--- services: postgres-auto-upgrade: profiles: - postgres-upgrade # 🟢 This isolates the service image: alpine:3.19 container_name: postgres_auto_upgrade working_dir: /opt/phx volumes: - .:/opt/phx:rw - /var/run/docker.sock:/var/run/docker.sock entrypoint: > sh -c " apk add --no-cache bash coreutils grep sed findutils curl docker-cli dos2unix && mkdir -p ~/.docker/cli-plugins && curl -SL https://github.com/docker/compose/releases/download/v2.27.0/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose && chmod +x ~/.docker/cli-plugins/docker-compose && chmod +x ./postgres_upgrade.sh && ./postgres_upgrade.sh" restart: 'no' depends_on: [] network_mode: bridge postgres-auto-rollback: profiles: - postgres-rollback # 🟢 This isolates the service image: alpine:3.19 container_name: postgres_rollback working_dir: /opt/phx volumes: - .:/opt/phx:rw - /var/run/docker.sock:/var/run/docker.sock entrypoint: > sh -c " apk add --no-cache bash coreutils grep sed findutils curl docker-cli dos2unix && mkdir -p ~/.docker/cli-plugins && curl -SL https://github.com/docker/compose/releases/download/v2.27.0/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose && chmod +x ~/.docker/cli-plugins/docker-compose && chmod +x ./rollback_postgres_upgrade.sh && ./rollback_postgres_upgrade.sh" restart: 'no' depends_on: [] network_mode: bridge postgres: restart: always image: "postgres:15.1-alpine" container_name: phoenixDB # Hostname # logging: # driver: loki # options: # loki-url: "${LOKI_URL}" # loki-retries: "${LOKI_RETRIES}" # loki-batch-size: "${LOKI_BATCH_SIZE}" # loki-external-labels: "service=phx-postgres,env=prod" networks: - backend environment: DEBUG: true POSTGRES_DB: ${DB_NAME} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} volumes: - "./database:/var/lib/postgresql/data" # deploy: # restart_policy: # Define how the service should restart when it fails # condition: on-failure # Only restart if the container exits with a non-zero code # delay: 5s # Wait 5 seconds before attempting to restart # max_attempts: 5 # Maximum number of restart attempts before giving up # window: 120s # Time window to evaluate restart attempts (resets counter after this period) # resources: # Resource allocation and limits for the container # limits: # Maximum resources the container can use # cpus: "0.75" # Maximum CPU cores (75% of one core) # memory: 768M # Maximum memory usage (768 megabytes) # reservations: # Guaranteed minimum resources for the container # cpus: "0.25" # Reserved CPU cores (25% of one core) # memory: 256M # Reserved memory (256 megabytes) healthcheck: test: [ "CMD-SHELL", "pg_isready -U postgres" ] interval: 5s # Time between each health check timeout: 2s # Number of failures before marking as unhealthy retries: 5 # Grace period before health checks start pgadmin: restart: always image: dpage/pgadmin4:9.6.0 container_name: pgadmin4-ui ports: - "5050:80" user: "5050:5050" # logging: # driver: loki # options: # loki-url: "${LOKI_URL}" # loki-retries: "${LOKI_RETRIES}" # loki-batch-size: "${LOKI_BATCH_SIZE}" # loki-external-labels: "service=phx-pgadmin,env=prod" networks: - backend - frontend environment: PGADMIN_DEFAULT_EMAIL: "info@phx-erp.de" PGADMIN_DEFAULT_PASSWORD: "123" PGADMIN_CONFIG_SERVER_MODE: 'True' PGADMIN_CONFIG_PROXY_X_PROTO_COUNT: 1 PGADMIN_SERVER_JSON_FILE: '/var/lib/pgadmin/servers.json' PGADMIN_REPLACE_SERVERS_ON_STARTUP: 'True' PGADMIN_CONFIG_DATA_DIR: "'/var/lib/pgadmin'" PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED: 'False' PGPASSFILE: /var/lib/pgadmin/pgpass PGPASS_HOST: "phoenixDB" PGPASS_PORT: 5432 PGPASS_DB: "phoenix" PGPASS_USER: "postgres" PGPASS_PASSWORD: "" ALLOW_SAVE_PASSWORD: 'False' MFA_ENABLED: 'True' MFA_FORCE_REGISTRATION: 'False' MFA_SUPPORTED_METHODS: 'email' MFA_EMAIL_SUBJECT: 'Your MFA code by PHX-ERP' MAX_LOGIN_ATTEMPTS: 5 ENHANCED_COOKIE_PROTECTION: 'True' SHOW_GRAVATAR_IMAGE: 'True' SECURITY_EMAIL_SENDER: "'No Reply PHX '" MAIL_SERVER: "mail.phx-erp.de" MAIL_PORT: 465 MAIL_USE_SSL: 'False' MAIL_USE_TLS: 'False' MAIL_USERNAME: "internal@phx-erp.de" MAIL_PASSWORD: "8Kb2p4!o1" MAIL_DEBUG: 'False' volumes: - ./pgadmin/data:/var/lib/pgadmin - ./pgadmin/pgadmin-entrypoint.sh:/docker-entrypoint.sh:ro mem_limit: 512M memswap_limit: 512M deploy: restart_policy: # Define how the service should restart when it fails condition: on-failure # Only restart if the container exits with a non-zero code delay: 5s # Wait 5 seconds before attempting to restart max_attempts: 5 # Maximum number of restart attempts before giving up window: 120s # Time window to evaluate restart attempts (resets counter after this period) resources: # Resource allocation and limits for the container limits: # Maximum resources the container can use cpus: "1.0" # Maximum CPU cores (100% of one core) memory: 512M # Maximum memory usage (512 megabytes) reservations: # Guaranteed minimum resources for the container cpus: "0.15" # Reserved CPU cores (15% of one core) memory: 250M # Reserved memory (250 megabytes) entrypoint: ["/bin/sh", "/docker-entrypoint.sh"] depends_on: postgres: condition: service_healthy healthcheck: test: ["CMD", "wget", "-O", "-", "http://localhost:80/misc/ping"] interval: 15s timeout: 10s retries: 5 start_period: 120s phoenix-app: restart: always image: "phxerp/phoenix-app:alpha" container_name: phoenix-app ports: - "3000:3000" # Restrict to only allow access from Grafana Server IP # logging: # driver: loki # options: # loki-url: "${LOKI_URL}" # loki-retries: "${LOKI_RETRIES}" # loki-batch-size: "${LOKI_BATCH_SIZE}" # loki-external-labels: "service=phx-app,env=prod,project=phoenix" volumes: - ./app_custom:/usr/share/nginx/html/assets/custom # - ./nginx/nginx.conf:/etc/nginx/nginx.conf # Uncomment this if you want to use override the default nginx.conf # - ./nginx/includes:/etc/nginx/includes:ro # Uncomment this if you want to use override the default includes networks: - backend - frontend # deploy: # restart_policy: # Define how the service should restart when it fails # condition: on-failure # Only restart if the container exits with a non-zero code # delay: 5s # Wait 5 seconds before attempting to restart # max_attempts: 5 # Maximum number of restart attempts before giving up # window: 120s # Time window to evaluate restart attempts (resets counter after this period) # resources: # Resource allocation and limits for the container # limits: # Maximum resources the container can use # cpus: "0.35" # Maximum CPU cores (35% of one core) # memory: 384M # Maximum memory usage (384 megabytes) # reservations: # Guaranteed minimum resources for the container # cpus: "0.10" # Reserved CPU cores (10% of one core) # memory: 128M # Reserved memory (128 megabytes) healthcheck: test: ["CMD", "wget", "--spider", "-q", "http://phoenix-app/login"] # localhost checks that the NGINX server inside the container is serving something at the root interval: 10s # check every 10 seconds timeout: 5s # allow 5 seconds per check retries: 5 # mark as unhealthy after 5 failures start_period: 15s # wait 15 seconds after container start before checking phoenix-system: restart: always image: "phxerp/phoenix-system:alpha" # logging: # driver: loki # options: # loki-url: "${LOKI_URL}" # loki-retries: "${LOKI_RETRIES}" # loki-batch-size: "${LOKI_BATCH_SIZE}" # loki-external-labels: "service=phoenix-system,env=prod" environment: - "DB_HOST=${DB_HOST}" - "DB_NAME=${DB_NAME}" - "DB_PASSWORD=${POSTGRES_PASSWORD}" - "DB_USERNAME=${DB_USERNAME}" - "SUPER_ADMIN_USER_PASSWORD=${SUPER_ADMIN_USER_PASSWORD}" - "REDIS_PASSWORD=${REDIS_PASSWORD}" - NODE_ENV=${NODE_ENV} - PHX_HOST_NAME=${PHX_HOST_NAME} - PERFORMANCE_STRUCTURED_LOGGING=${PERFORMANCE_STRUCTURED_LOGGING} - PERFORMANCE_WARNING_THRESHOLD=${PERFORMANCE_WARNING_THRESHOLD} - PERFORMANCE_DETAILED_MEMORY=${PERFORMANCE_DETAILED_MEMORY} command: ["npm", "run", "start:server"] deploy: replicas: ${PHOENIX_SYSTEM_REPLICAS} #change here if u want to have more replicas. Cant find a way to set via variable right now # restart_policy: # Define how the service should restart when it fails # condition: on-failure # Only restart if the container exits with a non-zero code # delay: 5s # Wait 5 seconds before attempting to restart # max_attempts: 5 # Maximum number of restart attempts before giving up # window: 120s # Time window to evaluate restart attempts (resets counter after this period) # resources: # Resource allocation and limits for the container # limits: # Maximum resources the container can use # cpus: "1.50" # Maximum CPU cores (150% of one core) # memory: 1600M # Maximum memory usage (1600 megabytes) # reservations: # Guaranteed minimum resources for the container # cpus: "0.50" # Reserved CPU cores (50% of one core) # memory: 768M # Reserved memory (768 megabytes) networks: backend: aliases: - phoenix-system depends_on: postgres: condition: service_healthy phoenix-redis: condition: service_healthy healthcheck: test: ["CMD-SHELL", "curl -s http://phoenix-system:3000/health | grep -q '\"admin-api\":{\"status\":\"up\"}' && curl -s http://phoenix-system:3000/health | grep -q '\"database\":{\"status\":\"up\"}'"] # Checks both admin-api and database status interval: 10s # Time between each health check timeout: 10s # Max time to wait for each check retries: 20 # Number of failures before marking as unhealthy start_period: 60s # Grace period before health checks start volumes: - "./assets:/usr/src/app/packages/dev-server/assets" - "./server_custom:/usr/src/app/packages/dev-server/custom" # - "./logs:/usr/src/app/packages/dev-server/logs" phoenix-worker: restart: always image: "phxerp/phoenix-system:alpha" container_name: "phoenix-worker" ports: - "3001:3001" # Restrict to only allow access from Grafana Server IP # logging: # driver: loki # options: # loki-url: "${LOKI_URL}" # loki-retries: "${LOKI_RETRIES}" # loki-batch-size: "${LOKI_BATCH_SIZE}" # loki-external-labels: "service=phx-worker,env=prod" networks: - backend environment: - "DB_HOST=${DB_HOST}" - "DB_NAME=${DB_NAME}" - "DB_PASSWORD=${POSTGRES_PASSWORD}" - "DB_USERNAME=${DB_USERNAME}" - "SUPER_ADMIN_USER_PASSWORD=${SUPER_ADMIN_USER_PASSWORD}" - REDIS_PASSWORD=${REDIS_PASSWORD} - NODE_ENV=${NODE_ENV} - PHX_HOST_NAME=${PHX_HOST_NAME} - PERFORMANCE_STRUCTURED_LOGGING=${PERFORMANCE_STRUCTURED_LOGGING} - PERFORMANCE_WARNING_THRESHOLD=${PERFORMANCE_WARNING_THRESHOLD} - PERFORMANCE_DETAILED_MEMORY=${PERFORMANCE_DETAILED_MEMORY} command: ['npm', 'run', 'start:worker'] # deploy: # restart_policy: # Define how the service should restart when it fails # condition: on-failure # Only restart if the container exits with a non-zero code # delay: 5s # Wait 5 seconds before attempting to restart # max_attempts: 5 # Maximum number of restart attempts before giving up # window: 120s # Time window to evaluate restart attempts (resets counter