fastapi/docker-compose.yml

version: '3.4'

services:

  # mongodb:
  #   image: bitnami/mongodb:latest
  #   ports:
  #     - "27017"
  #   volumes:
  #     - data:/bitnami/mongodb

  # redis:
  #   image: redis:6.2-alpine
  #   hostname: redis
  #   container_name: redis
  #   command:
  #     - 'redis-server'
  #     - '--requirepass myStrongPassword'
  #   ports:
  #     - 36379:6379
  #   restart: always
  #   deploy:
  #     placement:
  #       constraints:
  #         - "node.labels.type==queue"
  #     restart_policy:
  #       condition: on-failure
  #       delay: 5s
  #       max_attempts: 3
  #       window: 120s
  #     update_config:
  #       parallelism: 2
  #       delay: 10s
  #       order: stop-first
  #     rollback_config:
  #       parallelism: 2
  #       delay: 10s
  #       order: stop-first

  nginx:
    image: nginx:1.17
    volumes:
      - ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf
    command: '/bin/sh -c ''while :; do sleep 336h & wait $${!}; nginx -s reload; done & nginx -g "daemon off;"'''

    ports:
      - 80:80
      - 443:443
    depends_on:
      - backend
      - frontend
    deploy:
      placement:
        constraints:
          - node.role == manager
        restart_policy:
          condition: on-failure
          delay: 5s
          max_attempts: 3
          window: 120s
        update_config:
          parallelism: 2
          delay: 10s
          order: stop-first
        rollback_config:
          parallelism: 2
          delay: 10s
          order: stop-first
        resources:
          limits:
            cpus: '0.20'
            memory: 100M
          reservations:
            cpus: '0.05'
            memory: 20M
        ports:
          - 80:80
          - 443:443

  # certbot:
  #   container_name: certbot
  #   entrypoint:  "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 118h & wait $${!}; done;'"
  #   image: certbot/certbot
  #   volumes:
  #     - ./docker/nginx/certbot/conf:/etc/letsencrypt
  #     - ./docker/nginx/certbot/www:/var/www/certbot

  # rabbitmq:
  #   image: rabbitmq:3.8.4-management
  #   container_name: rabbitmq
  #   env_file:
  #     - .prod.env
  #   volumes:
  #     - ./docker/rabbitmq/etc/:/etc/rabbitmq/
  #     - ./docker/rabbitmq/data/:/var/lib/rabbitmq/
  #     - ./docker/rabbitmq/logs/:/var/log/rabbitmq/
  #   ports:
  #     - 5672
  #     - 15672
  #   deploy:
  #     placement:
  #       constraints:
  #         - "node.labels.type==queue"
  #     restart_policy:
  #       condition: on-failure
  #       delay: 5s
  #       max_attempts: 3
  #       window: 120s
  #     update_config:
  #       parallelism: 2
  #       delay: 10s
  #       order: stop-first
  #     rollback_config:
  #       parallelism: 2
  #       delay: 10s
  #       order: stop-first

  db:
    container_name: db
    image: postgres:12
    restart: always
    volumes:
      - app-db-data:/var/lib/postgresql/data/pgdata
    env_file:
      - .env
    networks:
      - traefik-public
    environment:
      - PGDATA=/var/lib/postgresql/data/pgdata
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD?Variable not set}
      - POSTGRES_USER=${POSTGRES_USER?Variable not set}
      - POSTGRES_DB=${POSTGRES_DB?Variable not set}

  adminer:
    container_name: db-adminer
    image: adminer
    restart: always
    networks:
      - traefik-public
    depends_on:
      - db
    environment:
      - ADMINER_DESIGN=pepa-linha-dark
    labels:
      - traefik.enable=true
      - traefik.docker.network=traefik-public
      - traefik.constraint-label=traefik-public
      - traefik.http.routers.${STACK_NAME?Variable not set}-adminer-http.rule=Host(`adminer.${DOMAIN?Variable not set}`)
      - traefik.http.routers.${STACK_NAME?Variable not set}-adminer-http.entrypoints=http
      - traefik.http.routers.${STACK_NAME?Variable not set}-adminer-http.middlewares=https-redirect
      - traefik.http.routers.${STACK_NAME?Variable not set}-adminer-https.rule=Host(`adminer.${DOMAIN?Variable not set}`)
      - traefik.http.routers.${STACK_NAME?Variable not set}-adminer-https.entrypoints=https
      - traefik.http.routers.${STACK_NAME?Variable not set}-adminer-https.tls=true
      - traefik.http.routers.${STACK_NAME?Variable not set}-adminer-https.tls.certresolver=le
      - traefik.http.services.${STACK_NAME?Variable not set}-adminer.loadbalancer.server.port=8080
    ports:
      - 8081:8080

