207 lines
6.8 KiB
YAML
207 lines
6.8 KiB
YAML
services:
|
|
# ===========================================
|
|
# Infrastructure
|
|
# ===========================================
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
networks:
|
|
fictionarchive:
|
|
ipv4_address: 172.20.0.10
|
|
environment:
|
|
POSTGRES_USER: ${POSTGRES_USER:-postgres}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
|
|
volumes:
|
|
- /srv/docker_volumes/fictionarchive/postgres:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U postgres"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
restart: unless-stopped
|
|
ports:
|
|
- 4321:5432
|
|
|
|
rabbitmq:
|
|
image: rabbitmq:3-management-alpine
|
|
networks:
|
|
fictionarchive:
|
|
ipv4_address: 172.20.0.11
|
|
environment:
|
|
RABBITMQ_DEFAULT_USER: ${RABBITMQ_USER:-guest}
|
|
RABBITMQ_DEFAULT_PASS: ${RABBITMQ_PASSWORD:-guest}
|
|
RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS: -rabbit max_message_size 536870912
|
|
volumes:
|
|
- /srv/docker_volumes/fictionarchive/rabbitmq:/var/lib/rabbitmq
|
|
healthcheck:
|
|
test: ["CMD", "rabbitmq-diagnostics", "check_running"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
restart: unless-stopped
|
|
|
|
# ===========================================
|
|
# VPN Container
|
|
# ===========================================
|
|
vpn:
|
|
image: dperson/openvpn-client
|
|
networks:
|
|
fictionarchive:
|
|
ipv4_address: 172.20.0.20
|
|
aliases:
|
|
- novel-service
|
|
cap_add:
|
|
- NET_ADMIN
|
|
devices:
|
|
- /dev/net/tun
|
|
volumes:
|
|
- /srv/docker_volumes/korean_vpn:/vpn
|
|
dns:
|
|
- 192.168.3.1
|
|
environment:
|
|
- DNS=1.1.1.1,8.8.8.8
|
|
extra_hosts:
|
|
- "postgres:172.20.0.10"
|
|
- "rabbitmq:172.20.0.11"
|
|
healthcheck:
|
|
test: ["CMD", "ping", "-c", "1", "-W", "5", "1.1.1.1"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 30s
|
|
restart: unless-stopped
|
|
|
|
# ===========================================
|
|
# Backend Services
|
|
# ===========================================
|
|
novel-service:
|
|
image: git.orfl.xyz/conco/fictionarchive-novel-service:latest
|
|
environment:
|
|
ConnectionStrings__DefaultConnection: Host=postgres;Database=FictionArchive_NovelService;Username=${POSTGRES_USER:-postgres};Password=${POSTGRES_PASSWORD:-postgres}
|
|
RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq
|
|
Novelpia__Username: ${NOVELPIA_USERNAME}
|
|
Novelpia__Password: ${NOVELPIA_PASSWORD}
|
|
UpdateService__PendingImageUrl: https://files.fictionarchive.orfl.xyz/api/pendingupload.png
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
rabbitmq:
|
|
condition: service_healthy
|
|
vpn:
|
|
condition: service_healthy
|
|
network_mode: "service:vpn"
|
|
restart: unless-stopped
|
|
|
|
scheduler-service:
|
|
image: git.orfl.xyz/conco/fictionarchive-scheduler-service:latest
|
|
networks:
|
|
- fictionarchive
|
|
environment:
|
|
ConnectionStrings__DefaultConnection: Host=postgres;Database=FictionArchive_SchedulerService;Username=${POSTGRES_USER:-postgres};Password=${POSTGRES_PASSWORD:-postgres}
|
|
RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
rabbitmq:
|
|
condition: service_healthy
|
|
restart: unless-stopped
|
|
|
|
user-service:
|
|
image: git.orfl.xyz/conco/fictionarchive-user-service:latest