after this period) # resources: # Resource allocation and limits for the container # limits: # Maximum resources the container can use # cpus: '2.0' # Maximum CPU cores (200% of one core) # memory: 2G # Maximum memory usage (2 gigabytes) # reservations: # Guaranteed minimum resources for the container # cpus: '0.5' # Reserved CPU cores (50% of one core) # memory: 512M # Reserved memory (512 megabytes) depends_on: phoenix-system: condition: service_healthy postgres: condition: service_healthy healthcheck: test: [ "CMD-SHELL", "curl -s http://phoenix-worker:3001/health | grep -q '\"status\":\"ok\"'" ] # Check if worker responds with status ok interval: 10s # Time between each health check timeout: 6s # Max time to wait for each check retries: 20 # Grace period before health checks start start_period: 30s # Grace period before health checks start volumes: - "./assets:/usr/src/app/packages/dev-server/assets" - "./server_custom:/usr/src/app/packages/dev-server/custom" # - "./logs:/usr/src/app/packages/dev-server/logs" phoenix-redis: image: 'bitnami/redis:latest' container_name: redis command: /opt/bitnami/scripts/redis/run.sh # Not good, but as agreed. At some point i can start using this: --maxmemory + add eviction policy user: root # logging: # driver: loki # options: # loki-url: "${LOKI_URL}" # loki-retries: "${LOKI_RETRIES}" # loki-batch-size: "${LOKI_BATCH_SIZE}" # loki-external-labels: "service=phx-redis,env=prod" networks: - backend restart: always environment: ALLOW_EMPTY_PASSWORD: "no" REDIS_PASSWORD: ${REDIS_PASSWORD} # deploy: # restart_policy: # Define how the service should restart when it fails # condition: on-failure # Only restart if the container exits with a non-zero code # delay: 5s # Wait 5 seconds before attempting to restart # max_attempts: 5 # Maximum number of restart attempts before giving up # window: 120s # Time window to evaluate restart attempts (resets counter after this period) # resources: # Resource allocation and limits for the container # limits: # Maximum resources the container can use # cpus: "0.25" # Maximum CPU cores (25% of one core) # memory: 100M # Maximum memory usage (100 megabytes) # reservations: # Guaranteed minimum resources for the container # cpus: "0.05" # Reserved CPU cores (5% of one core) # memory: 32M # Reserved memory (32 megabytes) healthcheck: test: [ "CMD-SHELL", "redis-cli --no-auth-warning -a ${REDIS_PASSWORD} ping | grep PONG && test -w /bitnami/redis/data" ] interval: 5s retries: 10 timeout: 5s depends_on: postgres: condition: service_healthy volumes: - "./redis/data:/bitnami/redis/data" phoenix-health-exporter: image: phxerp/phoenix-health-exporter:alpha container_name: health_exporter restart: unless-stopped # logging: # driver: loki # options: # loki-url: "${LOKI_URL}" # loki-retries: "${LOKI_RETRIES}" # loki-batch-size: "${LOKI_BATCH_SIZE}" # loki-external-labels: "service=phx-health-exporter,env=prod" ports: - "9800:9800" environment: DB_HOST: ${DB_HOST} DB_NAME: ${DB_NAME} DB_PASSWORD: ${POSTGRES_PASSWORD} DB_USERNAME: ${DB_USERNAME} REDIS_PASSWORD: ${REDIS_PASSWORD} networks: - frontend - backend volumes: - /etc/hostname:/etc/host_hostname:ro # This ensures the container always uses the real machine hostname, even if restarted or recreated. security_opt: - no-new-privileges:true memswap_limit: 512M deploy: restart_policy: # Define how the service should restart when it fails condition: on-failure # Only restart if the container exits with a non-zero code delay: 5s # Wait 5 seconds before attempting to restart max_attempts: 5 # Maximum number of restart attempts before giving up window: 120s # Time window to evaluate restart attempts (resets counter after this period) resources: # Resource allocation and limits for the container limits: # Maximum resources the container can use cpus: "0.5" # Maximum CPU cores (50% of one core) memory: 256M # Maximum memory usage (256 megabytes) reservations: # Guaranteed minimum resources for the container cpus: "0.1" # Reserved CPU cores (10% of one core) memory: 64M # Reserved memory (64 megabytes) depends_on: phoenix-system: condition: service_healthy phoenix-worker: condition: service_healthy postgres: condition: service_healthy healthcheck: test: ["CMD-SHELL", "curl -sf http://localhost:9800/healthz || exit 1"] interval: 1m timeout: 5s retries: 3 start_period: 15s node-exporter: image: quay.io/prometheus/node-exporter:latest container_name: node_exporter # logging: # driver: loki # options: # loki-url: "${LOKI_URL}" # loki-retries: "${LOKI_RETRIES}" # loki-batch-size: "${LOKI_BATCH_SIZE}" # loki-external-labels: "service=phx-node-exporter,env=prod" networks: - metrics - frontend restart: unless-stopped ports: - "9100:9100" # Restrict to only allow access from Grafana Server IP command: - "--path.procfs=/host/proc" - "--path.sysfs=/host/sys" - "--path.rootfs=/host" - "--collector.filesystem.ignored-mount-points=^/(sys|proc|dev)($$|/)" volumes: - "/proc:/host/proc:ro" - "/sys:/host/sys:ro" - "/:/host:ro,rslave" security_opt: - no-new-privileges:true memswap_limit: 512M deploy: restart_policy: # Define how the service should restart when it fails condition: on-failure # Only restart if the container exits with a non-zero code delay: 5s # Wait 5 seconds before attempting to restart max_attempts: 5 # Maximum number of restart attempts before giving up window: 120s # Time window to evaluate restart attempts (resets counter after this period) resources: # Resource allocation and limits for the container limits: # Maximum resources the container can use cpus: "0.25" # Maximum CPU cores (25% of one core) memory: 128M # Maximum memory usage (128 megabytes) reservations: # Guaranteed minimum resources for the container cpus: "0.05" # Reserved CPU cores (5% of one core) memory: 32M # Reserved memory (32 megabytes) depends_on: phoenix-worker: # This is to avoid alocation of resources to the node-exporter if the phoenix-worker is not healthy yet. condition: service_healthy healthcheck: test: ["CMD", "wget", "-qO-", "http://localhost:9100/metrics"] interval: 15s timeout: 5s retries: 3 start_period: 20s # nginx-exporter: # image: nginx/nginx-prometheus-exporter:1.4.2 # container_name: nginx_exporter # restart: unless-stopped # # logging: # # driver: loki # # options: # # loki-url: "${LOKI_URL}" # # loki-retries: "${LOKI_RETRIES}" # # loki-batch-size: "${LOKI_BATCH_SIZE}" # # loki-external-labels: "service=phx-nginx-exporter,env=prod" # ports: # - "9113:9113" # Restrict to only allow access from Grafana Server IP # command: # - '--nginx.scrape-uri=http://phoenix-app/stub_status' # security_opt: # - no-new-privileges:true # deploy: # resources: # limits: # cpus: '0.25' # memory: 128M # depends_on: # phoenix-app: # condition: service_healthy # networks: # - frontend # - metrics # healthcheck: # test: ["CMD", "wget", "-qO-", "http://localhost:9113/metrics"] # Not working as expected # interval: 15s # timeout: 5s # retries: 3 # start_period: 10s networks: backend: driver: bridge external: false ipam: config: - subnet: 172.19.0.0/16 frontend: driver: bridge external: false ipam: config: - subnet: 172.20.0.0/16 metrics: driver: bridge external: false ipam: config: - subnet: 172.22.0.0/16