  backend:
    container_name: backend
    image: 'jianboy/${DOCKER_IMAGE_BACKEND?Variable not set}:${TAG-latest}'
    # build:
    #   context: ./backend
    #   dockerfile: ./Dockerfile
    restart: always
    networks:
      - traefik-public
    depends_on:
      - db
    ports:
      - 8080:8080
      - 8000:8000
    env_file:
      - .env
    environment:
      - DOMAIN=${DOMAIN}
      - ENVIRONMENT=${ENVIRONMENT}
      - BACKEND_CORS_ORIGINS=${BACKEND_CORS_ORIGINS}
      - SECRET_KEY=${SECRET_KEY?Variable not set}
      - FIRST_SUPERUSER=${FIRST_SUPERUSER?Variable not set}
      - FIRST_SUPERUSER_PASSWORD=${FIRST_SUPERUSER_PASSWORD?Variable not set}
      - USERS_OPEN_REGISTRATION=${USERS_OPEN_REGISTRATION}
      - SMTP_HOST=${SMTP_HOST}
      - SMTP_USER=${SMTP_USER}
      - SMTP_PASSWORD=${SMTP_PASSWORD}
      - EMAILS_FROM_EMAIL=${EMAILS_FROM_EMAIL}
      - POSTGRES_SERVER=db
      - POSTGRES_PORT=${POSTGRES_PORT}
      - POSTGRES_DB=${POSTGRES_DB}
      - POSTGRES_USER=${POSTGRES_USER?Variable not set}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD?Variable not set}
      - SENTRY_DSN=${SENTRY_DSN}

    deploy:
      mode: replicated
      replicas: 4
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
        window: 120s
      update_config:
        parallelism: 2
        delay: 10s
        order: stop-first
      rollback_config:
        parallelism: 2
        delay: 10s
        order: stop-first
      resources:
        limits:
          cpus: '0.50'
          memory: 150M
        reservations:
          cpus: '0.20'
          memory: 40M

  #   build:
  #     context: ./backend
  #     args:
  #       INSTALL_DEV: ${INSTALL_DEV-false}
  #   platform: linux/amd64 # Patch for M1 Mac
  #   labels:
  #     - traefik.enable=true
  #     - traefik.docker.network=traefik-public
  #     - traefik.constraint-label=traefik-public

  #     - traefik.http.services.${STACK_NAME?Variable not set}-backend.loadbalancer.server.port=80

  #     - traefik.http.routers.${STACK_NAME?Variable not set}-backend-http.rule=Host(`${DOMAIN?Variable not set}`, `www.${DOMAIN?Variable not set}`) && PathPrefix(`/api`, `/docs`, `/redoc`)
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-backend-http.entrypoints=http

  #     - traefik.http.routers.${STACK_NAME?Variable not set}-backend-https.rule=Host(`${DOMAIN?Variable not set}`, `www.${DOMAIN?Variable not set}`) && PathPrefix(`/api`, `/docs`, `/redoc`)
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-backend-https.entrypoints=https
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-backend-https.tls=true
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-backend-https.tls.certresolver=le

  #     - traefik.http.routers.${STACK_NAME?Variable not set}-backend-http.middlewares=https-redirect,${STACK_NAME?Variable not set}-www-redirect
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-backend-https.middlewares=${STACK_NAME?Variable not set}-www-redirect

  # frontend:
  #   container_name: frontend
  #   image: 'jianboy/${DOCKER_IMAGE_FRONTEND?Variable not set}:${TAG-latest}'
  #   restart: always
  #   networks:
  #     - traefik-public
  #   build:
  #     context: ./frontend
  #     args:
  #       - VITE_API_URL=https://${DOMAIN?Variable not set}
  #       - NODE_ENV=production
  #   labels:
  #     - traefik.enable=true
  #     - traefik.docker.network=traefik-public
  #     - traefik.constraint-label=traefik-public

  #     - traefik.http.services.${STACK_NAME?Variable not set}-frontend.loadbalancer.server.port=80

  #     - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-http.rule=Host(`${DOMAIN?Variable not set}`, `www.${DOMAIN?Variable not set}`)
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-http.entrypoints=http

  #     - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-https.rule=Host(`${DOMAIN?Variable not set}`, `www.${DOMAIN?Variable not set}`)
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-https.entrypoints=https
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-https.tls=true
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-https.tls.certresolver=le

  #     # Handle domain with and without "www" to redirect to only one
  #     # To disable www redirection remove the next line
  #     - traefik.http.middlewares.${STACK_NAME?Variable not set}-www-redirect.redirectregex.regex=^http(s)?://www.(${DOMAIN?Variable not set})/(.*)
  #     # Redirect a domain with www to non-www
  #     # To disable it remove the next line
  #     - traefik.http.middlewares.${STACK_NAME?Variable not set}-www-redirect.redirectregex.replacement=http$${1}://${DOMAIN?Variable not set}/$${3}
  #     # Middleware to redirect www, to disable it remove the next line
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-https.middlewares=${STACK_NAME?Variable not set}-www-redirect
  #     # Middleware to redirect www, and redirect HTTP to HTTPS
  #     # to disable www redirection remove the section: ${STACK_NAME?Variable not set}-www-redirect,
  #     - traefik.http.routers.${STACK_NAME?Variable not set}-frontend-http.middlewares=https-redirect,${STACK_NAME?Variable not set}-www-redirect

volumes:
  app-db-data:

networks:
  traefik-public: # external: true