|
|
networks:
|
|
- fictionarchive
|
|
environment:
|
|
ConnectionStrings__DefaultConnection: Host=postgres;Database=FictionArchive_UserService;Username=${POSTGRES_USER:-postgres};Password=${POSTGRES_PASSWORD:-postgres}
|
|
RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq
|
|
Authentik__BaseUrl: https://auth.orfl.xyz
|
|
Authentik__ApiToken: ${AUTHENTIK_API_TOKEN}
|
|
Authentik__EmailStageId: 10df0c18-8802-4ec7-852e-3cdd355514d3
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
rabbitmq:
|
|
condition: service_healthy
|
|
restart: unless-stopped
|
|
|
|
usernoveldata-service:
|
|
image: git.orfl.xyz/conco/fictionarchive-usernoveldata-service:latest
|
|
networks:
|
|
- fictionarchive
|
|
environment:
|
|
ConnectionStrings__DefaultConnection: Host=postgres;Database=FictionArchive_UserNovelDataService;Username=${POSTGRES_USER:-postgres};Password=${POSTGRES_PASSWORD:-postgres}
|
|
RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
rabbitmq:
|
|
condition: service_healthy
|
|
restart: unless-stopped
|
|
|
|
file-service:
|
|
image: git.orfl.xyz/conco/fictionarchive-file-service:latest
|
|
networks:
|
|
- web
|
|
- fictionarchive
|
|
environment:
|
|
RabbitMQ__ConnectionString: amqp://${RABBITMQ_USER:-guest}:${RABBITMQ_PASSWORD:-guest}@rabbitmq
|
|
S3__AccessKey: ${S3_ACCESS_KEY}
|
|
S3__SecretKey: ${S3_SECRET_KEY}
|
|
ProxyConfiguration__BaseUrl: https://files.fictionarchive.orfl.xyz/api
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.file-service.rule=Host(`files.fictionarchive.orfl.xyz`)"
|
|
- "traefik.http.routers.file-service.tls=true"
|
|
- "traefik.http.routers.file-service.tls.certresolver=lets-encrypt"
|
|
- "traefik.http.services.file-service.loadbalancer.server.port=8080"
|
|
depends_on:
|
|
rabbitmq:
|
|
condition: service_healthy
|
|
restart: unless-stopped
|
|
|
|
# ===========================================
|
|
# API Gateway
|
|
# ===========================================
|
|
api-gateway:
|
|
image: git.orfl.xyz/conco/fictionarchive-api:latest
|
|
networks:
|
|
- web
|
|
- fictionarchive
|
|
environment:
|
|
Cors__AllowedOrigin: https://fictionarchive.orfl.xyz
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.api-gateway.rule=Host(`api.fictionarchive.orfl.xyz`)"
|
|
- "traefik.http.routers.api-gateway.tls=true"
|
|
- "traefik.http.routers.api-gateway.tls.certresolver=lets-encrypt"
|
|
- "traefik.http.services.api-gateway.loadbalancer.server.port=8080"
|
|
depends_on:
|
|
- novel-service
|
|
- scheduler-service
|
|
- file-service
|
|
- user-service
|
|
- usernoveldata-service
|
|
restart: unless-stopped
|
|
|
|
# ===========================================
|
|
# Frontend
|
|
# ===========================================
|
|
frontend:
|
|
image: git.orfl.xyz/conco/fictionarchive-frontend:latest
|
|
networks:
|
|
- web
|
|
labels:
|
|
- traefik.http.routers.fafrontend.rule=Host(`fictionarchive.orfl.xyz`)
|
|
- traefik.http.routers.fafrontend.tls=true
|
|
- traefik.http.routers.fafrontend.tls.certresolver=lets-encrypt
|
|
- traefik.http.services.fafrontend.loadbalancer.server.port=80
|
|
- traefik.enable=true
|
|
restart: unless-stopped
|
|
|
|
networks:
|
|
web:
|
|
external: yes
|
|
fictionarchive:
|
|
ipam:
|
|
driver: default
|
|
config:
|
|
- subnet: 172.20.0.0/24
|