- NUXT_PUBLIC_APP_URL=${NUXT_PUBLIC_APP_URL}
# Database Connection
- DATABASE_URL=postgresql://${POSTGRES_USER:-riocata_user}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB:-riocata}
- POSTGRES_HOST=postgres
- POSTGRES_PORT=5432
- POSTGRES_DB=${POSTGRES_DB:-riocata}
- POSTGRES_USER=${POSTGRES_USER:-riocata_user}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
networks:
- principal
- traefik-network
labels:
- traefik.enable=true
- traefik.docker.network=principal
- traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000
# Públicos PWA (sin auth)
- traefik.http.routers.${APP_NAME}-public.rule=Host(`${APP_DOMAIN}`) && (PathPrefix(`/manifest.webmanifest`) || PathPrefix(`/sw.js`) || PathPrefix(`/workbox-`) || PathPrefix(`/icon-`) || PathPrefix(`/apple-touch-icon`) || PathPrefix(`/favicon.ico`) || PathPrefix(`/robots.txt`) || PathPrefix(`/offline.html`) || PathPrefix(`/api/_nuxt_icon/`))
- traefik.http.routers.${APP_NAME}-public.entrypoints=websecure
- traefik.http.routers.${APP_NAME}-public.tls.certresolver=letsencrypt
- traefik.http.routers.${APP_NAME}-public.priority=100
- traefik.http.routers.${APP_NAME}-public.service=${APP_NAME}
- traefik.http.routers.${APP_NAME}-public.middlewares=${APP_NAME}-headers,${APP_NAME}-cors
# App protegida
- traefik.http.routers.${APP_NAME}.rule=Host(`${APP_DOMAIN}`)
- traefik.http.routers.${APP_NAME}.entrypoints=websecure
- traefik.http.routers.${APP_NAME}.tls.certresolver=letsencrypt
- traefik.http.routers.${APP_NAME}.priority=10
- traefik.http.routers.${APP_NAME}.service=${APP_NAME}
- traefik.http.routers.${APP_NAME}.middlewares=${APP_NAME}-authentik,${APP_NAME}-headers
# ForwardAuth interno → sidecar
- traefik.http.middlewares.${APP_NAME}-authentik.forwardauth.address=http://ak-outpost-exterior-lvl2:9000/outpost.goauthentik.io/auth/traefik
- traefik.http.middlewares.${APP_NAME}-authentik.forwardauth.trustForwardHeader=true
- traefik.http.middlewares.${APP_NAME}-authentik.forwardauth.authResponseHeaders=X-Authentik-Username,X-Authentik-Email,X-Authentik-Name,X-Authentik-Uid,X-Authentik-Groups,X-Authentik-Entitlements
# X-Forwarded-*
- traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Proto=https
- traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Scheme=https
# CORS para assets públicos
- traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolallowmethods=GET,OPTIONS
- traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolalloworiginlist=https://${APP_DOMAIN}
- traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolmaxage=100
- traefik.http.middlewares.${APP_NAME}-cors.headers.addvaryheader=true
volumes:
postgres_data:
name: ${APP_NAME}_postgres_data
networks:
principal:
external: true
traefik-network:
external: true
Reference in New Issue View Git Blame Copy Permalink