gerald/deploy/docker-compose.yaml

x-custom: &envs
  SERVING_PORT: 8080
  MIGRATION_MODE: "on"
  LOGGING_LEVEL: debug
  POSTGRES_DSN: "host=pg port=5432 dbname=gerald user=gerald password=wR7gP2kD9qLxVzT3mBc sslmode=disable"

x-custom-pg: &envs-pg
  POSTGRES_USER: "gerald"
  POSTGRES_PASSWORD: "wR7gP2kD9qLxVzT3mBc"
  POSTGRES_DB: "gerald"

services:
  traefik:
    image: traefik
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    ports:
      - 80:80
      - 443:443
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./traefik.yml:/traefik.yml
      - ./custom/:/custom/
      - traefik-ssl-sert:/ssl-certs
      - /var/log:/var/log/
    networks:
      - front
      - back
    labels:
      - traefik.enable=true
      - traefik.http.routers.traefik.entrypoints=websecure
      - traefik.http.routers.traefik.rule=Host(`gerald-tr.octagon-lab.com`)
      - traefik.http.routers.traefik.tls=true
      - traefik.http.routers.traefik.tls.certresolver=letsEncrypt
      - traefik.http.routers.traefik.service=api@internal
      - traefik.http.services.traefik.loadbalancer.server.port=8080
      - traefik.http.middlewares.tr-auth.basicauth.users=admin:$$apr1$$.gRkGUr0$$wu//p7fgWjDM1rlyQOGbW1,user:$$apr1$$J1cX/7u6$$tyPWYdAVYqACdWJy29FMn1
      - traefik.http.routers.traefik.middlewares=tr-auth

  gerald:
    hostname: gerald
    restart: unless-stopped
    image: registry.spasskiy.site/gerald:latest
    environment:
      APP_NAME: "gerald"
      <<: *envs
    networks:
      - back
    labels:
      - traefik.enable=true
      - traefik.http.routers.gerald.service=gerald
      - traefik.http.routers.gerald.entrypoints=websecure
      - traefik.http.routers.gerald.tls=true
      - traefik.http.routers.gerald.tls.certresolver=letsEncrypt
      - traefik.http.routers.gerald.rule=Host(`gerald-srv.octagon-lab.com`)
      - traefik.http.services.gerald.loadbalancer.server.port=8080
      - traefik.http.middlewares.gerald-ratelimit.ratelimit.average=5
      - traefik.http.middlewares.gerald-ratelimit.ratelimit.burst=10
      - traefik.http.middlewares.gerald-ratelimit.ratelimit.period=1s
      - traefik.http.routers.gerald.middlewares=cors@file, gerald-ratelimit

  pg:
    image: postgres
    restart: unless-stopped
    environment:
      <<: *envs-pg
      PGDATA: /var/lib/postgresql/data/pgdata
    networks:
      - back
      - front
    ports:
      - 5432:5432
    volumes:
      - pgdata:/var/lib/postgresql/data

volumes:
  pgdata:
    driver: local
  traefik-ssl-sert:
    driver: local

networks:
  front:
  back: