From 6d47153a4260256da1fa3ea424ff00587a4bdf83 Mon Sep 17 00:00:00 2001 From: gamer147 Date: Mon, 29 Dec 2025 22:23:29 -0500 Subject: [PATCH] [FA-misc] Update docker-compose.yml --- docker-compose.yml | 157 ++++++++++++++++++--------------------------- 1 file changed, 61 insertions(+), 96 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 8a2a923..9dcf61f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,25 +4,31 @@ services: # =========================================== postgres: image: postgres:16-alpine + networks: + - fictionarchive environment: POSTGRES_USER: ${POSTGRES_USER:-postgres} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres} volumes: - - postgres_data:/var/lib/postgresql/data + - /srv/docker_volumes/fictionarchive/postgres:/var/lib/postgresql/data healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres"] interval: 5s timeout: 5s retries: 5 restart: unless-stopped + ports: + - 4321:5432 rabbitmq: image: rabbitmq:3-management-alpine + networks: + - fictionarchive environment: RABBITMQ_DEFAULT_USER: ${RABBITMQ_USER:-guest} RABBITMQ_DEFAULT_PASS: ${RABBITMQ_PASSWORD:-guest} volumes: - - rabbitmq_data:/var/lib/rabbitmq + - /srv/docker_volumes/fictionarchive/rabbitmq:/var/lib/rabbitmq healthcheck: test: ["CMD", "rabbitmq-diagnostics", "check_running"] interval: 10s @@ -30,6 +36,20 @@ services: retries: 5 restart: unless-stopped + vpn: + image: dperson/openvpn-client # or gluetun, wireguard, etc. + networks: + fictionarchive: + aliases: + - novel-service + cap_add: + - NET_ADMIN + devices: + - /dev/net/tun + volumes: + - /srv/docker_volumes/korean_vpn:/vpn + restart: unless-stopped + # =========================================== # Backend Services # =========================================== @@ -37,50 +57,27 @@ services: image: git.orfl.xyz/conco/fictionarchive-novel-service:latest environment: ConnectionStrings__DefaultConnection: Host=postgres;Database=FictionArchive_NovelService;Username=${POSTGRES_USER:-postgres};Password=${POSTGRES_PASSWORD:-postgres} - ConnectionStrings__RabbitMQ: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq + RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq Novelpia__Username: ${NOVELPIA_USERNAME} Novelpia__Password: ${NOVELPIA_PASSWORD} - NovelUpdateService__PendingImageUrl: https://files.fictionarchive.orfl.xyz/api/pendingupload.png - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/healthz"] - interval: 30s - timeout: 10s - retries: 3 - depends_on: - postgres: - condition: service_healthy - rabbitmq: - condition: service_healthy - restart: unless-stopped - - translation-service: - image: git.orfl.xyz/conco/fictionarchive-translation-service:latest - environment: - ConnectionStrings__DefaultConnection: Host=postgres;Database=FictionArchive_TranslationService;Username=${POSTGRES_USER:-postgres};Password=${POSTGRES_PASSWORD:-postgres} - ConnectionStrings__RabbitMQ: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq - DeepL__ApiKey: ${DEEPL_API_KEY} - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/healthz"] - interval: 30s - timeout: 10s - retries: 3 + UpdateService__PendingImageUrl: https://files.fictionarchive.orfl.xyz/api/pendingupload.png depends_on: postgres: condition: service_healthy rabbitmq: condition: service_healthy + vpn: + condition: service_started + network_mode: "service:vpn" restart: unless-stopped scheduler-service: image: git.orfl.xyz/conco/fictionarchive-scheduler-service:latest + networks: + - fictionarchive environment: ConnectionStrings__DefaultConnection: Host=postgres;Database=FictionArchive_SchedulerService;Username=${POSTGRES_USER:-postgres};Password=${POSTGRES_PASSWORD:-postgres} - ConnectionStrings__RabbitMQ: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/healthz"] - interval: 30s - timeout: 10s - retries: 3 + RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq depends_on: postgres: condition: service_healthy @@ -90,14 +87,14 @@ services: user-service: image: git.orfl.xyz/conco/fictionarchive-user-service:latest + networks: + - fictionarchive environment: ConnectionStrings__DefaultConnection: Host=postgres;Database=FictionArchive_UserService;Username=${POSTGRES_USER:-postgres};Password=${POSTGRES_PASSWORD:-postgres} - ConnectionStrings__RabbitMQ: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/healthz"] - interval: 30s - timeout: 10s - retries: 3 + RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq + Authentik__BaseUrl: https://auth.orfl.xyz + Authentik__ApiToken: ${AUTHENTIK_API_TOKEN} + Authentik__EmailStageId: 10df0c18-8802-4ec7-852e-3cdd355514d3 depends_on: postgres: condition: service_healthy @@ -105,42 +102,21 @@ services: condition: service_healthy restart: unless-stopped - authentication-service: - image: git.orfl.xyz/conco/fictionarchive-authentication-service:latest - environment: - ConnectionStrings__RabbitMQ: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/healthz"] - interval: 30s - timeout: 10s - retries: 3 - depends_on: - rabbitmq: - condition: service_healthy - restart: unless-stopped - file-service: image: git.orfl.xyz/conco/fictionarchive-file-service:latest + networks: + - web + - fictionarchive environment: - ConnectionStrings__RabbitMQ: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq - S3__Endpoint: ${S3_ENDPOINT:-https://s3.orfl.xyz} - S3__Bucket: ${S3_BUCKET:-fictionarchive} + RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq S3__AccessKey: ${S3_ACCESS_KEY} S3__SecretKey: ${S3_SECRET_KEY} - Proxy__BaseUrl: https://files.orfl.xyz/api - OIDC__Authority: https://auth.orfl.xyz/application/o/fictionarchive/ - OIDC__ClientId: fictionarchive-files - OIDC__Audience: fictionarchive-api - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/healthz"] - interval: 30s - timeout: 10s - retries: 3 + ProxyConfiguration__BaseUrl: https://files.fictionarchive.orfl.xyz/api labels: - "traefik.enable=true" - - "traefik.http.routers.file-service.rule=Host(`files.orfl.xyz`)" - - "traefik.http.routers.file-service.entrypoints=websecure" - - "traefik.http.routers.file-service.tls.certresolver=letsencrypt" + - "traefik.http.routers.file-service.rule=Host(`files.fictionarchive.orfl.xyz`)" + - "traefik.http.routers.file-service.tls=true" + - "traefik.http.routers.file-service.tls.certresolver=lets-encrypt" - "traefik.http.services.file-service.loadbalancer.server.port=8080" depends_on: rabbitmq: @@ -152,30 +128,22 @@ services: # =========================================== api-gateway: image: git.orfl.xyz/conco/fictionarchive-api:latest + networks: + - web + - fictionarchive environment: - ConnectionStrings__RabbitMQ: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq - OIDC__Authority: https://auth.orfl.xyz/application/o/fictionarchive/ - OIDC__ClientId: fictionarchive-api - OIDC__Audience: fictionarchive-api Cors__AllowedOrigin: https://fictionarchive.orfl.xyz - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/healthz"] - interval: 30s - timeout: 10s - retries: 3 labels: - "traefik.enable=true" - "traefik.http.routers.api-gateway.rule=Host(`api.fictionarchive.orfl.xyz`)" - - "traefik.http.routers.api-gateway.entrypoints=websecure" - - "traefik.http.routers.api-gateway.tls.certresolver=letsencrypt" + - "traefik.http.routers.api-gateway.tls=true" + - "traefik.http.routers.api-gateway.tls.certresolver=lets-encrypt" - "traefik.http.services.api-gateway.loadbalancer.server.port=8080" depends_on: - novel-service - - translation-service - scheduler-service - - user-service - - authentication-service - file-service + - user-service restart: unless-stopped # =========================================== @@ -183,20 +151,17 @@ services: # =========================================== frontend: image: git.orfl.xyz/conco/fictionarchive-frontend:latest - healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost/"] - interval: 30s - timeout: 10s - retries: 3 + networks: + - web labels: - - "traefik.enable=true" - - "traefik.http.routers.frontend.rule=Host(`fictionarchive.orfl.xyz`)" - - "traefik.http.routers.frontend.entrypoints=websecure" - - "traefik.http.routers.frontend.tls.certresolver=letsencrypt" - - "traefik.http.services.frontend.loadbalancer.server.port=80" + - traefik.http.routers.fafrontend.rule=Host(`fictionarchive.orfl.xyz`) + - traefik.http.routers.fafrontend.tls=true + - traefik.http.routers.fafrontend.tls.certresolver=lets-encrypt + - traefik.http.services.fafrontend.loadbalancer.server.port=80 + - traefik.enable=true restart: unless-stopped -volumes: - postgres_data: - rabbitmq_data: - letsencrypt: +networks: + web: + external: yes + fictionarchive: -- 2.49.1